diff --git a/files.csv b/files.csv index 9a3a5b47a..eac264f8c 100755 --- a/files.csv +++ b/files.csv @@ -436,7 +436,7 @@ id,file,description,date,author,platform,type,port 565,platforms/php/webapps/565.txt,"Silent Storm Portal - Multiple Vulnerabilities",2004-09-30,"CHT Security Research",php,webapps,0 566,platforms/windows/remote/566.pl,"IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow Exploit",2004-10-04,LoWNOISE,windows,remote,80 568,platforms/windows/remote/568.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit",2004-10-06,Delikon,windows,remote,8000 -570,platforms/php/webapps/570.txt,"WordPress Blog - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 +570,platforms/php/webapps/570.txt,"WordPress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 571,platforms/windows/dos/571.c,"Monolith Games Local Buffer Overflow Exploit",2004-10-10,"Luigi Auriemma",windows,dos,0 572,platforms/windows/remote/572.pl,"Eudora 6.2.0.7 Attachment Spoofer Exploit",2004-10-11,"Paul Szabo",windows,remote,0 573,platforms/windows/remote/573.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 @@ -2723,7 +2723,7 @@ id,file,description,date,author,platform,type,port 3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) - Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3051,platforms/php/webapps/3051.txt,"WordPress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3052,platforms/windows/dos/3052.c,"Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 @@ -4043,7 +4043,7 @@ id,file,description,date,author,platform,type,port 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0 -4397,platforms/php/webapps/4397.rb,"WordPress Core 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 +4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0Day)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) SQL Injection",2007-09-13,Houssamix,php,webapps,0 @@ -5016,7 +5016,7 @@ id,file,description,date,author,platform,type,port 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion (sauvBase.php) Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion (modif_config.php) Remote File Upload",2008-04-06,JIKO,php,webapps,0 5382,platforms/php/webapps/5382.txt,"Blog PixelMotion (index.php categorie) SQL Injection",2008-04-06,parad0x,php,webapps,0 -5383,platforms/php/webapps/5383.txt,"Site Sift Listings (id) SQL Injection",2008-04-06,S@BUN,php,webapps,0 +5383,platforms/php/webapps/5383.txt,"Site Sift Listings - 'id' SQL Injection",2008-04-06,S@BUN,php,webapps,0 5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 1.2 - Arbitrary Delete Stats",2008-04-06,t0pP8uZz,php,webapps,0 5385,platforms/php/webapps/5385.txt,"Prozilla Forum Service (forum.php forum) SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow Exploit",2008-04-06,"INetCop Security",linux,remote,80 @@ -8591,7 +8591,7 @@ id,file,description,date,author,platform,type,port 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection/RCE Exploit",2009-07-10,darkjoker,php,webapps,0 -9110,platforms/php/webapps/9110.txt,"WordPress - Privileges Unchecked in admin.php and Multiple Information",2009-07-10,"Core Security",php,webapps,0 +9110,platforms/php/webapps/9110.txt,"WordPress Core & Plugins - Privileges Unchecked in admin.php and Multiple Information",2009-07-10,"Core Security",php,webapps,0 9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injection",2009-07-10,Moudi,php,webapps,0 9112,platforms/php/webapps/9112.txt,"Joomla Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9113,platforms/windows/dos/9113.txt,"OtsAv DJ/TV/Radio Multiple Local Heap Overflow PoCs",2009-07-10,Stack,windows,dos,0 @@ -9372,7 +9372,7 @@ id,file,description,date,author,platform,type,port 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 Pre-Auth DoS",2009-09-30,"Francis Provencher",windows,dos,21 10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 -10001,platforms/multiple/remote/10001.txt,"CUPS 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 +10001,platforms/multiple/remote/10001.txt,"CUPS - 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews Multiple Security Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0 10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL Injection",2009-10-09,"Andrea Fabrizi",php,webapps,0 10004,platforms/multiple/dos/10004.txt,"Dopewars 1.5.12 Server Denial of Service",2009-10-06,"Doug Prostko",multiple,dos,7902 @@ -9526,7 +9526,7 @@ id,file,description,date,author,platform,type,port 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist (.m3u) BOF",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 Plugin",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 Shell Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 @@ -9779,7 +9779,7 @@ id,file,description,date,author,platform,type,port 10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10531,platforms/php/webapps/10531.txt,"jCore CMS Cross-Site Scripting",2009-12-17,loneferret,php,webapps,0 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 -10533,platforms/php/webapps/10533.txt,"VirtueMart 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 +10533,platforms/php/webapps/10533.txt,"VirtueMart - 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 10534,platforms/php/webapps/10534.txt,"Rumba XML suffers from a Cross-Site scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 10535,platforms/php/webapps/10535.txt,"WordPress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 @@ -12574,7 +12574,7 @@ id,file,description,date,author,platform,type,port 14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 -14308,platforms/php/webapps/14308.txt,"WordPress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 +14308,platforms/php/webapps/14308.txt,"WordPress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 @@ -12753,7 +12753,7 @@ id,file,description,date,author,platform,type,port 14536,platforms/hardware/remote/14536.txt,"Unauthorized Access to Root NFS Export on EMC Celerra NAS Appliance",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL 'ALTER DATABASE' Remote Denial of Service",2010-08-03,"Shane Bester",multiple,dos,0 14558,platforms/php/webapps/14558.txt,"sX-Shop Multiple SQL Injection",2010-08-05,CoBRa_21,php,webapps,0 -14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 +14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 - (.m3u & .pls & .smi & .wpl & .wax & .wvx & .ram)",2010-08-04,"Oh Yaw Theng",windows,local,0 14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format DoS",2010-08-03,antrhacks,windows,dos,0 14566,platforms/windows/local/14566.c,"Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow",2010-08-06,Arkon,windows,local,0 @@ -13090,7 +13090,7 @@ id,file,description,date,author,platform,type,port 15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH Exploit",2010-09-15,"sanjeev gupta",windows,local,0 15014,platforms/php/webapps/15014.txt,"pixelpost 1.7.3 - Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 15016,platforms/windows/remote/15016.rb,"Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)",2010-09-15,Node,windows,remote,0 -36828,platforms/java/webapps/36828.txt,"JaWiki 'versionNo' Parameter Cross-Site Scripting",2012-02-17,sonyy,java,webapps,0 +36828,platforms/java/webapps/36828.txt,"JaWiki - 'versionNo' Parameter Cross-Site Scripting",2012-02-17,sonyy,java,webapps,0 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 - (.mp3 / .wma) Denial of Service",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 15018,platforms/asp/webapps/15018.txt,"mojoportal - Multiple Vulnerabilities",2010-09-16,Abysssec,asp,webapps,0 15019,platforms/windows/dos/15019.txt,"Microsoft Excel - HFPicture Record Parsing Remote Code Execution",2010-09-16,Abysssec,windows,dos,0 @@ -14003,7 +14003,7 @@ id,file,description,date,author,platform,type,port 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - (.csv) Denial of Service",2011-02-17,b0telh0,windows,dos,0 -16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 +16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash PoC",2011-02-19,KedAns-Dz,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 - Denial of Service Exploit",2011-02-22,x000,windows,dos,0 @@ -15962,7 +15962,7 @@ id,file,description,date,author,platform,type,port 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"WordPress Core 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 @@ -16426,7 +16426,7 @@ id,file,description,date,author,platform,type,port 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 -19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19029,platforms/php/webapps/19029.py,"phpAcounts 0.5.3 - SQL Injection",2012-06-08,loneferret,php,webapps,0 @@ -16456,15 +16456,15 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX 6.4 pfdisplay.cgi",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd Crash",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 Plugin- Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 @@ -16683,7 +16683,7 @@ id,file,description,date,author,platform,type,port 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 -19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 +19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 @@ -16847,7 +16847,7 @@ id,file,description,date,author,platform,type,port 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux 6.0 amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux 6.0 amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 19480,platforms/multiple/local/19480.c,"ISC INN 2.2_RedHat Linux 6.0 inews Buffer Overflow",1999-09-02,bawd,multiple,local,0 -19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 +19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 Plugin - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 FIT File Format DoS",2012-06-30,"Joseph Sheridan",multiple,dos,0 19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 19484,platforms/windows/remote/19484.rb,"HP Data Protector Create New Folder Buffer Overflow",2012-07-01,Metasploit,windows,remote,3817 @@ -16937,7 +16937,7 @@ id,file,description,date,author,platform,type,port 19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (1)",1999-10-28,"Alberto Soli",windows,dos,0 19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2)",1999-11-04,"Alberto Solino",windows,remote,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 RCPT TO DoS",1999-10-28,"Nobuo Miwa",multiple,dos,0 -19572,platforms/php/webapps/19572.txt,"WordPress MoodThingy Widget 0.8.7 - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 +19572,platforms/php/webapps/19572.txt,"WordPress MoodThingy Widget 0.8.7 Plugin - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 19574,platforms/php/webapps/19574.txt,"Webify Link Directory SQL Injection",2012-07-04,"Daniel Godoy",php,webapps,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character DoS",2012-07-04,"Soroush Dalili",windows,dos,0 @@ -17150,7 +17150,7 @@ id,file,description,date,author,platform,type,port 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0_SGI IRIX 6.5.x fname",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 -19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 +19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser Remote File & Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19830,platforms/windows/remote/19830.txt,"Microsoft Index Server 2.0 - '%20' ASP Source Disclosure",2000-03-31,"David Litchfield",windows,remote,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer",2000-03-05,"Keyser Soze",linux,local,0 @@ -17428,7 +17428,7 @@ id,file,description,date,author,platform,type,port 20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 DoS",2000-07-18,wildcoyote,windows,dos,0 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 -20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 +20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 Piped Command",2000-07-18,Prizm,cgi,remote,0 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor (0Day)",2012-07-24,muts,php,webapps,0 @@ -17676,7 +17676,7 @@ id,file,description,date,author,platform,type,port 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 20345,platforms/php/webapps/20345.txt,"iauto mobile application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP Persistent XSS",2012-08-08,Vulnerability-Lab,php,webapps,0 -20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 \'id\' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 +20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 20348,platforms/windows/webapps/20348.py,"axigen mail server 8.0.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 @@ -17687,7 +17687,7 @@ id,file,description,date,author,platform,type,port 20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 -20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 - Stored XSS",2012-08-08,loneferret,php,webapps,0 +20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 Plugin - Stored XSS",2012-08-08,loneferret,php,webapps,0 20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0 20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Stored XSS",2012-08-08,loneferret,php,webapps,0 20361,platforms/php/webapps/20361.py,"WordPress Plugin simplemail 1.0.6 - Stored XSS",2012-08-08,loneferret,php,webapps,0 @@ -17801,7 +17801,7 @@ id,file,description,date,author,platform,type,port 21316,platforms/php/webapps/21316.txt,"ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 20472,platforms/multiple/remote/20472.txt,"IBM DB2 - Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password",2000-12-05,benjurry,multiple,remote,0 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x_Catalyst 5000 4.5/5.x_Catalyst 6000 5.x Memory Leak DoS",2000-12-06,blackangels,hardware,dos,0 -20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 - Persistent XSS",2012-08-13,"Chris Kellum",php,webapps,0 +20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 Plugin - Persistent XSS",2012-08-13,"Chris Kellum",php,webapps,0 20476,platforms/php/webapps/20476.txt,"Hotel Booking Portal 0.1 - Multiple Vulnerabilities",2012-08-13,"Yakir Wizman",php,webapps,0 20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway CSRF",2012-08-13,"Nir Valtman",windows,webapps,0 20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 @@ -18219,7 +18219,7 @@ id,file,description,date,author,platform,type,port 20915,platforms/windows/local/20915.py,"ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 -20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 +20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 Plugin - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow DoS",2001-06-12,"Jass Seljamaa",osx,dos,0 20923,platforms/unix/local/20923.c,"LPRng 3.6.x Failure To Drop Supplementary Groups",2001-06-07,zen-parse,unix,local,0 @@ -19675,7 +19675,7 @@ id,file,description,date,author,platform,type,port 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewforum.php SQL Injection",2003-03-25,frog,php,webapps,0 22425,platforms/php/dos/22425.php,"PHP 4.x socket_recv() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x socket_recvfrom() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 -22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 +22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 Member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 @@ -19711,7 +19711,7 @@ id,file,description,date,author,platform,type,port 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 functions.php SQL Injection",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 - HTML Code Injection / Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Local Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -20092,7 +20092,7 @@ id,file,description,date,author,platform,type,port 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration Passthru",2012-11-21,Metasploit,linux,remote,0 @@ -20439,7 +20439,7 @@ id,file,description,date,author,platform,type,port 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP Password Disclosure Weakness",2003-10-03,"Cisco Security",hardware,remote,0 -23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 Blog.Header.php - SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 +23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 Message.CGI Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 @@ -20867,8 +20867,8 @@ id,file,description,date,author,platform,type,port 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler Command Injection",2012-12-25,Metasploit,windows,remote,0 -23651,platforms/php/remote/23651.rb,"WordPress WP-Property - PHP File Upload",2012-12-25,Metasploit,php,remote,0 -23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 @@ -21481,7 +21481,7 @@ id,file,description,date,author,platform,type,port 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter - CSRF",2013-01-22,"Junaid Hussain",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - CSRF",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 @@ -21550,7 +21550,7 @@ id,file,description,date,author,platform,type,port 24361,platforms/linux/remote/24361.c,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)",2004-08-09,jsk,linux,remote,0 24362,platforms/windows/dos/24362.txt,"Internet Security Systems BlackICE PC Protection 3.6 Firewall.INI Local Buffer Overrun",2004-08-11,"Paul Craig",windows,dos,0 24363,platforms/windows/remote/24363.txt,"clearswift mimesweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 -24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 - CSRF",2013-01-25,"Junaid Hussain",php,webapps,0 +24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 Plugin - CSRF",2013-01-25,"Junaid Hussain",php,webapps,0 24365,platforms/php/webapps/24365.txt,"ImageCMS 4.0.0b - Multiple Vulnerabilities",2013-01-25,"High-Tech Bridge SA",php,webapps,0 24366,platforms/windows/local/24366.rb,"Windows Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 24367,platforms/php/webapps/24367.txt,"IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities",2004-08-11,ShineShadow,php,webapps,0 @@ -22290,7 +22290,7 @@ id,file,description,date,author,platform,type,port 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,Metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office Wpsio.dll - Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22578,7 +22578,7 @@ id,file,description,date,author,platform,type,port 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 index.php cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 -25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 +25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id param) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 @@ -24498,7 +24498,7 @@ id,file,description,date,author,platform,type,port 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 27380,platforms/php/webapps/27380.txt,"myBloggie 2.1.2/2.1.3 upload.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27381,platforms/php/webapps/27381.txt,"myBloggie 2.1.2/2.1.3 delcomment.php Multiple Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27382,platforms/php/webapps/27382.txt,"myBloggie 2.1.2/2.1.3 deluser.php 'id' Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27382,platforms/php/webapps/27382.txt,"myBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27383,platforms/php/webapps/27383.txt,"myBloggie 2.1.2/2.1.3 addcat.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27384,platforms/php/webapps/27384.txt,"myBloggie 2.1.2/2.1.3 edituser.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27385,platforms/php/webapps/27385.txt,"myBloggie 2.1.2/2.1.3 adduser.php errormsg Parameter XSS",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 @@ -24515,7 +24515,7 @@ id,file,description,date,author,platform,type,port 27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 - CSRF",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 Plugin - CSRF",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 @@ -26793,7 +26793,7 @@ id,file,description,date,author,platform,type,port 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 -29754,platforms/php/webapps/29754.html,"WordPress Core 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 +29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -26827,7 +26827,7 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 @@ -26879,7 +26879,7 @@ id,file,description,date,author,platform,type,port 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI Okul Portal Haber_Oku.ASP - SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 -30166,platforms/php/webapps/30166.txt,"WordPress Core 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 +30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 @@ -27296,7 +27296,7 @@ id,file,description,date,author,platform,type,port 30400,platforms/aix/local/30400.c,"IBM AIX 5.2/5.3 FTP Client Local Buffer Overflow",2007-07-26,qaaz,aix,local,0 30401,platforms/php/dos/30401.php,"T1lib intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x Login.ASP Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 -30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 +30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 @@ -27487,7 +27487,7 @@ id,file,description,date,author,platform,type,port 32415,platforms/php/webapps/32415.txt,"Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection",2008-09-24,"Justin C. Klein Keane",php,webapps,0 32512,platforms/unix/remote/32512.rb,"FreePBX - config.php Remote Code Execution",2014-03-25,Metasploit,unix,remote,0 32413,platforms/php/webapps/32413.txt,"InterTech WCMS 'etemplate.php' SQL Injection",2008-09-23,"GeNiUs IrAQI",php,webapps,0 -32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform 'browser.asp' Parameter Directory Traversal",2008-09-23,AlbaniaN-[H],asp,webapps,0 +32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform - 'browser.asp' Parameter Directory Traversal",2008-09-23,AlbaniaN-[H],asp,webapps,0 32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting",2008-09-23,"Hadi Kiamarsi",php,webapps,0 32410,platforms/php/webapps/32410.txt,"6rbScript - 'cat.php' SQL Injection",2008-09-22,"Karar Alshami",php,webapps,0 32389,platforms/php/webapps/32389.txt,"Quick Cart 3.1 - 'admin.php' Cross-Site Scripting",2008-09-17,"John Cobb",php,webapps,0 @@ -27929,7 +27929,7 @@ id,file,description,date,author,platform,type,port 31041,platforms/php/webapps/31041.txt,"bloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 -31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 +31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 31046,platforms/windows/remote/31046.cpp,"GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow",2008-01-09,Knell,windows,remote,0 31047,platforms/multiple/remote/31047.txt,"Novemberborn sIFR 2.0.2/3 - 'txt' Parameter Cross-Site Scripting",2008-01-22,"Jan Fry",multiple,remote,0 @@ -27966,7 +27966,7 @@ id,file,description,date,author,platform,type,port 31078,platforms/hardware/remote/31078.txt,"2Wire Routers 'H04_POST' - Access Validation",2008-01-30,"Oligarchy Oligarchy",hardware,remote,0 31079,platforms/php/webapps/31079.txt,"webSPELL 4.1.2 - 'whoisonline.php' Cross-Site Scripting",2008-01-30,NBBN,php,webapps,0 31080,platforms/php/webapps/31080.txt,"YeSiL KoRiDoR Ziyaretçi Defteri - 'index.php' SQL Injection",2008-01-30,ShaFuck31,php,webapps,0 -31081,platforms/cgi/webapps/31081.txt,"OpenBSD 4.1 bgplg 'cmd' Parameter Cross-Site Scripting",2007-10-10,"Anton Karpov",cgi,webapps,0 +31081,platforms/cgi/webapps/31081.txt,"OpenBSD 4.1 - bgplg 'cmd' Parameter Cross-Site Scripting",2007-10-10,"Anton Karpov",cgi,webapps,0 31084,platforms/php/webapps/31084.txt,"Archimede Net 2000 - 'E-Guest_show.php' SQL Injection",2008-02-01,"Sw33t h4cK3r",php,webapps,0 31085,platforms/php/webapps/31085.txt,"Doodle4Gift - Multiple Vulnerabilities",2014-01-20,Dr.NaNo,php,webapps,80 31086,platforms/php/webapps/31086.php,"AfterLogic Pro and Lite 7.1.1.1 - Stored XSS",2014-01-20,"Saeed reza Zamanian",php,webapps,80 @@ -28019,7 +28019,7 @@ id,file,description,date,author,platform,type,port 31134,platforms/php/webapps/31134.txt,"VWar 1.5 - 'calendar.php' SQL Injection",2008-02-11,Pouya_Server,php,webapps,0 31135,platforms/php/webapps/31135.txt,"Rapid-Source Rapid-Recipe Component Multiple SQL Injection",2008-02-11,breaker_unit,php,webapps,0 31136,platforms/multiple/dos/31136.txt,"cyan soft Multiple Applications Format String and Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 -31137,platforms/php/webapps/31137.txt,"Joomla! and Mambo com_comments Component 0.5.8.5g 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 +31137,platforms/php/webapps/31137.txt,"Joomla! and Mambo com_comments Component 0.5.8.5g - 'id' Parameter SQL Injection",2008-02-11,CheebaHawk215,php,webapps,0 31138,platforms/windows/dos/31138.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) NPSpcSVR.exe License Command Remote Overflow",2008-02-11,"Luigi Auriemma",windows,dos,0 31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 31140,platforms/php/webapps/31140.txt,"iTechClassifieds 3.03.057 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 @@ -28099,7 +28099,7 @@ id,file,description,date,author,platform,type,port 31207,platforms/php/webapps/31207.txt,"Joomla! and Mambo 'com_activities' Component - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31208,platforms/php/webapps/31208.txt,"Joomla! and Mambo 'com_sg' Component - 'pid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31209,platforms/php/webapps/31209.txt,"Joomla! and Mambo faq Component - 'catid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 -31210,platforms/php/webapps/31210.txt,"Yellow Swordfish Simple Forum 1.10/1.11'topic' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 +31210,platforms/php/webapps/31210.txt,"Yellow Swordfish Simple Forum 1.10/1.11 - 'topic' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31211,platforms/php/webapps/31211.txt,"Yellow Swordfish Simple Forum 1.7/1.9 - 'index.php' SQL Injection",2008-02-15,S@BUN,php,webapps,0 31212,platforms/php/webapps/31212.txt,"Yellow Swordfish Simple Forum 1.x - 'topic' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 31213,platforms/php/webapps/31213.txt,"Joomla! and Mambo 'com_salesrep' Component - 'rid' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 @@ -28787,7 +28787,7 @@ id,file,description,date,author,platform,type,port 31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal",2008-06-17,"Tan Chew Keong",multiple,remote,0 31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 -31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 +31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - AppleScript ARDAgent Shell Local Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 @@ -28816,7 +28816,7 @@ id,file,description,date,author,platform,type,port 31964,platforms/windows/dos/31964.txt,"5th street - 'dx8render.dll' Format String",2008-06-25,superkhung,windows,dos,0 31965,platforms/linux/dos/31965.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0 -31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway 'PARAMS' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 +31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'PARAMS' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 @@ -28838,7 +28838,7 @@ id,file,description,date,author,platform,type,port 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 -31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 +31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 (SalesInquiry.php SortBy param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 @@ -28866,7 +28866,7 @@ id,file,description,date,author,platform,type,port 32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter XSS",2008-07-07,"Julian Rodriguez",php,webapps,0 -32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 +32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 32017,platforms/php/webapps/32017.html,"VBulletin 3.7.1 - admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service",2008-07-08,"Kristian Hermansen",linux,dos,0 @@ -29027,7 +29027,7 @@ id,file,description,date,author,platform,type,port 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32189,platforms/multiple/remote/32189.py,"DD-WRT Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 -32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 +32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 32192,platforms/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",multiple,dos,0 32193,platforms/multiple/dos/32193.txt,"OpenVms 8.3 Finger Service Stack Based Buffer Overflow",2008-08-07,"Shaun Colley",multiple,dos,0 32194,platforms/multiple/dos/32194.txt,"NoticeWare Email Server 4.6 NG LOGIN Messages Denial Of Service",2008-08-06,Antunes,multiple,dos,0 @@ -29105,7 +29105,7 @@ id,file,description,date,author,platform,type,port 32332,platforms/windows/dos/32332.txt,"Free Download Manager - Stack-based Buffer Overflow",2014-03-17,"Julien Ahrens",windows,dos,80 32278,platforms/asp/webapps/32278.txt,"K Web CMS 'sayfala.asp' SQL Injection",2008-08-18,baltazar,asp,webapps,0 32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 - HTML Injection / Cross-Site Scripting",2008-08-19,"James Bercegay",php,webapps,0 -32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script 'id' Parameter SQL Injection",2008-08-20,"Hussin X",php,webapps,0 +32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script - 'id' Parameter SQL Injection",2008-08-20,"Hussin X",php,webapps,0 32281,platforms/php/webapps/32281.cs,"Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure",2008-06-19,"Charalambous Glafkos",php,webapps,0 32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 - 'index.php' Local File Inclusion",2008-08-21,"Beenu Arora",php,webapps,0 32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 @@ -29156,7 +29156,7 @@ id,file,description,date,author,platform,type,port 32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 32336,platforms/hardware/remote/32336.txt,"D-Link DIR-100 1.12 Security Bypass",2008-09-08,"Marc Ruef",hardware,remote,0 32337,platforms/php/webapps/32337.txt,"Silentum LoginSys 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-06,"Maximiliano Soler",php,webapps,0 -32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 +32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS - 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 32339,platforms/windows/remote/32339.txt,"Microsoft Organization Chart 2 - Remote Code Execution",2008-09-08,"Ivan Sanchez",windows,remote,0 32340,platforms/php/webapps/32340.txt,"Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-08,sl4xUz,php,webapps,0 32341,platforms/hardware/dos/32341.html,"Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 @@ -29225,7 +29225,7 @@ id,file,description,date,author,platform,type,port 32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 32445,platforms/linux/remote/32445.txt,"MySQL 5 Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 -32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 +32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar - 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 32448,platforms/java/webapps/32448.txt,"Celoxis Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 @@ -29263,7 +29263,7 @@ id,file,description,date,author,platform,type,port 32483,platforms/windows/dos/32483.py,"GOM Video Converter 1.1.0.60 - (.wav) Memory Corruption PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32519,platforms/multiple/dos/32519.txt,"Couchdb 1.5.0 - uuids DoS Exploit",2014-03-26,"Krusty Hack",multiple,dos,0 32520,platforms/php/webapps/32520.txt,"OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection",2014-03-26,"Saadi Siddiqui",php,webapps,0 -32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro 'id' Parameter SQL Injection",2008-11-02,"Hussin X",php,webapps,0 +32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro - 'id' Parameter SQL Injection",2008-11-02,"Hussin X",php,webapps,0 32485,platforms/asp/webapps/32485.txt,"ASP Indir Iltaweb Alisveris Sistemi 'xurunler.asp' SQL Injection",2008-10-13,tRoot,asp,webapps,0 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 32487,platforms/php/webapps/32487.txt,"Elxis CMS 2008.1 modules/mod_language.php Multiple Parameter XSS",2008-10-14,faithlove,php,webapps,0 @@ -29344,7 +29344,7 @@ id,file,description,date,author,platform,type,port 32567,platforms/php/webapps/32567.txt,"DHCart 3.84 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0 32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution (Metasploit)",2014-03-28,"SecPod Research",windows,remote,80 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888 -32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork 'path' Parameter Remote File Inclusion",2008-11-06,DeltahackingTEAM,php,webapps,0 +32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork - 'path' Parameter Remote File Inclusion",2008-11-06,DeltahackingTEAM,php,webapps,0 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting",2008-11-07,G4N0K,php,webapps,0 32572,platforms/windows/dos/32572.txt,"Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow",2008-11-07,alex,windows,dos,0 32573,platforms/windows/dos/32573.txt,"Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service",2008-11-09,killprog.org,windows,dos,0 @@ -29361,7 +29361,7 @@ id,file,description,date,author,platform,type,port 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server Username Enumeration Weakness",2008-11-14,"Bernardo Damele",windows,remote,0 32587,platforms/windows/dos/32587.txt,"VeryPDF PDFView ActiveX Component Heap Buffer Overflow",2008-11-15,r0ut3r,windows,dos,0 -32588,platforms/php/webapps/32588.txt,"BoutikOne CMS 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 +32588,platforms/php/webapps/32588.txt,"BoutikOne CMS - 'search_query' Parameter Cross-Site Scripting",2008-11-17,d3v1l,php,webapps,0 32621,platforms/php/remote/32621.rb,"SePortal SQLi - Remote Code Execution",2014-03-31,Metasploit,php,remote,80 32589,platforms/php/webapps/32589.html,"Kimson CMS 'id' Parameter Cross-Site Scripting",2008-11-18,md.r00t,php,webapps,0 32590,platforms/windows/local/32590.c,"Microsoft Windows Vista - 'iphlpapi.dll' Local Kernel Buffer Overflow",2008-11-19,"Marius Wachtler",windows,local,0 @@ -29380,7 +29380,7 @@ id,file,description,date,author,platform,type,port 32603,platforms/asp/webapps/32603.txt,"Ocean12 Mailing LisManager Gold 2.04 - 'Email' Parameter SQL Injection",2008-11-29,"Charalambous Glafkos",asp,webapps,0 32604,platforms/asp/webapps/32604.txt,"ParsBlogger 'blog.asp' Cross-Site Scripting",2008-11-29,Pouya_Server,asp,webapps,0 32605,platforms/php/webapps/32605.txt,"Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities",2008-11-29,Pouya_Server,php,webapps,0 -32606,platforms/php/webapps/32606.txt,"Basic CMS 'q' Parameter Cross-Site Scripting",2008-11-29,Pouya_Server,php,webapps,0 +32606,platforms/php/webapps/32606.txt,"Basic CMS - 'q' Parameter Cross-Site Scripting",2008-11-29,Pouya_Server,php,webapps,0 32607,platforms/php/webapps/32607.txt,"RakhiSoftware Shopping Cart product.php Multiple Parameter XSS",2008-11-28,"Charalambous Glafkos",php,webapps,0 32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart PHPSESSID Cookie Manipulation Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 32609,platforms/asp/webapps/32609.txt,"Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 @@ -29431,7 +29431,7 @@ id,file,description,date,author,platform,type,port 32655,platforms/jsp/webapps/32655.txt,"Multiple Ad Server Solutions Products 'logon_processing.jsp' SQL Injection",2008-12-11,"3d D3v!L",jsp,webapps,0 32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injection",2008-12-01,"security curmudgeon",php,webapps,0 32657,platforms/windows/dos/32657.py,"Nokia N70 and N73 - Malformed OBEX Name Header Remote Denial of Service",2008-12-12,NCNIPC,windows,dos,0 -32658,platforms/asp/webapps/32658.txt,"ASP-DEV XM Events Diary 'cat' Parameter SQL Injection",2008-12-13,Pouya_Server,asp,webapps,0 +32658,platforms/asp/webapps/32658.txt,"ASP-DEV XM Events Diary - 'cat' Parameter SQL Injection",2008-12-13,Pouya_Server,asp,webapps,0 32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7.0 HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 32660,platforms/asp/webapps/32660.txt,"CIS Manager CMS - SQL Injection",2014-04-02,"felipe andrian",asp,webapps,0 32661,platforms/windows/remote/32661.html,"Evans FTP 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities",2008-12-14,Bl@ckbe@rD,windows,remote,0 @@ -29565,9 +29565,9 @@ id,file,description,date,author,platform,type,port 32798,platforms/multiple/remote/32798.pl,"ProFTPD 1.3 - 'mod_sql' Username SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 -32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 +32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 32802,platforms/php/webapps/32802.txt,"ClipBucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 -32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 +32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar - 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 32805,platforms/linux/local/32805.c,"Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure",2009-02-20,"Clément Lecigne",linux,local,0 32806,platforms/php/webapps/32806.txt,"Blue Utopia 'index.php' Local File Inclusion",2009-02-22,PLATEN,php,webapps,0 @@ -29709,7 +29709,7 @@ id,file,description,date,author,platform,type,port 32949,platforms/multiple/dos/32949.txt,"Mani's Admin Plugin Remote Denial Of Service",2009-04-22,M4rt1n,multiple,dos,0 32950,platforms/php/webapps/32950.txt,"Flat Calendar 1.1 - 'add.php' HTML Injection",2009-04-22,ZoRLu,php,webapps,0 32951,platforms/novell/dos/32951.py,"Recover Data for Novell Netware 1.0 - (.sav) Remote Denial of Service",2009-04-23,"AbdulAziz Hariri",novell,dos,0 -32952,platforms/php/webapps/32952.txt,"CS Whois Lookup 'ip' Parameter Remote Command Execution",2009-04-23,SirGod,php,webapps,0 +32952,platforms/php/webapps/32952.txt,"CS Whois Lookup - 'ip' Parameter Remote Command Execution",2009-04-23,SirGod,php,webapps,0 32953,platforms/asp/webapps/32953.vbs,"PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection",2009-04-24,anonymous,asp,webapps,0 32954,platforms/hardware/remote/32954.txt,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities",2009-04-23,pagvac,hardware,remote,0 32955,platforms/hardware/remote/32955.js,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G Multiple Cross-Site Scripting Vulnerabilities",2009-04-25,pagvac,hardware,remote,0 @@ -30111,7 +30111,7 @@ id,file,description,date,author,platform,type,port 33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x 404 Error Page Cross-Site Scripting",2009-11-23,MustLive,php,webapps,0 33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting",2009-09-02,MustLive,multiple,remote,0 33380,platforms/php/webapps/33380.txt,"Power Phlogger 2.2.x - Cross-Site Scripting",2008-02-16,MustLive,php,webapps,0 -33381,platforms/php/webapps/33381.txt,"Content Module 0.5 for XOOPS 'id' Parameter SQL Injection",2009-11-30,s4r4d0,php,webapps,0 +33381,platforms/php/webapps/33381.txt,"Content Module 0.5 for XOOPS - 'id' Parameter SQL Injection",2009-11-30,s4r4d0,php,webapps,0 33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS - 'categoryid' Parameter Cross-Site Scripting",2009-11-30,SoldierOfAllah,php,webapps,0 33383,platforms/php/webapps/33383.txt,"Elxis 'filename' Parameter Directory Traversal",2009-11-30,"cr4wl3r ",php,webapps,0 33384,platforms/windows/dos/33384.py,"Wireshark 1.10.7 - DoS PoC",2014-05-16,"Osanda Malith",windows,dos,0 @@ -30176,7 +30176,7 @@ id,file,description,date,author,platform,type,port 33479,platforms/osx/dos/33479.c,"Mac OS X 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 33480,platforms/linux/dos/33480.txt,"MATLAB R2009b - 'dtoa' Implementation Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",linux,dos,0 33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting",2010-01-09,Cyber_945,asp,webapps,0 -33482,platforms/php/webapps/33482.txt,"DigitalHive 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 +33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 33483,platforms/multiple/dos/33483.py,"Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service",2010-01-10,Intevydis,multiple,dos,0 33484,platforms/php/webapps/33484.txt,"DeltaScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 33485,platforms/php/webapps/33485.txt,"Jamit Job Board 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 @@ -30286,12 +30286,12 @@ id,file,description,date,author,platform,type,port 33602,platforms/php/webapps/33602.txt,"evalSMSI 2.1.3 - Multiple Input Validation Vulnerabilities",2010-02-05,ekse,php,webapps,0 33603,platforms/php/webapps/33603.html,"LANDesk Management Gateway 4.x - Multiple Security Vulnerabilities",2010-02-05,"Aureliano Calvo",php,webapps,0 33604,platforms/linux/local/33604.sh,"SystemTap 1.0/1.1 - '__get_argv()' and '__get_compat_argv()' Local Memory Corruption",2010-02-05,"Josh Stone",linux,local,0 -33605,platforms/php/webapps/33605.php,"ASCET Interactive Huski CMS 'i' Parameter Local File Inclusion",2010-02-05,Wireghoul,php,webapps,0 +33605,platforms/php/webapps/33605.php,"ASCET Interactive Huski CMS - 'i' Parameter Local File Inclusion",2010-02-05,Wireghoul,php,webapps,0 33606,platforms/php/webapps/33606.txt,"ASCET Interactive Huski Retail Multiple SQL Injection",2010-02-05,Wireghoul,php,webapps,0 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 -33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 +33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 Plugin - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Local Root Exploit",2014-06-02,"Sebastian Krahmer",linux,local,0 33615,platforms/multiple/remote/33615.txt,"JDownloader 'JDExternInterface.java' Remote Code Execution",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 Space String Remote File Disclosure",2010-02-08,"Pouya Daneshmand",multiple,remote,0 @@ -30312,13 +30312,13 @@ id,file,description,date,author,platform,type,port 33631,platforms/ios/webapps/33631.txt,"AllReader 1.0 iOS - Multiple Vulnerabilities",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33632,platforms/ios/webapps/33632.txt,"Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33633,platforms/windows/webapps/33633.txt,"IPSwitch IMail Server WEB client 12.4 persistent XSS",2014-06-03,Peru,windows,webapps,0 -33644,platforms/php/webapps/33644.txt,"Basic-CMS 'nav_id' Parameter Cross-Site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 +33644,platforms/php/webapps/33644.txt,"Basic-CMS - 'nav_id' Parameter Cross-Site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 33641,platforms/php/webapps/33641.txt,"Joomla! F!BB Component 1.5.96 RC - SQL Injection / HTML Injection",2009-09-17,"Jeff Channell",php,webapps,0 33642,platforms/windows/remote/33642.html,"Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Inclusion / Cross-Site Scripting",2010-02-12,"Beenu Arora",php,webapps,0 33647,platforms/asp/webapps/33647.txt,"Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-16,"Roel Schouten",asp,webapps,0 33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 -33649,platforms/php/webapps/33649.txt,"BGSvetionik BGS CMS 'search' Parameter Cross-Site Scripting",2010-02-16,hacker@sr.gov.yu,php,webapps,0 +33649,platforms/php/webapps/33649.txt,"BGSvetionik BGS CMS - 'search' Parameter Cross-Site Scripting",2010-02-16,hacker@sr.gov.yu,php,webapps,0 33650,platforms/php/webapps/33650.txt,"Extreme Mobster 'login' Parameter Cross-Site Scripting",2010-02-16,indoushka,php,webapps,0 33651,platforms/php/webapps/33651.txt,"EziScript Google Page Rank 1.1 - Cross-Site Scripting",2010-02-16,sarabande,php,webapps,0 33652,platforms/php/webapps/33652.txt,"New-CMS 1.08 - Multiple Local File Inclusion and HTML-Injection Vulnerabilities",2010-02-18,"Alberto Fontanella",php,webapps,0 @@ -30347,7 +30347,7 @@ id,file,description,date,author,platform,type,port 33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 -33683,platforms/php/webapps/33683.txt,"Article Friendly 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 +33683,platforms/php/webapps/33683.txt,"Article Friendly - 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 - 'girisyap.php' SQL Injection",2010-03-01,"cr4wl3r ",php,webapps,0 33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Parameter Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0 33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 - 'readme.nsf' Cross-Site Scripting",2010-03-02,"Nahuel Grisolia",multiple,remote,0 @@ -30497,7 +30497,7 @@ id,file,description,date,author,platform,type,port 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 -33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0Day)",2014-06-24,@u0x,php,webapps,0 +33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution (0Day)",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 @@ -30746,7 +30746,7 @@ id,file,description,date,author,platform,type,port 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 -34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 +34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager - 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Inclusion",2010-06-03,"High-Tech Bridge SA",php,webapps,0 @@ -30801,7 +30801,7 @@ id,file,description,date,author,platform,type,port 34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution Exploit",2014-07-28,LiquidWorm,php,remote,80 34192,platforms/linux/remote/34192.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - XSLT Integer Overflow",2010-06-22,"Martin Barbella",linux,remote,0 34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script Multiple SQL Injection",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 -34195,platforms/php/webapps/34195.txt,"Cimy Counter for WordPress 0.9.4 - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 +34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 34196,platforms/ios/webapps/34196.txt,"WiFi HD 7.3.0 iOS - Multiple Vulnerabilities",2014-07-29,Vulnerability-Lab,ios,webapps,0 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 @@ -30811,9 +30811,9 @@ id,file,description,date,author,platform,type,port 34204,platforms/php/webapps/34204.html,"SkaDate Lite 2.0 - Multiple CSRF / Persistent XSS Vulnerabilities",2014-07-30,LiquidWorm,php,webapps,80 34205,platforms/php/webapps/34205.py,"SkaDate Lite 2.0 - Remote Code Execution Exploit",2014-07-30,LiquidWorm,php,webapps,80 34206,platforms/hardware/webapps/34206.txt,"D-Link AP 3200 - Multiple Vulnerabilities",2014-07-30,pws,hardware,webapps,80 -34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 +34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector - 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 34208,platforms/hardware/remote/34208.txt,"D-Link DAP-1160 Wireless Access Point DCC Protocol Security Bypass",2010-06-28,"Cristofaro Mune",hardware,remote,0 -34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS 'Username' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 +34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS - 'Username' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 34210,platforms/php/webapps/34210.txt,"OneCMS 2.6.1 admin/admin.php cat Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34211,platforms/php/webapps/34211.html,"OneCMS 2.6.1 - search.php search Parameter SQL Injection",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 @@ -30846,7 +30846,7 @@ id,file,description,date,author,platform,type,port 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Local Root",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"Disqus for WordPress 2.7.5 - Admin Stored CSRF / XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34336,platforms/php/webapps/34336.html,"WordPress Disqus 2.7.5 Plugin - Admin Stored CSRF / XSS",2014-08-14,"Nik Cubrilovic",php,webapps,80 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 @@ -30964,7 +30964,7 @@ id,file,description,date,author,platform,type,port 34373,platforms/php/webapps/34373.txt,"MC Content Manager 10.1 - SQL Injection / Cross-Site Scripting",2010-07-25,MustLive,php,webapps,0 34374,platforms/php/webapps/34374.txt,"Joomla! FreiChat Component 1.0/2.x Unspecified HTML Injection",2010-07-26,nag_sunny,php,webapps,0 34375,platforms/linux/dos/34375.txt,"sSMTP 2.62 - 'standardize()' Buffer Overflow",2010-07-26,"Brendan Boerner",linux,dos,0 -34376,platforms/asp/webapps/34376.txt,"e-Courier CMS 'UserGUID' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,BugsNotHugs,asp,webapps,0 +34376,platforms/asp/webapps/34376.txt,"e-Courier CMS - 'UserGUID' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,BugsNotHugs,asp,webapps,0 34377,platforms/php/webapps/34377.txt,"Portili Personal and Team Wiki 1.14 - Multiple Security Vulnerabilities",2010-10-04,Abysssec,php,webapps,0 34378,platforms/php/webapps/34378.txt,"Clixint Technologies DPI Cross-Site Scripting",2009-12-04,anonymous,php,webapps,0 34379,platforms/php/webapps/34379.html,"SyndeoCMS 2.9 - Multiple HTML Injection Vulnerabilities",2010-07-26,"High-Tech Bridge SA",php,webapps,0 @@ -31098,7 +31098,7 @@ id,file,description,date,author,platform,type,port 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI 'users.php' SQL Injection",2010-08-24,"Adam Baldwin",multiple,remote,0 -34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 +34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 @@ -31174,7 +31174,7 @@ id,file,description,date,author,platform,type,port 34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting",2009-07-08,Moudi,php,webapps,0 34808,platforms/php/webapps/34808.txt,"Rapidsendit Clone Script 'admin.php' Insecure Cookie Authentication Bypass",2009-07-08,NoGe,php,webapps,0 34614,platforms/asp/webapps/34614.txt,"SmarterTools SmarterStats 5.3.3819 - 'frmHelp.aspx' Cross-Site Scripting",2010-09-09,"David Hoyt",asp,webapps,0 -34683,platforms/php/webapps/34683.txt,"e-soft24 Article Directory Script 'q' Parameter Cross-Site Scripting",2009-08-30,"599eme Man",php,webapps,0 +34683,platforms/php/webapps/34683.txt,"e-soft24 Article Directory Script - 'q' Parameter Cross-Site Scripting",2009-08-30,"599eme Man",php,webapps,0 34616,platforms/php/webapps/34616.txt,"Elkagroup Elkapax - 'q' Parameter Cross-Site Scripting",2009-08-13,Isfahan,php,webapps,0 34617,platforms/php/webapps/34617.txt,"Waverider Systems Perlshop Multiple Input Validation Vulnerabilities",2009-08-06,Shadow,php,webapps,0 34618,platforms/php/webapps/34618.txt,"Omnistar Recruiting 'resume_register.php' Cross-Site Scripting",2009-09-06,MizoZ,php,webapps,0 @@ -31237,7 +31237,7 @@ id,file,description,date,author,platform,type,port 34678,platforms/php/webapps/34678.txt,"WebStatCaffe stat/pageviewerschart.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34679,platforms/php/webapps/34679.txt,"WebStatCaffe stat/referer.php date Parameter XSS",2009-08-29,Moudi,php,webapps,0 34680,platforms/hardware/webapps/34680.txt,"ZTE ZXDSL-931VII - Unauthenticated Configuration Dump",2014-09-16,"L0ukanik0-s S0kniaku0l",hardware,webapps,0 -34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 +34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 Plugin - Shell Upload (Python Exploit)",2014-09-16,"Claudio Viviani",php,webapps,0 34682,platforms/ios/webapps/34682.txt,"USB&WiFi Flash Drive 1.3 iOS - Code Execution",2014-09-16,Vulnerability-Lab,ios,webapps,8080 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal / Denial of Service",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal",2010-09-16,"John Leitch",windows,remote,0 @@ -31314,7 +31314,7 @@ id,file,description,date,author,platform,type,port 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Stored XSS",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 -34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 +34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 (index.php file param) - Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 @@ -31364,7 +31364,7 @@ id,file,description,date,author,platform,type,port 34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0 34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - CSRF",2014-09-29,"Dolev Farhi",php,webapps,446 34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for WordPress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 -34976,platforms/php/webapps/34976.txt,"Vodpod Video Gallery 3.1.5 for WordPress - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34976,platforms/php/webapps/34976.txt,"WordPress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34977,platforms/php/webapps/34977.txt,"WordPress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 34827,platforms/php/webapps/34827.txt,"Recipe Script 5.0 - 'First Name' HTML Injection",2009-06-15,"ThE g0bL!N",php,webapps,0 34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 @@ -31393,7 +31393,7 @@ id,file,description,date,author,platform,type,port 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 -34854,platforms/php/webapps/34854.txt,"All In One WordPress Firewall 3.8.3 - Persistent XSS",2014-10-02,Vulnerability-Lab,php,webapps,80 +34854,platforms/php/webapps/34854.txt,"Wordpress All In One WP Security & Firewall 3.8.3 Plugin - Persistent XSS",2014-10-02,Vulnerability-Lab,php,webapps,80 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - (.bmp) Buffer Overflow",2010-10-19,anT!-Tr0J4n,windows,dos,0 34856,platforms/windows/remote/34856.py,"Kolibri Webserver 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 34857,platforms/windows/dos/34857.txt,"TeamSpeak Client 3.0.14 - Buffer Overflow",2014-10-02,"SpyEye and Christian Galeon",windows,dos,0 @@ -31507,8 +31507,8 @@ id,file,description,date,author,platform,type,port 34970,platforms/php/webapps/34970.py,"SEO Control Panel 3.6.0 - Authenticated SQL Injection",2014-10-14,"Tiago Carvalho",php,webapps,0 34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 -34973,platforms/php/webapps/34973.txt,"FeedList 2.61.01 for WordPress - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34974,platforms/php/webapps/34974.txt,"WP Survey And Quiz Tool 1.2.1 for WordPress - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34973,platforms/php/webapps/34973.txt,"WordPress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34974,platforms/php/webapps/34974.txt,"WordPress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 @@ -31555,7 +31555,7 @@ id,file,description,date,author,platform,type,port 35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart Unserialize Remote Code Execution",2014-10-21,Metasploit,php,remote,80 35034,platforms/multiple/remote/35034.rb,"HP Data Protector EXEC_INTEGUTIL Remote Code Execution",2014-10-21,Metasploit,multiple,remote,5555 35035,platforms/cgi/webapps/35035.txt,"Awstats 6.x Apache Tomcat Configuration File Remote Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 -35036,platforms/php/webapps/35036.txt,"Annuaire Component for Joomla! 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 +35036,platforms/php/webapps/35036.txt,"Annuaire Component for Joomla! - 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000 35038,platforms/ios/webapps/35038.txt,"File Manager 4.2.10 iOS - Code Execution",2014-10-22,Vulnerability-Lab,ios,webapps,80 35039,platforms/windows/webapps/35039.rb,"DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)",2014-10-22,"Glafkos Charalambous ",windows,webapps,0 @@ -31575,7 +31575,7 @@ id,file,description,date,author,platform,type,port 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 -35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload",2014-10-25,"Claudio Viviani",php,webapps,0 +35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) Plugin - Shell Upload",2014-10-25,"Claudio Viviani",php,webapps,0 35058,platforms/bsd/dos/35058.c,"OpenBSD 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 40099,platforms/multiple/dos/40099.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)",2016-07-13,COSIG,multiple,dos,0 40100,platforms/multiple/dos/40100.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)",2016-07-13,COSIG,multiple,dos,0 @@ -31596,7 +31596,7 @@ id,file,description,date,author,platform,type,port 35070,platforms/hardware/remote/35070.txt,"pfSense status_graph.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35071,platforms/hardware/remote/35071.txt,"pfSense interfaces.php if Parameter XSS",2010-11-08,"dave b",hardware,remote,0 35072,platforms/php/webapps/35072.txt,"Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities",2010-12-08,"Justin Klein Keane",php,webapps,0 -35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 +35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 Plugin - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - (.wav) Buffer Overflow",2014-10-27,metacom,windows,local,0 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent Remote XSS iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 @@ -31739,13 +31739,13 @@ id,file,description,date,author,platform,type,port 35224,platforms/php/webapps/35224.txt,"MyBB 1.8.X - Multiple Vulnerabilities",2014-11-13,smash,php,webapps,80 35225,platforms/windows/remote/35225.c,"Avira AntiVir Personal Multiple Code Execution Vulnerabilities (1)",2011-01-14,D.Elser,windows,remote,0 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0 -35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched 'elimina' Parameter SQL Injection",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 +35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched - 'elimina' Parameter SQL Injection",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-01-15,NLSecurity,php,webapps,0 35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection",2011-01-16,ShivX,php,webapps,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 -35233,platforms/multiple/webapps/35233.txt,"B-Cumulus 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 +35233,platforms/multiple/webapps/35233.txt,"B-Cumulus - 'tagcloud' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-01-18,MustLive,multiple,webapps,0 35234,platforms/linux/local/35234.py,"OSSEC 2.8 - hosts.deny Privilege Escalation",2014-11-14,skynet-13,linux,local,0 35235,platforms/windows/local/35235.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python",2014-11-14,Metasploit,windows,local,0 35236,platforms/windows/local/35236.rb,"MS14-064 Microsoft Windows OLE Package Manager Code Execution",2014-11-14,Metasploit,windows,local,0 @@ -31779,7 +31779,7 @@ id,file,description,date,author,platform,type,port 35262,platforms/php/webapps/35262.txt,"WordPress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 35263,platforms/php/webapps/35263.txt,"WordPress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 35264,platforms/php/webapps/35264.txt,"WordPress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35265,platforms/php/webapps/35265.php,"WordPress Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 +35265,platforms/php/webapps/35265.php,"WordPress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Stored XSS",2014-11-17,"Avinash Thapa",php,webapps,0 35272,platforms/hardware/webapps/35272.txt,"ZTE ZXHN H108L - Authentication Bypass (1)",2014-11-17,"Project Zero Labs",hardware,webapps,0 35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - Insecure Cookies (Login Bypass)",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 @@ -31802,7 +31802,7 @@ id,file,description,date,author,platform,type,port 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack DoS",2014-11-19,nitr0us,linux,dos,31337 35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 35304,platforms/multiple/dos/35304.txt,"Oracle Java Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 -35305,platforms/php/webapps/35305.txt,"ACollab 't' Parameter SQL Injection",2011-02-01,"AutoSec Tools",php,webapps,0 +35305,platforms/php/webapps/35305.txt,"ACollab - 't' Parameter SQL Injection",2011-02-01,"AutoSec Tools",php,webapps,0 35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-Site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 35307,platforms/php/webapps/35307.py,"All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection",2011-01-31,"AutoSec Tools",php,webapps,0 35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 @@ -31868,7 +31868,7 @@ id,file,description,date,author,platform,type,port 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit",2014-11-25,"Kaiqu Chen",linux,local,0 -35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 +35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 @@ -31949,7 +31949,7 @@ id,file,description,date,author,platform,type,port 35455,platforms/php/webapps/35455.txt,"BoutikOne rss_flash.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35456,platforms/php/webapps/35456.txt,"BoutikOne rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35457,platforms/php/webapps/35457.txt,"BoutikOne rss_top10.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 -35459,platforms/php/webapps/35459.txt,"Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 +35459,platforms/php/webapps/35459.txt,"WordPress Cart66 Lite Ecommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection",2011-04-04,"kurdish hackers team",php,webapps,0 @@ -31981,7 +31981,7 @@ id,file,description,date,author,platform,type,port 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection",2014-12-08,BarrabravaZ,php,webapps,0 -35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 +35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injection",2014-12-10,Portcullis,php,webapps,80 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 @@ -32035,7 +32035,7 @@ id,file,description,date,author,platform,type,port 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 -35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 +35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 Plugin - Unauthenticated Shell Upload Exploit",2014-12-15,"Claudio Viviani",php,webapps,0 35549,platforms/unix/remote/35549.rb,"ActualAnalyzer 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 @@ -32189,7 +32189,7 @@ id,file,description,date,author,platform,type,port 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 -35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 +35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Auth Bypass / Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS",2015-01-09,Technidev,php,webapps,80 @@ -32227,7 +32227,7 @@ id,file,description,date,author,platform,type,port 35765,platforms/hardware/remote/35765.txt,"Cisco Unified Operations Manager 8.5 iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35766,platforms/hardware/remote/35766.txt,"Cisco Unified Operations Manager 8.5 iptm/logicalTopo.do Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35767,platforms/php/webapps/35767.txt,"Gecko CMS 2.3 - Multiple Vulnerabilities",2015-01-13,LiquidWorm,php,webapps,80 -35998,platforms/php/webapps/35998.txt,"CobraScripts Trading Marketplace Script 'cid' Parameter SQL Injection",2011-07-25,Ehsan_Hp200,php,webapps,0 +35998,platforms/php/webapps/35998.txt,"CobraScripts Trading Marketplace Script - 'cid' Parameter SQL Injection",2011-07-25,Ehsan_Hp200,php,webapps,0 35786,platforms/multiple/webapps/35786.txt,"Ansible Tower 2.0.2 - Multiple Vulnerabilities",2015-01-14,"SEC Consult",multiple,webapps,80 35770,platforms/hardware/webapps/35770.py,"Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness",2015-01-13,"Yong Chuan, Koh",hardware,webapps,623 35771,platforms/osx/dos/35771.c,"OS X 10.10 Bluetooth DispatchHCICreateConnection - Crash PoC",2015-01-13,"rpaleari and joystick",osx,dos,0 @@ -32237,7 +32237,7 @@ id,file,description,date,author,platform,type,port 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 -35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 - Shell Upload",2015-01-13,Metasploit,php,remote,80 +35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 Plugin - Shell Upload",2015-01-13,Metasploit,php,remote,80 35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 Common Services Device Center Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services 3.1.1 Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 @@ -32416,7 +32416,7 @@ id,file,description,date,author,platform,type,port 35949,platforms/windows/remote/35949.txt,"Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection",2015-01-30,"Paul Craig",windows,remote,0 35950,platforms/php/webapps/35950.txt,"NPDS CMS Revolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80 35951,platforms/linux/dos/35951.py,"Exim ESMTP 4.80 glibc gethostbyname - Denial of Service",2015-01-29,1n3,linux,dos,0 -35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0 +35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0 35953,platforms/windows/local/35953.c,"McAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation",2015-01-30,"Parvez Anwar",windows,local,0 35955,platforms/php/webapps/35955.txt,"Easy Estate Rental 's_location' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0 35956,platforms/php/webapps/35956.txt,"Joomla Foto Component 'id_categoria' Parameter SQL Injection",2011-07-15,SOLVER,php,webapps,0 @@ -32455,7 +32455,7 @@ id,file,description,date,author,platform,type,port 36008,platforms/php/webapps/36008.txt,"Gilnet News 'read_more.php' SQL Injection",2011-07-11,Err0R,php,webapps,0 36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank 'b' Parameter Cross-Site Scripting",2011-08-03,Err0R,php,webapps,0 36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0 -36011,platforms/asp/webapps/36011.txt,"Ataccan E-ticaret Scripti 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 +36011,platforms/asp/webapps/36011.txt,"Ataccan E-ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 36012,platforms/php/webapps/36012.txt,"Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Remote Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure exploit",2015-02-07,"Todor Donev",hardware,remote,0 @@ -32475,24 +32475,24 @@ id,file,description,date,author,platform,type,port 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion",2015-02-09,LiquidWorm,php,webapps,0 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Stored XSS / Reflected XSS Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 -36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 +36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-Site Scripting",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 -36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 -36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 +36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 +36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 -36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 +36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite 'page_id' Parameter Cross-Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 36047,platforms/php/webapps/36047.txt,"awiki 20100125 - Multiple Local File Inclusion",2011-08-15,muuratsalo,php,webapps,0 36048,platforms/php/webapps/36048.txt,"PHPList 2.10.x - Security Bypass / Information Disclosure",2011-08-15,"Davide Canali",php,webapps,0 36049,platforms/windows/remote/36049.html,"StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite",2011-08-17,"High-Tech Bridge SA",windows,remote,0 -36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (2)",2015-02-11,"dogo h@ck",windows,local,0 @@ -32517,7 +32517,7 @@ id,file,description,date,author,platform,type,port 36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 - 'rcID' Parameter Cross-Site Scripting",2011-08-22,"Aung Khant",php,webapps,0 36077,platforms/php/webapps/36077.txt,"Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-23,"Yassin Aboukir",php,webapps,0 36078,platforms/windows/remote/36078.py,"PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command",2015-02-14,R-73eN,windows,remote,0 -36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script 'txtsearch' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 +36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script - 'txtsearch' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36081,platforms/php/webapps/36081.txt,"VicBlog 'tag' Parameter SQL Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 @@ -32525,7 +32525,7 @@ id,file,description,date,author,platform,type,port 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / XSS",2015-02-16,"Kacper Szurek",php,webapps,0 -36087,platforms/php/webapps/36087.txt,"Fancybox for WordPress 3.0.2 - Stored XSS",2015-02-16,NULLpOint7r,php,webapps,0 +36087,platforms/php/webapps/36087.txt,"WordPress Fancybox 3.0.2 Plugin - Stored XSS",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 36090,platforms/php/webapps/36090.txt,"ClickCMS Denial of Service and CAPTCHA Bypass",2011-08-29,MustLive,php,webapps,0 36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 @@ -32600,7 +32600,7 @@ id,file,description,date,author,platform,type,port 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin Slide Show Pages URI XSS",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 -36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10_ WordPress 3.1.x_ DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 +36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / WordPress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 @@ -32626,7 +32626,7 @@ id,file,description,date,author,platform,type,port 36190,platforms/linux/dos/36190.txt,"SQLite3 3.8.6 - Controlled Memory Corruption PoC",2015-02-26,"Andras Kabai",linux,dos,0 36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36192,platforms/php/webapps/36192.txt,"A2CMS 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0 -36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 36196,platforms/php/webapps/36196.txt,"SonicWall Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 @@ -32678,7 +32678,7 @@ id,file,description,date,author,platform,type,port 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection / XSS",2015-03-03,ayastar,php,webapps,0 -36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 +36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 'segment' Parameter Cross-Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web component Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce - Remote File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 @@ -32730,7 +32730,7 @@ id,file,description,date,author,platform,type,port 36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 -36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 +36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 36303,platforms/php/webapps/36303.txt,"ProjectSend r561 - SQL Injection",2015-03-06,"ITAS Team",php,webapps,80 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 Remote Command Execution",2015-03-06,Metasploit,windows,remote,5555 @@ -32749,7 +32749,7 @@ id,file,description,date,author,platform,type,port 36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 36320,platforms/php/webapps/36320.txt,"Codoforum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 36321,platforms/php/webapps/36321.txt,"GeniXCMS 0.0.1 - Multiple Vulnerabilities",2015-03-10,LiquidWorm,php,webapps,80 -36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 +36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS - 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 36323,platforms/php/webapps/36323.txt,"WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 36324,platforms/php/webapps/36324.txt,"WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 36325,platforms/php/webapps/36325.txt,"WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 @@ -32831,7 +32831,7 @@ id,file,description,date,author,platform,type,port 36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 -36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 +36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0 @@ -32839,7 +32839,7 @@ id,file,description,date,author,platform,type,port 36414,platforms/php/webapps/36414.txt,"WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200 36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 -36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 +36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross-Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross-Site Scripting",2012-01-02,sonyy,php,webapps,0 36486,platforms/php/webapps/36486.txt,"Tienda Virtual 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 @@ -32894,7 +32894,7 @@ id,file,description,date,author,platform,type,port 36463,platforms/php/webapps/36463.txt,"Telescope 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 -36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 +36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 @@ -32967,7 +32967,7 @@ id,file,description,date,author,platform,type,port 36545,platforms/linux/dos/36545.txt,"Linux Kernel 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 -36548,platforms/java/webapps/36548.txt,"Contus Job Portal 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 +36548,platforms/java/webapps/36548.txt,"Contus Job Portal - 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting",2012-01-16,Atmon3r,php,webapps,0 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 @@ -32991,7 +32991,7 @@ id,file,description,date,author,platform,type,port 36573,platforms/php/webapps/36573.txt,"MMORPG Zone 'view_news.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36574,platforms/php/webapps/36574.txt,"Freelance Zone 'show_code.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36575,platforms/multiple/webapps/36575.py,"JBoss AS 3/4/5/6 - Remote Command Execution",2015-03-31,"João Filho Matos Figueiredo",multiple,webapps,0 -36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 +36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 36739,platforms/osx/local/36739.m,"Apple MAC OS X < 10.9/10 - Local Root Exploit",2015-04-13,mu-b,osx,local,0 36579,platforms/windows/remote/36579.rb,"Adobe Flash Player ByteArray With Workers Use After Free",2015-03-31,Metasploit,windows,remote,0 @@ -33028,10 +33028,10 @@ id,file,description,date,author,platform,type,port 36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injection",2015-04-02,"ITAS Team",php,webapps,80 -36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 -36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 +36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 +36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 -36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 +36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36619,platforms/linux/webapps/36619.txt,"Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal",2015-04-02,"Anastasios Monachos",linux,webapps,0 36621,platforms/php/webapps/36621.txt,"glFusion 1.x SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0 @@ -33052,7 +33052,7 @@ id,file,description,date,author,platform,type,port 36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0 36638,platforms/php/webapps/36638.txt,"Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 -36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 +36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component Multiple SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0 @@ -33083,7 +33083,7 @@ id,file,description,date,author,platform,type,port 36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 36669,platforms/linux/dos/36669.txt,"Apache APR - Hash Collision Denial Of Service",2012-01-05,"Moritz Muehlenhoff",linux,dos,0 36670,platforms/hardware/remote/36670.txt,"D-Link ShareCenter Products Multiple Remote Code Execution Vulnerabilities",2012-02-08,"Roberto Paleari",hardware,remote,0 -36671,platforms/php/webapps/36671.txt,"WordPress All In One WP Security & Firewall 3.9.0 - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 +36671,platforms/php/webapps/36671.txt,"WordPress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 36672,platforms/lin_x86/shellcode/36672.asm,"Linux/x86 - Egg-hunter shellcode (20 bytes)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36673,platforms/lin_x86/shellcode/36673.py,"Linux/x86 - Typewriter Shellcode (Generator)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - XSS",2015-04-08,"Kacper Szurek",php,webapps,80 @@ -33093,7 +33093,7 @@ id,file,description,date,author,platform,type,port 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 -36681,platforms/multiple/remote/36681.txt,"Apache MyFaces 'ln' Parameter Information Disclosure",2012-02-09,"Paul Nicolucci",multiple,remote,0 +36681,platforms/multiple/remote/36681.txt,"Apache MyFaces - 'ln' Parameter Information Disclosure",2012-02-09,"Paul Nicolucci",multiple,remote,0 36682,platforms/php/dos/36682.php,"PHP PDORow Object Remote Denial Of Service",2011-09-24,anonymous,php,dos,0 36683,platforms/php/webapps/36683.txt,"Dolibarr 3.x - 'adherents/fiche.php' SQL Injection",2012-02-10,"Benjamin Kunz Mejri",php,webapps,0 36684,platforms/java/webapps/36684.txt,"LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities",2012-02-10,anonymous,java,webapps,0 @@ -33145,9 +33145,9 @@ id,file,description,date,author,platform,type,port 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 - SQL Injection / CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 Plugin - SQL Injection / CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 -36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload",2015-04-13,"Claudio Viviani",php,webapps,0 +36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Shell Upload",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 @@ -33158,7 +33158,7 @@ id,file,description,date,author,platform,type,port 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 +36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 Plugin - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 36750,platforms/lin_x86/shellcode/36750.c,"Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) shellcode (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86,shellcode,0 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 @@ -33181,7 +33181,7 @@ id,file,description,date,author,platform,type,port 36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing DoS (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 -36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 +36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 Plugin - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 @@ -33202,17 +33202,17 @@ id,file,description,date,author,platform,type,port 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 -36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 +36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload",2015-04-21,Metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload",2015-04-21,Metasploit,php,remote,80 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Upload Plugin",2015-04-21,Metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Upload Plugin",2015-04-21,Metasploit,php,remote,80 36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Upload",2015-04-21,Metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload",2015-04-21,Metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Upload Plugin",2015-04-21,Metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 36814,platforms/osx/dos/36814.c,"Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 @@ -33240,7 +33240,7 @@ id,file,description,date,author,platform,type,port 36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution PoC",2015-04-27,"Jay Turla",multiple,remote,0 36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 -36844,platforms/php/webapps/36844.txt,"WordPress Core 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0 +36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS)",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 @@ -33311,7 +33311,7 @@ id,file,description,date,author,platform,type,port 36921,platforms/lin_x86/shellcode/36921.c,"Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - DoS POC",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS / CSRF / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent XSS / CSRF / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live Cross-Site Scripting and SQL Injection",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 @@ -33349,7 +33349,7 @@ id,file,description,date,author,platform,type,port 36949,platforms/php/webapps/36949.txt,"Xeams 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 36950,platforms/php/webapps/36950.txt,"Syncrify Server 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 36951,platforms/php/webapps/36951.txt,"SynaMan 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 +36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 @@ -33363,11 +33363,11 @@ id,file,description,date,author,platform,type,port 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 36974,platforms/cgi/webapps/36974.txt,"WebGlimpse 2.14.1/2.18.8 - 'webglimpse.cgi' Remote Command Injection",2012-03-20,"Kevin Perry",cgi,webapps,0 -36975,platforms/php/webapps/36975.txt,"ClassifiedsGeek.com Vacation Packages 'listing_search' Parameter SQL Injection",2012-03-19,r45c4l,php,webapps,0 +36975,platforms/php/webapps/36975.txt,"ClassifiedsGeek.com Vacation Packages - 'listing_search' Parameter SQL Injection",2012-03-19,r45c4l,php,webapps,0 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 -36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 +36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS - 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 -36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 +36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - File Upload",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - BOF Exploit",2015-05-11,evil_comrade,windows,local,0 @@ -33389,7 +33389,7 @@ id,file,description,date,author,platform,type,port 37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method XSS",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php param Parameter Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 -37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 +37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 Plugin - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 37004,platforms/php/webapps/37004.txt,"PHPCollab 2.5 - (deletetopics.php) SQL Injection",2015-05-13,Wadeek,php,webapps,0 37007,platforms/linux/remote/37007.txt,"AtMail 1.04 - Multiple Security Vulnerabilities",2012-03-22,"Yury Maryshev",linux,remote,0 37008,platforms/php/webapps/37008.txt,"Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting",2012-03-24,3spi0n,php,webapps,0 @@ -33446,7 +33446,7 @@ id,file,description,date,author,platform,type,port 37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 -37063,platforms/php/webapps/37063.txt,"WordPress TagGator 'tagid' Parameter - SQL Injection",2012-04-05,Am!r,php,webapps,0 +37063,platforms/php/webapps/37063.txt,"WordPress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 37064,platforms/win_x86-64/local/37064.py,"Windows 8.0 < 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058)",2015-05-19,ryujin,win_x86-64,local,0 37066,platforms/hardware/remote/37066.py,"Phoenix Contact ILC 150 ETH PLC Remote Control Script",2015-05-20,Photubias,hardware,remote,0 37067,platforms/php/webapps/37067.txt,"WordPress FeedWordPress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 @@ -33483,7 +33483,7 @@ id,file,description,date,author,platform,type,port 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"WordPress History Collection 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37254,platforms/php/webapps/37254.txt,"WordPress History Collection 1.1.1 Plugin - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 @@ -33496,7 +33496,7 @@ id,file,description,date,author,platform,type,port 37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 37110,platforms/java/webapps/37110.py,"Apache Jackrabbit WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 -37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 +37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 Stored XSS",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80 @@ -33545,7 +33545,7 @@ id,file,description,date,author,platform,type,port 37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 -37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer OverFlow PoC",2015-06-01,metacom,windows,remote,0 @@ -33555,7 +33555,7 @@ id,file,description,date,author,platform,type,port 37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0 37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 @@ -33581,13 +33581,13 @@ id,file,description,date,author,platform,type,port 37200,platforms/php/webapps/37200.txt,"WordPress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37205,platforms/php/webapps/37205.txt,"LongTail JW Player 'debug' Parameter Cross-Site Scripting",2012-05-16,gainover,php,webapps,0 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 -37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal and Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 @@ -33619,7 +33619,7 @@ id,file,description,date,author,platform,type,port 37239,platforms/windows/dos/37239.html,"Microsoft Internet Explorer 11 - Crash PoC (2)",2015-06-08,"Pawel Wylecial",windows,dos,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 -37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 +37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld detail.php - Blind Sql Injection",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 @@ -33658,8 +33658,8 @@ id,file,description,date,author,platform,type,port 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 37271,platforms/multiple/webapps/37271.txt,"Opsview 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80 37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,jsp,webapps,8080 -37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 -37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta - Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 Plugin - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Plugin - Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 37277,platforms/php/webapps/37277.txt,"concrete5 index.php/tools/required/files/search_dialog ocID Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37278,platforms/php/webapps/37278.txt,"concrete5 index.php/tools/required/files/customize_search_columns searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 37279,platforms/php/webapps/37279.txt,"concrete5 index.php/tools/required/files/search_results searchInstance Parameter XSS",2012-05-20,AkaStep,php,webapps,0 @@ -33715,7 +33715,7 @@ id,file,description,date,author,platform,type,port 37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 - .Gif Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 -37361,platforms/php/webapps/37361.txt,"WordPress Huge-IT Slider 2.7.5 - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 +37361,platforms/php/webapps/37361.txt,"WordPress Huge-IT Slider 2.7.5 Plugin - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 37362,platforms/lin_x86-64/shellcode/37362.c,"Linux/x86-64 - execve(/bin/sh) shellcode (30 bytes)",2015-06-24,"Bill Borskey",lin_x86-64,shellcode,0 37363,platforms/php/webapps/37363.txt,"GeniXCMS 0.0.3 - register.php SQL Injection",2015-06-24,cfreer,php,webapps,80 37364,platforms/php/webapps/37364.txt,"Joomla SimpleImageUpload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 @@ -33772,7 +33772,7 @@ id,file,description,date,author,platform,type,port 37416,platforms/java/webapps/37416.txt,"Squiz CMS Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 -37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 +37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 37420,platforms/php/webapps/37420.txt,"VANA CMS 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0 37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 37566,platforms/php/dos/37566.php,"PHP 5.4.3 PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 @@ -33805,7 +33805,7 @@ id,file,description,date,author,platform,type,port 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 -37452,platforms/php/webapps/37452.txt,"WordPress Flip Book - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 +37452,platforms/php/webapps/37452.txt,"WordPress Flip Book Plugin - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML-Injection Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33817,7 +33817,7 @@ id,file,description,date,author,platform,type,port 37461,platforms/php/webapps/37461.txt,"DigPHP 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",php,webapps,0 37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer '.avi' File Divide-By-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 -37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 +37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 37466,platforms/php/webapps/37466.php,"PHP-Fusion Advanced MP3 Player Infusion 'upload.php' Arbitrary File Upload",2012-06-28,"Sammy FORGIT",php,webapps,0 37467,platforms/jsp/webapps/37467.txt,"TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities",2012-06-28,"Rehan Ahmed",jsp,webapps,0 37468,platforms/php/webapps/37468.php,"JAKCMS PRO 2.2.6 'uploader.php' Arbitrary File Upload",2012-06-29,"Sammy FORGIT",php,webapps,0 @@ -33837,7 +33837,7 @@ id,file,description,date,author,platform,type,port 37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 +37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 37486,platforms/php/webapps/37486.txt,"sflog! 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 37487,platforms/multiple/dos/37487.txt,"Apache Sling Denial Of Service",2012-07-06,IOactive,multiple,dos,0 37488,platforms/asp/webapps/37488.txt,"WebsitePanel 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 @@ -33847,7 +33847,7 @@ id,file,description,date,author,platform,type,port 37492,platforms/ios/webapps/37492.txt,"WK UDID 1.0.1 iOS - Command Inject",2015-07-05,Vulnerability-Lab,ios,webapps,0 37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 -37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 +37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP Cross-Site Scripting and SQL Injection",2012-06-17,snup,php,webapps,0 37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 @@ -33930,7 +33930,7 @@ id,file,description,date,author,platform,type,port 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 37589,platforms/java/webapps/37589.txt,"ConcourseSuite Multiple Cross-Site Scripting and Cross Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 -37591,platforms/php/webapps/37591.php,"AraDown 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 +37591,platforms/php/webapps/37591.php,"AraDown - 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption PoC",2015-07-13,"SATHISH ARTHAR",windows,dos,0 37594,platforms/php/webapps/37594.txt,"Arab Portal 3 - SQL Injection",2015-07-13,"ali ahmady",php,webapps,80 @@ -33944,7 +33944,7 @@ id,file,description,date,author,platform,type,port 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 37603,platforms/php/webapps/37603.txt,"WordPress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 37604,platforms/php/webapps/37604.txt,"SO Planning 1.32 - Multiple Vulnerabilities",2015-07-13,"Huy-Ngoc DAU",php,webapps,80 -37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 - Authenticated Stored XSS",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 +37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Stored XSS",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 37607,platforms/windows/dos/37607.py,"Internet Download Manager - (.ief) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37608,platforms/windows/dos/37608.py,"Internet Download Manager - (Find Download) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37609,platforms/xml/webapps/37609.txt,"Pimcore CMS Build 3450 - Directory Traversal",2015-07-14,Portcullis,xml,webapps,0 @@ -34008,7 +34008,7 @@ id,file,description,date,author,platform,type,port 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"WordPress Finder - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 +37677,platforms/php/webapps/37677.txt,"WordPress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37679,platforms/php/webapps/37679.txt,"LibGuides Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0 @@ -34020,7 +34020,7 @@ id,file,description,date,author,platform,type,port 37686,platforms/multiple/webapps/37686.txt,"Hawkeye-G 3.0.1.4912 - CSRF",2015-07-24,hyp3rlinx,multiple,webapps,0 37687,platforms/php/webapps/37687.txt,"TomatoCart 'example_form.ajax.php' Cross-Site Scripting",2012-08-30,HauntIT,php,webapps,0 37689,platforms/asp/webapps/37689.txt,"XM Forum 'search.asp' SQL Injection",2012-08-30,Crim3R,asp,webapps,0 -37690,platforms/php/webapps/37690.txt,"Crowbar 'file' Parameter Multiple Cross-Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 +37690,platforms/php/webapps/37690.txt,"Crowbar - 'file' Parameter Multiple Cross-Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 37691,platforms/php/webapps/37691.txt,"SugarCRM Community Edition Multiple Information Disclosure Vulnerabilities",2012-08-31,"Brendan Coles",php,webapps,0 37692,platforms/multiple/dos/37692.pl,"aMSN Remote Denial of Service",2006-01-01,"Braulio Miguel Suarez Urquijo",multiple,dos,0 37693,platforms/php/webapps/37693.txt,"Sitemax Maestro SQL Injection and Local File Inclusion",2012-09-03,AkaStep,php,webapps,0 @@ -34034,8 +34034,8 @@ id,file,description,date,author,platform,type,port 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Local Privilege Escalation",2015-08-18,kpwn,osx,local,0 -37826,platforms/php/webapps/37826.txt,"WordPress Core 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 -37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37826,platforms/php/webapps/37826.txt,"WordPress 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 +37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 Plugin - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37752,platforms/php/webapps/37752.txt,"WordPress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37705,platforms/php/webapps/37705.txt,"WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80 37707,platforms/php/webapps/37707.txt,"WordPress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 @@ -34075,7 +34075,7 @@ id,file,description,date,author,platform,type,port 37741,platforms/osx/dos/37741.txt,"OSX Keychain - EXC_BAD_ACCESS DoS",2015-08-08,"Juan Sacco",osx,dos,0 37824,platforms/php/webapps/37824.txt,"WordPress WP Symposium Plugin 15.1 - SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 37743,platforms/linux/dos/37743.pl,"Brasero - Crash Proof Of Concept",2015-08-08,"Mohammad Reza Espargham",linux,dos,0 -37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 +37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 37749,platforms/lin_x86/shellcode/37749.c,"Linux/x86 - Egg Hunter Shellcode (19 bytes)",2015-08-10,"Guillaume Kaddouch",lin_x86,shellcode,0 37750,platforms/php/webapps/37750.txt,"WDS CMS - SQL Injection",2015-08-10,"Ismail Marzouk",php,webapps,80 37746,platforms/windows/remote/37746.py,"Netsparker 2.3.x - Remote Code Execution",2015-08-09,"Hesam Bazvand",windows,remote,0 @@ -34167,7 +34167,7 @@ id,file,description,date,author,platform,type,port 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injection",2012-09-21,"Ricardo Almeida",php,webapps,0 37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 -37835,platforms/php/webapps/37835.html,"WordPress - Cross Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 +37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin Cross Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 @@ -34233,7 +34233,7 @@ id,file,description,date,author,platform,type,port 37898,platforms/linux/local/37898.py,"Reaver Pro - Local Privilege Escalation",2012-09-30,infodox,linux,local,0 37899,platforms/php/webapps/37899.txt,"Switchvox Multiple HTML Injection Vulnerabilities",2012-10-02,"Ibrahim El-Sayed",php,webapps,0 37900,platforms/multiple/remote/37900.txt,"IBM Lotus Notes Traveler 8.5.1.x Multiple Input Validation Vulnerabilities",2012-09-28,MustLive,multiple,remote,0 -37901,platforms/php/webapps/37901.txt,"AlamFifa CMS 'user_name_cookie' Parameter SQL Injection",2012-09-30,L0n3ly-H34rT,php,webapps,0 +37901,platforms/php/webapps/37901.txt,"AlamFifa CMS - 'user_name_cookie' Parameter SQL Injection",2012-09-30,L0n3ly-H34rT,php,webapps,0 37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 37903,platforms/php/webapps/37903.txt,"Zenphoto 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 37904,platforms/php/webapps/37904.txt,"Omnistar Mailer Multiple SQL Injection and HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 @@ -34307,11 +34307,11 @@ id,file,description,date,author,platform,type,port 37989,platforms/php/webapps/37989.txt,"IP.Board 4.X - Stored XSS",2015-08-27,snop,php,webapps,0 37990,platforms/multiple/dos/37990.txt,"QEMU Programmable Interrupt Timer Controller Heap Overflow",2015-08-27,"Google Security Research",multiple,dos,0 37991,platforms/php/webapps/37991.txt,"WANem Multiple Cross-Site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 -37992,platforms/php/webapps/37992.txt,"CorePlayer 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 +37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 37993,platforms/php/webapps/37993.txt,"Joomla! 'com_quiz' Component SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 37994,platforms/php/webapps/37994.txt,"NetCat CMS Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 -37996,platforms/windows/remote/37996.txt,"Axigen Mail Server 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 +37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 @@ -34353,7 +34353,7 @@ id,file,description,date,author,platform,type,port 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 -38040,platforms/php/webapps/38040.txt,"ATutor 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 +38040,platforms/php/webapps/38040.txt,"ATutor - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x index.php Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x index.php Multiple Parameter XSS",2012-11-21,"High-Tech Bridge",php,webapps,0 @@ -34374,7 +34374,7 @@ id,file,description,date,author,platform,type,port 38058,platforms/ios/remote/38058.py,"Twitter for iPhone Man in the Middle Security",2012-11-23,"Carlos Reventlov",ios,remote,0 38059,platforms/bsd/dos/38059.c,"OpenBSD 4.x Portmap Remote Denial of Service",2012-11-22,auto236751,bsd,dos,0 38060,platforms/php/webapps/38060.txt,"WordPress Ads Box Plugin 'count' Parameter SQL Injection",2012-11-26,"Ashiyane Digital Security Team",php,webapps,0 -38061,platforms/php/webapps/38061.txt,"Beat Websites 'id' Parameter SQL Injection",2012-11-24,Metropolis,php,webapps,0 +38061,platforms/php/webapps/38061.txt,"Beat Websites - 'id' Parameter SQL Injection",2012-11-24,Metropolis,php,webapps,0 38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT 'a' Parameter Open Redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 38064,platforms/php/webapps/38064.txt,"WordPress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 @@ -34385,7 +34385,7 @@ id,file,description,date,author,platform,type,port 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - CSRF Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - CSRF",2015-09-02,"High-Tech Bridge SA",php,webapps,80 38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0 -38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 +38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 Plugin - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0 38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 38078,platforms/php/webapps/38078.py,"Elastix 'page' Parameter Cross-Site Scripting",2012-11-29,cheki,php,webapps,0 @@ -34442,7 +34442,7 @@ id,file,description,date,author,platform,type,port 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition Remote Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework search q Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 38142,platforms/php/webapps/38142.txt,"Hero Framework users/login username Parameter XSS",2012-12-24,"Stefan Schurtz",php,webapps,0 -38143,platforms/php/webapps/38143.txt,"cPanel 'account' Parameter Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 +38143,platforms/php/webapps/38143.txt,"cPanel - 'account' Parameter Cross-Site Scripting",2012-12-24,"Rafay Baloch",php,webapps,0 38144,platforms/php/webapps/38144.txt,"City Reviewer 'search.php' Script SQL Injection",2012-12-22,3spi0n,php,webapps,0 38145,platforms/linux/dos/38145.txt,"OpenLDAP 2.4.42 - ber_get_next Denial of Service",2015-09-11,"Denis Andzakovic",linux,dos,389 38146,platforms/windows/dos/38146.html,"Microsoft Internet Explorer 11 - Stack Underflow Crash PoC",2015-09-11,Mjx,windows,dos,0 @@ -34456,7 +34456,7 @@ id,file,description,date,author,platform,type,port 38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) /webmail/x3/mail/clientconf.html acct Parameter XSS",2012-12-27,"Christy Philip Mathew",php,webapps,0 38154,platforms/php/webapps/38154.txt,"cPanel detailbw.html Multiple Parameter XSS",2012-12-27,"Christy Philip Mathew",php,webapps,0 38155,platforms/php/webapps/38155.txt,"WHM 'filtername' Parameter Cross-Site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 -38156,platforms/php/webapps/38156.txt,"cPanel 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 +38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 38157,platforms/php/webapps/38157.txt,"WordPress Xerte Online Plugin 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 38158,platforms/php/webapps/38158.txt,"WordPress Shopping Cart Plugin for WordPress /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38159,platforms/php/webapps/38159.txt,"WordPress Shopping Cart Plugin for WordPress /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 @@ -34664,7 +34664,7 @@ id,file,description,date,author,platform,type,port 38372,platforms/php/webapps/38372.html,"Question2Answer Cross Site Request Forgery",2013-03-01,MustLive,php,webapps,0 38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 38374,platforms/php/webapps/38374.txt,"SWFUpload Multiple Content Spoofing And Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 -38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 +38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 38376,platforms/php/webapps/38376.txt,"WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 38377,platforms/php/webapps/38377.txt,"Privoxy Proxy Authentication Information Disclosure Vulnerabilities",2013-03-11,"Chris John Riley",php,webapps,0 38379,platforms/windows/webapps/38379.txt,"FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities",2015-10-02,hyp3rlinx,windows,webapps,0 @@ -34700,7 +34700,7 @@ id,file,description,date,author,platform,type,port 38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory Multiple Cross-Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 -38415,platforms/asp/webapps/38415.txt,"C2 WebResource 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 +38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 @@ -34859,7 +34859,7 @@ id,file,description,date,author,platform,type,port 38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 38583,platforms/hardware/remote/38583.html,"Sony CH and DH Series IP Cameras Multiple Cross Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras Cross Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 -38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 +38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin Security Bypass",2013-06-14,felipensp,multiple,remote,0 38588,platforms/php/webapps/38588.php,"bloofoxCMS 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 @@ -34897,7 +34897,7 @@ id,file,description,date,author,platform,type,port 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe Information Disclosure and Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 -38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 +38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0 38624,platforms/php/webapps/38624.txt,"WordPress WP Feed Plugin 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 @@ -34930,7 +34930,7 @@ id,file,description,date,author,platform,type,port 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 - PHP Upload",2015-11-09,Metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - CSRF",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 @@ -34965,7 +34965,7 @@ id,file,description,date,author,platform,type,port 38694,platforms/windows/remote/38694.txt,"HTC Sync Manager Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 38695,platforms/php/webapps/38695.txt,"CakePHP AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x Cross-Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 -38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 +38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 - 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - CSRF",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit",2015-11-16,LiquidWorm,windows,local,0 @@ -35015,7 +35015,7 @@ id,file,description,date,author,platform,type,port 38745,platforms/php/webapps/38745.txt,"Xibo 'layout' Parameter HTML Injection",2013-08-21,"Jacob Holcomb",php,webapps,0 38746,platforms/php/webapps/38746.html,"Xibo Cross Site Request Forgery",2013-08-21,"Jacob Holcomb",php,webapps,0 38747,platforms/windows/dos/38747.py,"Pwstore Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 -38748,platforms/php/webapps/38748.txt,"dBlog CMS 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 +38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 @@ -35050,7 +35050,7 @@ id,file,description,date,author,platform,type,port 38779,platforms/multiple/dos/38779.py,"Abuse HTTP Server Remote Denial of Service",2013-09-30,"Zico Ekel",multiple,dos,0 38780,platforms/php/webapps/38780.txt,"SilverStripe Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 38783,platforms/php/webapps/38783.php,"WordPress Woopra Analytics Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 -38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 +38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) - 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 38785,platforms/php/webapps/38785.pl,"vBulletin 4.1.x - '/install/upgrade.php' Security Bypass",2013-10-13,"Joshua Rogers",php,webapps,0 38786,platforms/php/webapps/38786.txt,"Ziteman CMS Login Page SQL Injection",2013-10-10,"Ashiyane Digital Security Team",php,webapps,0 38787,platforms/windows/dos/38787.txt,"Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption",2015-11-23,"Francis Provencher",windows,dos,0 @@ -35358,7 +35358,7 @@ id,file,description,date,author,platform,type,port 39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 -39110,platforms/php/webapps/39110.txt,"Cory Jobs Search 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 +39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 39112,platforms/linux/local/39112.txt,"QNX Phgrafx File Enumeration Weakness",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 @@ -35436,7 +35436,7 @@ id,file,description,date,author,platform,type,port 39184,platforms/hardware/webapps/39184.txt,"MediaAccess TG788vn - Unauthenticated File Disclosure",2016-01-06,0x4148,hardware,webapps,0 39185,platforms/lin_x86-64/shellcode/39185.c,"Linux/x86-64 - TCP Reverse Shell with Password Prompt shellcode (151 bytes)",2016-01-06,"Sathish kumar",lin_x86-64,shellcode,0 39186,platforms/multiple/remote/39186.pl,"UPS Web/SNMP-Manager CS121 Authentication Bypass",2014-05-15,jkmac,multiple,remote,0 -39187,platforms/asp/webapps/39187.txt,"CIS Manager 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 +39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX Multiple SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 @@ -35482,7 +35482,7 @@ id,file,description,date,author,platform,type,port 39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 -39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery 1.9.1 - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 +39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery 1.9.1 Plugin - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS - SQL Injection / Arbitrary File Upload",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 39240,platforms/php/webapps/39240.txt,"WordPress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 @@ -35512,7 +35512,7 @@ id,file,description,date,author,platform,type,port 39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443 39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 -39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 +39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress options-general.php Option Manipulation CSRF",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0 @@ -35531,7 +35531,7 @@ id,file,description,date,author,platform,type,port 39285,platforms/linux/local/39285.py,"xWPE 1.5.30a-2.1 - Local Buffer Overflow",2016-01-21,"Juan Sacco",linux,local,0 39287,platforms/php/webapps/39287.txt,"WordPress WP Content Source Control Plugin 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 -39289,platforms/php/webapps/39289.txt,"ArticleFR 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 +39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module Cross Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin 'admin-ajax.php' - Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0