bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2016-09-18

Browse source
This commit is contained in:
Offensive Security 2016-09-18 05:06:48 +00:00
parent 4aa6d571e7
commit c663f43049
2 changed files with 105 additions and 139 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

211
files.csv
View file

@ -124,9 +124,9 @@ id,file,description,date,author,platform,type,port
125,platforms/bsd/local/125.c,"OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0
126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80
127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (WebServer)",2003-11-22,nesumin,windows,remote,0
129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC) (1)",2003-12-02,"Christophe Devine",linux,local,0
129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC)",2003-12-02,"Christophe Devine",linux,local,0
130,platforms/windows/remote/130.c,"Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0
131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (2)",2003-12-05,"Wojciech Purczynski",linux,local,0
131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation",2003-12-05,"Wojciech Purczynski",linux,local,0
132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure",2003-12-06,m00,linux,remote,80
133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow / Denial of Service",2003-12-15,"Peter Winter-Smith",windows,remote,80
134,platforms/hp-ux/local/134.c,"HP-UX B11.11 - /usr/bin/ct Local Format String Privilege Escalation",2003-12-16,watercloud,hp-ux,local,0
@ -381,7 +381,7 @@ id,file,description,date,author,platform,type,port
406,platforms/php/webapps/406.pl,"phpMyWebhosting - SQL Injection",2004-08-20,"Noam Rathaus",php,webapps,0
407,platforms/cgi/webapps/407.txt,"AWStats 5.0 < 6.3 - Input Validation Hole in 'logfile'",2004-08-21,"Johnathan Bat",cgi,webapps,0
408,platforms/linux/remote/408.c,"Qt - '.bmp' Parsing Bug Heap Overflow",2004-08-21,infamous41md,linux,remote,0
409,platforms/bsd/remote/409.c,"BSD (TelnetD) - Remote Root Exploit",2001-06-09,Teso,bsd,remote,23
409,platforms/bsd/remote/409.c,"BSD TelnetD - Remote Root Exploit (1)",2001-06-09,Teso,bsd,remote,23
411,platforms/linux/local/411.c,"Sendmail 8.11.x (Linux/i386) - Exploit",2001-01-01,sd,linux,local,0
413,platforms/linux/remote/413.c,"MusicDaemon 0.0.3 - Remote Denial of Service / /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0
416,platforms/linux/remote/416.c,"Hafiye 1.0 - Remote Terminal Escape Sequence Injection",2004-08-25,"Serkan Akpolat",linux,remote,0
@ -515,9 +515,9 @@ id,file,description,date,author,platform,type,port
664,platforms/windows/dos/664.c,"Ipswitch WS_FTP Server 5.03 - MKD Remote Buffer Overflow",2004-11-29,NoPh0BiA,windows,dos,0
665,platforms/windows/dos/665.c,"Orbz Game 2.10 - Remote Buffer Overflow",2004-11-29,"Luigi Auriemma",windows,dos,0
667,platforms/windows/dos/667.c,"Jana Server 2.4.4 - (http/pna) Denial of Service",2004-11-30,"Luigi Auriemma",windows,dos,0
668,platforms/windows/remote/668.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (1)",2004-11-30,JohnH,windows,remote,143
668,platforms/windows/remote/668.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)",2004-11-30,JohnH,windows,remote,143
669,platforms/linux/local/669.c,"Aspell (word-list-compress) - Command Line Stack Overflow",2004-12-01,c0d3r,linux,local,0
670,platforms/windows/remote/670.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)",2004-12-01,JohnH,windows,remote,143
670,platforms/windows/remote/670.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)",2004-12-01,JohnH,windows,remote,143
671,platforms/windows/dos/671.c,"Neverwinter Nights special - Fake Players Denial of Service",2004-12-01,"Luigi Auriemma",windows,dos,0
672,platforms/windows/dos/672.c,"Kreed 1.05 - Format String / Denial of Service",2004-12-02,"Luigi Auriemma",windows,dos,0
673,platforms/php/webapps/673.cgi,"phpBB 2.0.10 - Remote Command Execution (CGI)",2004-12-03,ZzagorR,php,webapps,0
@ -732,7 +732,7 @@ id,file,description,date,author,platform,type,port
910,platforms/php/webapps/910.pl,"phpBB 2.0.13 - 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0
911,platforms/linux/dos/911.c,"Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service",2005-04-04,"Daniel McNeil",linux,dos,0
912,platforms/windows/local/912.c,"GetDataBack Data Recovery 2.31 - Local Exploit",2005-04-04,Kozan,windows,local,0
913,platforms/linux/local/913.pl,"Aeon 0.2a - Local Linux Exploit (Perl) (1)",2005-04-05,lammat,linux,local,0
913,platforms/linux/local/913.pl,"Aeon 0.2a - Local Linux Exploit (1)",2005-04-05,lammat,linux,local,0
914,platforms/linux/local/914.c,"Aeon 0.2a - Local Linux Exploit (2)",2005-04-05,patr0n,linux,local,0
915,platforms/linux/remote/915.c,"MailEnable Enterprise 1.x - Imapd Remote Exploit",2005-04-05,Expanders,linux,remote,143
916,platforms/windows/dos/916.pl,"MailEnable Enterprise 1.x - SMTP Remote Denial of Service",2005-04-05,CorryL,windows,dos,0
@ -953,7 +953,7 @@ id,file,description,date,author,platform,type,port
1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000
1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445
1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,1761
1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,143
1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (1)",2005-08-12,anonymous,windows,remote,143
1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)",2005-08-12,anonymous,windows,remote,8008
1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone - Denial of Service",2005-08-12,"Pierre Kroma",hardware,dos,0
1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Privilege Escalation",2005-08-16,"Charles Stevenson",linux,local,0
@ -1148,7 +1148,7 @@ id,file,description,date,author,platform,type,port
1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x - Remote Code Execution (PoC)",2005-12-15,"Mariano Nuñez",windows,remote,0
1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105
1376,platforms/windows/dos/1376.c,"Microsoft IIS - Malformed HTTP Request Denial of Service (1)",2005-12-19,Kozan,windows,dos,0
1377,platforms/windows/dos/1377.pl,"Microsoft IIS - Malformed HTTP Request Denial of Service (Perl) (2)",2005-12-19,kokanin,windows,dos,0
1377,platforms/windows/dos/1377.pl,"Microsoft IIS - Malformed HTTP Request Denial of Service (2)",2005-12-19,kokanin,windows,dos,0
1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow",2005-12-19,muts,windows,remote,0
1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Arbitrary Remote Code Execution",2005-12-20,rgod,php,webapps,0
1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow",2005-12-20,muts,windows,remote,143
@ -1240,7 +1240,7 @@ id,file,description,date,author,platform,type,port
1493,platforms/php/webapps/1493.php,"EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0
1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0
1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (3)",2006-02-14,darkeagle,windows,local,0
1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0
1496,platforms/hardware/dos/1496.c,"D-Link (Wireless Access Point) - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0
1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - (title_op) SQL Injection",2006-02-14,x128,php,webapps,0
1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injections",2006-02-15,"HACKERS PAL",php,webapps,0
1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0
@ -1600,7 +1600,7 @@ id,file,description,date,author,platform,type,port
1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - (fileroot) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0
1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0
1888,platforms/php/webapps/1888.txt,"Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0
1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0
1889,platforms/hardware/remote/1889.txt,"D-Link (DWL Series) Access-Point 2.10na - Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0
1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0
1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion",2006-06-08,Kacper,php,webapps,0
1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0
@ -2131,7 +2131,7 @@ id,file,description,date,author,platform,type,port
2432,platforms/php/webapps/2432.txt,"BrudaNews 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0
2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0
2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Inclusion",2006-09-25,SHiKaA,php,webapps,0
2435,platforms/php/webapps/2435.txt,"WEB//NEWS 1.4 - (parser.php) Remote File Inclusion",2006-09-26,ThE-WoLf-KsA,php,webapps,0
2435,platforms/php/webapps/2435.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (1)",2006-09-26,ThE-WoLf-KsA,php,webapps,0
2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Inclusion",2006-09-26,Drago84,php,webapps,0
2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion",2006-09-26,Kacper,php,webapps,0
2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion",2006-09-26,D_7J,php,webapps,0
@ -2154,7 +2154,7 @@ id,file,description,date,author,platform,type,port
2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion",2006-09-29,Kacper,php,webapps,0
2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection",2006-09-29,Trex,php,webapps,0
2457,platforms/php/webapps/2457.php,"UBB.Threads 6.5.1.1 - (doeditconfig.php) Code Execution",2006-09-29,"HACKERS PAL",php,webapps,0
2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl) (1)",2006-09-29,"YAG KOHHA",windows,remote,0
2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (1)",2006-09-29,"YAG KOHHA",windows,remote,0
2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Inclusion",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0
2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (2)",2006-09-29,LukeHack,windows,remote,0
2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion",2006-09-30,Drago84,php,webapps,0
@ -2419,7 +2419,7 @@ id,file,description,date,author,platform,type,port
2725,platforms/php/webapps/2725.txt,"Cyberfolio 2.0 RC1 - (av) Remote File Inclusion",2006-11-06,the_day,php,webapps,0
2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Inclusion",2006-11-06,the_day,php,webapps,0
2727,platforms/php/webapps/2727.txt,"OpenEMR 2.8.1 - (srcdir) Multiple Remote File Inclusion",2006-11-06,the_day,php,webapps,0
2728,platforms/php/webapps/2728.txt,"Article Script 1.6.3 - 'rss.php' SQL Injection",2006-11-06,Liz0ziM,php,webapps,0
2728,platforms/php/webapps/2728.txt,"Article Script 1.6.3 - 'rss.php' SQL Injection (1)",2006-11-06,Liz0ziM,php,webapps,0
2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049
2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0
2731,platforms/php/webapps/2731.pl,"iPrimal Forums - 'admin/index.php' Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0
@ -2461,7 +2461,7 @@ id,file,description,date,author,platform,type,port
2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - 'baseDir' Remote File Inclusion",2006-11-12,v1per-haCker,php,webapps,0
2768,platforms/php/webapps/2768.txt,"ContentNow 1.30 - (Local File Inclusion / Arbitrary File Upload / Delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0
2769,platforms/php/webapps/2769.php,"Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion",2006-11-13,Kacper,php,webapps,0
2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0
2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (1) (Metasploit)",2006-11-13,"H D Moore",windows,remote,0
2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0
2772,platforms/asp/webapps/2772.htm,"Online Event Registration 2.0 - (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0
2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager 1.3 - 'default.asp' Login Bypass",2006-11-13,ajann,asp,webapps,0
@ -2743,7 +2743,7 @@ id,file,description,date,author,platform,type,port
3064,platforms/multiple/remote/3064.rb,"Apple QuickTime - (rtsp URL Handler) Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0
3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0
3066,platforms/asp/webapps/3066.txt,"NewsCMSLite - 'newsCMS.mdb' Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0
3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (Perl) (2)",2007-01-01,"Jacopo Cervini",windows,remote,25
3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (2)",2007-01-01,"Jacopo Cervini",windows,remote,25
3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0
3069,platforms/osx/dos/3069.pl,"VideoLAN VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0
3070,platforms/osx/local/3070.pl,"VideoLAN VLC Media Player 0.8.6 (x86) - (udp://) Format String",2007-01-02,MoAB,osx,local,0
@ -2795,7 +2795,7 @@ id,file,description,date,author,platform,type,port
3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Execution",2007-01-12,rgod,php,webapps,0
3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0
3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0
3119,platforms/windows/dos/3119.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-12,shinnai,windows,dos,0
3119,platforms/windows/dos/3119.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)",2007-01-12,shinnai,windows,dos,0
3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection",2007-01-12,chernobiLe,php,webapps,0
3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - 'common.php' Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0
3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection",2007-01-13,ajann,asp,webapps,0
@ -3039,7 +3039,7 @@ id,file,description,date,author,platform,type,port
3365,platforms/php/webapps/3365.txt,"FCRing 1.31 - (fcring.php s_fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0
3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow (Perl) (2)",2007-02-24,"Umesh Wanve",windows,local,0
3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow (2)",2007-02-24,"Umesh Wanve",windows,local,0
3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - 'functions.php' Remote File Inclusion",2007-02-24,"Mehmet Ince",php,webapps,0
3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Blind SQL Injection",2007-02-24,s0cratex,php,webapps,0
3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Inclusion",2007-02-24,burncycle,php,webapps,0
@ -4010,7 +4010,7 @@ id,file,description,date,author,platform,type,port
4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger - Remote Registry Key Manipulation Exploit",2007-09-03,rgod,windows,remote,0
4358,platforms/php/webapps/4358.txt,"STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0
4359,platforms/multiple/dos/4359.txt,"Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC)",2007-09-03,"David Vaartjes",multiple,dos,0
4360,platforms/windows/remote/4360.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0
4360,platforms/windows/remote/4360.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (1) (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0
4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0
4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Traversal",2007-09-04,Katatafish,linux,remote,0
4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0
@ -4950,7 +4950,7 @@ id,file,description,date,author,platform,type,port
5310,platforms/php/webapps/5310.txt,"Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection",2008-03-25,cO2,php,webapps,0
5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - SQL Injection",2008-03-25,girex,php,webapps,0
5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 - (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0
5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0
5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0
5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow",2008-03-26,muts,windows,remote,69
5315,platforms/windows/remote/5315.py,"Quick TFTP Pro 2.1 - Remote SEH Overflow",2008-03-26,muts,windows,remote,69
5316,platforms/windows/dos/5316.py,"PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service",2008-03-26,muts,windows,dos,0
@ -5138,7 +5138,7 @@ id,file,description,date,author,platform,type,port
5499,platforms/php/webapps/5499.txt,"siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-04-26,"Khashayar Fereidani",php,webapps,0
5500,platforms/php/webapps/5500.txt,"PostNuke Module pnFlashGames 2.5 - SQL Injection",2008-04-26,Kacper,php,webapps,0
5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - Remote File Inclusion",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0
5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) SQL Injection",2008-04-26,U238,php,webapps,0
5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - 'postview.php' SQL Injection (1)",2008-04-26,U238,php,webapps,0
5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple SQL Injections",2008-04-26,U238,asp,webapps,0
5504,platforms/php/webapps/5504.txt,"PHP Forge 3 Beta 2 - 'id' SQL Injection",2008-04-26,JIKO,php,webapps,0
5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 - SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0
@ -5372,8 +5372,8 @@ id,file,description,date,author,platform,type,port
5743,platforms/php/webapps/5743.txt,"Joomla! Component SimpleShop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0
5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0
5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0
5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow (1)",2008-06-05,shinnai,windows,remote,0
5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow (2)",2008-06-05,shinnai,windows,remote,0
5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (1)",2008-06-05,shinnai,windows,remote,0
5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (2)",2008-06-05,shinnai,windows,remote,0
5748,platforms/php/webapps/5748.txt,"Joomla! Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0
5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash",2008-06-05,"Armando Oliveira",multiple,dos,0
5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0
@ -5550,7 +5550,7 @@ id,file,description,date,author,platform,type,port
5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload",2008-06-23,Stack,php,webapps,0
5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection",2008-06-24,K-159,php,webapps,0
5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injections",2008-06-24,"CWH Underground",php,webapps,0
5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0
5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0
5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0
5928,platforms/php/webapps/5928.txt,"HiveMaker Directory - 'index.php cid' SQL Injection",2008-06-24,"security fears team",php,webapps,0
5929,platforms/php/webapps/5929.txt,"E-topbiz ViralDX 2.07 - (adclick.php bannerid) SQL Injection",2008-06-24,"Hussin X",php,webapps,0
@ -5723,7 +5723,7 @@ id,file,description,date,author,platform,type,port
6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0
6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0
6105,platforms/asp/webapps/6105.pl,"HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0
6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (Perl) (2)",2008-07-21,"Guido Landi",windows,local,0
6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (2)",2008-07-21,"Guido Landi",windows,local,0
6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 - (help.php) Local File Inclusion",2008-07-21,DSecRG,php,webapps,0
6108,platforms/cgi/webapps/6108.pl,"MojoClassifieds 2.0 - Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0
6109,platforms/cgi/webapps/6109.pl,"MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0
@ -5733,7 +5733,7 @@ id,file,description,date,author,platform,type,port
6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-21,ldma,php,webapps,0
6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - 'pid' SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0
6115,platforms/php/webapps/6115.txt,"EZWebAlbum - Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0
6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (Perl)",2008-07-22,"Guido Landi",windows,remote,0
6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow",2008-07-22,"Guido Landi",windows,remote,0
6117,platforms/php/webapps/6117.txt,"YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0
6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution",2008-07-22,Koshi,windows,remote,0
6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll - 'default.asp catid' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0
@ -6467,7 +6467,7 @@ id,file,description,date,author,platform,type,port
6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0
6897,platforms/php/webapps/6897.txt,"cpanel 11.x - Cross-Site Scripting / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0
6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0
6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 and WL54AP2 - Cross-Site Request Forgery / Cross-Site Scripting",2008-10-31,"Henri Lindberg",hardware,remote,0
6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 / WL54AP2 - Cross-Site Request Forgery / Cross-Site Scripting",2008-10-31,"Henri Lindberg",hardware,remote,0
6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0
6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0
6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0
@ -7079,7 +7079,7 @@ id,file,description,date,author,platform,type,port
7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0
7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation",2008-12-21,"NT Internals",windows,local,0
7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0
7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0
7535,platforms/hardware/dos/7535.php,"Linksys WAG54G v2 (Wireless ADSL Router) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0
7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0
7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0
7538,platforms/php/webapps/7538.txt,"Joomla! Component com_hbssearch 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0
@ -8202,7 +8202,7 @@ id,file,description,date,author,platform,type,port
8692,platforms/php/webapps/8692.txt,"MRCGIGUY SimpLISTic SQL 2.0.0 - Insecure Cookie Handling",2009-05-14,"ThE g0bL!N",php,webapps,0
8694,platforms/php/webapps/8694.txt,"MRCGIGUY Top Sites 1.0.0 - Insecure Cookie Handling",2009-05-14,"ThE g0bL!N",php,webapps,0
8695,platforms/multiple/dos/8695.txt,"Eggdrop/Windrop 1.6.19 - ctcpbuf Remote Crash",2009-05-15,"Thomas Sader",multiple,dos,0
8696,platforms/hardware/remote/8696.txt,"D-Link Products - Captcha Bypass",2009-05-15,"SourceSec Dev Team",hardware,remote,0
8696,platforms/hardware/remote/8696.txt,"Multiple D-Link Products - Captcha Bypass",2009-05-15,"SourceSec Dev Team",hardware,remote,0
8697,platforms/php/webapps/8697.txt,"Joomla! Component ArtForms 2.1 b7 - Remote File Inclusion",2009-05-15,iskorpitx,php,webapps,0
8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow",2009-05-15,hack4love,windows,local,0
8699,platforms/php/webapps/8699.php,"Harland Scripts 11 - Products Remote Command Execution",2009-05-15,G4N0K,php,webapps,0
@ -8306,7 +8306,7 @@ id,file,description,date,author,platform,type,port
8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Authentication Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0
8804,platforms/windows/remote/8804.py,"Soulseek 157 NS - Remote Buffer Overflow (SEH)",2009-05-26,His0k4,windows,remote,2242
8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0
8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Perl) (2)",2009-05-26,ka0x,windows,remote,0
8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (2)",2009-05-26,ka0x,windows,remote,0
8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0
8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0
8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin",2009-05-26,x.CJP.x,php,webapps,0
@ -8333,7 +8333,7 @@ id,file,description,date,author,platform,type,port
8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - 'id' SQL Injection",2009-05-29,Qabandi,php,webapps,0
8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0
8832,platforms/windows/dos/8832.php,"ICQ 6.5 - URL Search Hook (Windows Explorer) Remote Buffer Overflow (PoC)",2009-06-01,Nine:Situations:Group,windows,dos,0
8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0
8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 - Web Management Console Arbitrary Command Execution",2009-06-01,Securitum,hardware,local,0
8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection",2009-06-01,Br0ly,php,webapps,0
8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray)",2009-06-01,His0k4,windows,remote,0
8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0
@ -8694,7 +8694,7 @@ id,file,description,date,author,platform,type,port
9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - SQL Injection / Blind SQL Injection",2009-07-20,"599eme Man",php,webapps,0
9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash",2009-07-20,prodigy,windows,dos,0
9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - '.m3u' Local Heap Overflow (PoC)",2009-07-20,"D3V!L FUCK3R",windows,dos,0
9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl) (2)",2009-07-20,netsoul,windows,remote,0
9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (2)",2009-07-20,netsoul,windows,remote,0
9215,platforms/windows/local/9215.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0
9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0
9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0
@ -9322,7 +9322,7 @@ id,file,description,date,author,platform,type,port
9937,platforms/multiple/remote/9937.rb,"RealServer 7-9 - Describe Buffer Overflow (Metasploit)",2002-12-20,"H D Moore",multiple,remote,0
9939,platforms/php/remote/9939.rb,"PHP < 4.5.0 - Unserialize Overflow (Metasploit)",2007-03-01,sesser,php,remote,0
9940,platforms/linux/remote/9940.rb,"ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)",2001-04-04,patrick,linux,remote,123
9941,platforms/multiple/remote/9941.rb,"Veritas NetBackup - Remote Command Execution (Metasploit)",2004-10-21,patrick,multiple,remote,0
9941,platforms/multiple/remote/9941.rb,"Veritas NetBackup - Remote Command Execution (Metasploit) (1)",2004-10-21,patrick,multiple,remote,0
9942,platforms/multiple/remote/9942.rb,"HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit)",2001-02-28,"H D Moore",multiple,remote,5555
9943,platforms/multiple/remote/9943.rb,"Apple QuickTime for Java 7 - Memory Access (Metasploit)",2007-04-23,"H D Moore",multiple,remote,0
9944,platforms/multiple/remote/9944.rb,"Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit)",2008-10-23,egypt,multiple,remote,0
@ -9405,9 +9405,9 @@ id,file,description,date,author,platform,type,port
10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 - Command Injection",2009-07-20,"H D Moore",linux,remote,80
10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection (Metasploit)",2007-09-17,patrick,cgi,webapps,443
10032,platforms/linux/remote/10032.rb,"Unreal Tournament 2004 - 'Secure' Overflow Exploit (Metasploit)",2004-07-18,onetwo,linux,remote,7787
10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter - Command Execution (Metasploit)",2001-09-01,"H D Moore",irix,remote,515
10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter - Command Execution (Metasploit) (1)",2001-09-01,"H D Moore",irix,remote,515
10034,platforms/hp-ux/remote/10034.rb,"HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution (Metasploit)",2002-08-28,"H D Moore",hp-ux,remote,515
10035,platforms/bsd/remote/10035.rb,"Xtacacsd 4.1.2 - report Buffer Overflow (Metasploit)",2008-01-08,MC,bsd,remote,49
10035,platforms/bsd/remote/10035.rb,"Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (1)",2008-01-08,MC,bsd,remote,49
10036,platforms/solaris/remote/10036.rb,"System V Derived /bin/login - Extraneous Arguments Buffer Overflow (modem based) (Metasploit)",2001-12-12,I)ruid,solaris,remote,0
10037,platforms/cgi/remote/10037.rb,"Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)",2004-08-19,skape,cgi,remote,0
10038,platforms/linux/local/10038.txt,"proc File - Descriptors Directory Permissions Bypass",2009-10-23,"Pavel Machek",linux,local,0
@ -9649,7 +9649,7 @@ id,file,description,date,author,platform,type,port
10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0
10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0
10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0
10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,remote,0
10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (1)",2009-12-09,dookie,windows,remote,0
10366,platforms/php/webapps/10366.txt,"Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection",2009-12-10,kaMtiEz,php,webapps,0
10367,platforms/php/webapps/10367.txt,"Joomla! Component com_jphoto - 'id' SQL Injection",2009-12-10,kaMtiEz,php,webapps,0
10368,platforms/asp/webapps/10368.txt,"Free ASP Upload - Arbitrary File Upload",2009-12-10,Mr.aFiR,asp,webapps,0
@ -9779,7 +9779,7 @@ id,file,description,date,author,platform,type,port
40306,platforms/php/dos/40306.php,"PHP 5.0.0 - 'xmldocfile()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0
40307,platforms/multiple/dos/40307.txt,"Adobe Flash - Selection.setFocus Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0
10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Bypass",2009-12-17,bi0,php,webapps,0
10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload",2009-12-17,Stink,php,webapps,0
10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (1)",2009-12-17,Stink,php,webapps,0
10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET - SQL Bypass",2009-12-17,bi0,asp,webapps,0
10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0
10527,platforms/php/webapps/10527.txt,"ReVou Software - SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0
@ -10206,7 +10206,7 @@ id,file,description,date,author,platform,type,port
11096,platforms/asp/webapps/11096.txt,"ABB 1.1 - Forum Remote Database Disclosure",2010-01-10,"ViRuSMaN ",asp,webapps,0
11097,platforms/asp/webapps/11097.txt,"Egreetings 1.0b - Remote Database Disclosure",2010-01-10,"ViRuSMaN ",asp,webapps,0
11098,platforms/asp/webapps/11098.txt,"E-membres 1.0 - Remote Database Disclosure",2010-01-10,"ViRuSMaN ",asp,webapps,0
11101,platforms/hardware/webapps/11101.txt,"D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0
11101,platforms/hardware/webapps/11101.txt,"Multiple D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0
11103,platforms/windows/dos/11103.html,"VideoLAN VLC Media Player 0.8.6i - ActiveX Denial of Service (PoC)",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0
11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x - Arbitrary File Upload",2010-01-11,Cyber_945,php,webapps,0
11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & SP4 - Denial of Service",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0
@ -10249,12 +10249,12 @@ id,file,description,date,author,platform,type,port
11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass",2010-01-16,"cr4wl3r ",php,webapps,0
11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass",2010-01-16,"cr4wl3r ",php,webapps,0
11159,platforms/php/webapps/11159.txt,"DasForum - (layout) Local File Inclusion",2010-01-16,"cr4wl3r ",php,webapps,0
11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH)",2010-01-16,Red-D3v1L,windows,local,0
11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (1)",2010-01-16,Red-D3v1L,windows,local,0
11162,platforms/php/webapps/11162.txt,"CLONEBID B2B Marketplace - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0
11163,platforms/php/webapps/11163.txt,"ITechSctipts Alibaba Clone - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0
11164,platforms/php/webapps/11164.txt,"Ebay Clone from clone2009 - SQL Injection",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0
11165,platforms/windows/dos/11165.pl,"MediaMonkey Player - Local Denial of Service",2010-01-17,Red-D3v1L,windows,dos,0
11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload",2010-01-17,Stink',php,webapps,0
11166,platforms/php/webapps/11166.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (2)",2010-01-17,Stink',php,webapps,0
11167,platforms/windows/remote/11167.py,"Microsoft Internet Explorer 6 - Aurora Exploit",2010-01-17,"Ahmed Obied",windows,remote,0
11168,platforms/php/webapps/11168.txt,"Joomla! Component com_pc - Local File Inclusion",2010-01-17,Pyske,php,webapps,0
11169,platforms/php/webapps/11169.txt,"Max's Image Uploader - Arbitrary File Upload",2010-01-17,indoushka,php,webapps,0
@ -10474,7 +10474,7 @@ id,file,description,date,author,platform,type,port
11429,platforms/php/webapps/11429.txt,"Vito CMS - SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0
11430,platforms/php/webapps/11430.txt,"southburn Web - 'products.php' SQL Injection",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0
11431,platforms/php/webapps/11431.txt,"MRW PHP Upload - Arbitrary File Upload",2010-02-13,Phenom,php,webapps,0
11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0
11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - Denial of Service (1)",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0
11434,platforms/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,php,webapps,0
11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0
11437,platforms/php/webapps/11437.txt,"ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities",2010-02-13,"ViRuSMaN ",php,webapps,0
@ -10610,7 +10610,7 @@ id,file,description,date,author,platform,type,port
11587,platforms/php/webapps/11587.txt,"ProMan 0.1.1 - Multiple File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0
11588,platforms/php/webapps/11588.txt,"phpMySite - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2010-02-27,Crux,php,webapps,0
11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings - SQL Injection",2010-02-27,Crux,asp,webapps,0
11590,platforms/multiple/dos/11590.php,"Mozilla Firefox 3.6 - Denial of Service",2010-02-27,Ale46,multiple,dos,0
11590,platforms/multiple/dos/11590.php,"Mozilla Firefox 3.6 - Denial of Service (2)",2010-02-27,Ale46,multiple,dos,0
11592,platforms/php/webapps/11592.txt,"Scripts Feed Business Directory - SQL Injection",2010-02-27,Crux,php,webapps,0
11593,platforms/php/webapps/11593.txt,"Uiga Fan Club 1.0 - (Authentication Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0
11595,platforms/php/webapps/11595.php,"Joomla! Component com_paxgallery - Blind Injection",2010-02-27,snakespc,php,webapps,0
@ -11090,7 +11090,7 @@ id,file,description,date,author,platform,type,port
12138,platforms/php/webapps/12138.txt,"Joomla! Component com_Ca - SQL Injection",2010-04-10,DigitALL,php,webapps,0
12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine - SQL Injection",2010-04-10,indoushka,php,webapps,0
12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0
12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - Local File Inclusion",2010-04-11,"Amoo Arash",php,webapps,0
12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS - Local File Inclusion (1)",2010-04-11,"Amoo Arash",php,webapps,0
12142,platforms/php/webapps/12142.txt,"Joomla! Component TweetLA! - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
12143,platforms/php/webapps/12143.txt,"Joomla! Component Ticketbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
12144,platforms/php/webapps/12144.txt,"Joomla! Component JA Job Board - Multiple Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0
@ -12462,7 +12462,7 @@ id,file,description,date,author,platform,type,port
14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0
14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 - Blind SQL Injection",2010-07-02,"Salvatore Fresta",php,webapps,0
14160,platforms/php/webapps/14160.txt,"Interscan Web Security 5.0 - Permanent Cross-Site Scripting",2010-07-01,"Ivan Huertas",php,webapps,0
14177,platforms/linux/webapps/14177.txt,"Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting",2010-07-02,"Marcos Garcia and Maximiliano Soler",linux,webapps,0
14177,platforms/linux/webapps/14177.txt,"Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)",2010-07-02,"Marcos Garcia and Maximiliano Soler",linux,webapps,0
14162,platforms/php/webapps/14162.txt,"iScripts EasySnaps 2.0 - Multiple SQL Injections",2010-07-01,"Salvatore Fresta",php,webapps,0
14176,platforms/php/webapps/14176.c,"iScripts Socialware 2.2.x - Arbitrary File Upload",2010-07-02,"Salvatore Fresta",php,webapps,0
14166,platforms/php/webapps/14166.txt,"Bit Weaver 2.7 - Local File Inclusion",2010-07-02,"John Leitch",php,webapps,0
@ -12647,7 +12647,7 @@ id,file,description,date,author,platform,type,port
14391,platforms/php/webapps/14391.txt,"Subrion Auto Classifieds - Persistent Cross-Site Scripting",2010-07-17,Sid3^effects,php,webapps,0
14392,platforms/php/webapps/14392.txt,"Kayako eSupport 3.70.02 - SQL Injection",2010-07-17,Sid3^effects,php,webapps,0
14393,platforms/php/webapps/14393.txt,"Calendarix - 'cal_cat.php' SQL Injection",2010-07-17,SixP4ck3r,php,webapps,0
14394,platforms/php/webapps/14394.txt,"Joomla! Component com_spa - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0
14394,platforms/php/webapps/14394.txt,"Joomla! Component com_spa - SQL Injection (2)",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0
14395,platforms/php/webapps/14395.txt,"Joomla! Component com_staticxt - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0
14397,platforms/windows/local/14397.rb,"MoreAmp - Buffer Overflow (SEH) (Metasploit)",2010-07-17,Madjix,windows,local,0
14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - 'functions.php' SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0
@ -12669,7 +12669,7 @@ id,file,description,date,author,platform,type,port
14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption",2010-07-20,"Elazar Broad",windows,remote,0
14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script - SQL Injection",2010-07-20,v0calist,asp,webapps,0
14422,platforms/multiple/dos/14422.c,"libpng 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0
14423,platforms/php/webapps/14423.txt,"Joomla! Component com_spa - SQL Injection",2010-07-20,"ALTBTA ",php,webapps,0
14423,platforms/php/webapps/14423.txt,"Joomla! Component com_spa - SQL Injection (1)",2010-07-20,"ALTBTA ",php,webapps,0
14424,platforms/windows/dos/14424.txt,"Lithtech Engine - Memory Corruption",2010-07-20,"Luigi Auriemma",windows,dos,0
14425,platforms/php/webapps/14425.txt,"PHP Chat for 123 Flash Chat - Remote File Inclusion",2010-07-20,"HaCkEr arar",php,webapps,0
14426,platforms/php/webapps/14426.pl,"Imagine-cms 2.50 - SQL Injection",2010-07-21,Metropolis,php,webapps,0
@ -12843,7 +12843,7 @@ id,file,description,date,author,platform,type,port
14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)",2010-08-14,fdiskyou,windows,dos,0
14647,platforms/php/webapps/14647.php,"PHP-Fusion - Local File Inclusion",2010-08-15,MoDaMeR,php,webapps,0
14648,platforms/php/webapps/14648.txt,"Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0
14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH)",2010-08-15,dijital1,windows,local,0
14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - Buffer Overflow (SEH) (2)",2010-08-15,dijital1,windows,local,0
14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0
14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0
14655,platforms/php/webapps/14655.txt,"Joomla! Component com_equipment - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0
@ -13608,14 +13608,14 @@ id,file,description,date,author,platform,type,port
15663,platforms/windows/local/15663.py,"Mediacoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0
15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0
15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0
15666,platforms/hardware/webapps/15666.txt,"D-Link Router (Multiple Models) - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0
15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Routers (Multiple Models) - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0
15668,platforms/windows/remote/15668.html,"Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0
15669,platforms/windows/dos/15669.py,"MediaMonkey 3.2.4.1304 - (mp3) Buffer Overflow (PoC)",2010-12-04,0v3r,windows,dos,0
15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0
15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0
15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - 'showbrand.aspx' SQL Injection",2010-12-04,Mormoroth,asp,webapps,0
15674,platforms/windows/dos/15674.rb,"TFTPUtil GUI 1.4.5 - Denial of Service (Metasploit)",2010-12-04,"Vuk Ivanovic",windows,dos,0
15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Router - Cross-Site Request Forgery",2010-12-04,"Martin Barbella",hardware,webapps,0
15675,platforms/hardware/webapps/15675.txt,"Multiple Linksys Routers - Cross-Site Request Forgery",2010-12-04,"Martin Barbella",hardware,webapps,0
15676,platforms/multiple/dos/15676.txt,"Wireshark - LDSS Dissector Buffer Overflow",2010-12-04,"Nephi Johnson",multiple,dos,0
15677,platforms/asp/webapps/15677.txt,"T-Dreams Cars Ads Package 2.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0
15678,platforms/asp/webapps/15678.txt,"T-Dreams Job Seekers Package 3.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0
@ -14098,7 +14098,7 @@ id,file,description,date,author,platform,type,port
16286,platforms/multiple/remote/16286.rb,"RealServer - Describe Buffer Overflow (Metasploit)",2010-08-07,Metasploit,multiple,remote,0
16287,platforms/multiple/remote/16287.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2010-11-11,Metasploit,multiple,remote,0
16289,platforms/linux/remote/16289.rb,"Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (Metasploit)",2010-02-11,Metasploit,linux,remote,0
16290,platforms/multiple/remote/16290.rb,"VERITAS NetBackup - Remote Command Execution (Metasploit)",2010-10-09,Metasploit,multiple,remote,0
16290,platforms/multiple/remote/16290.rb,"Veritas NetBackup - Remote Command Execution (Metasploit) (2)",2010-10-09,Metasploit,multiple,remote,0
16291,platforms/multiple/remote/16291.rb,"HP OpenView OmniBack II - Command Execution (Metasploit)",2010-09-20,Metasploit,multiple,remote,0
16292,platforms/multiple/remote/16292.rb,"Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)",2010-11-24,Metasploit,multiple,remote,0
16293,platforms/multiple/remote/16293.rb,"Sun Java - Calendar Deserialization Exploit (Metasploit)",2010-09-20,Metasploit,multiple,remote,0
@ -14195,7 +14195,7 @@ id,file,description,date,author,platform,type,port
16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0
16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0
16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)",2010-07-03,Metasploit,hardware,remote,0
16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (2) (Metasploit)",2010-07-03,Metasploit,hardware,remote,0
16388,platforms/hardware/remote/16388.rb,"NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)",2010-07-03,Metasploit,hardware,remote,0
16389,platforms/windows/remote/16389.rb,"Omni-NFS Server - Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0
16390,platforms/windows/remote/16390.rb,"Energizer DUO Trojan Code - Execution (Metasploit)",2010-09-20,Metasploit,windows,remote,0
@ -14251,7 +14251,7 @@ id,file,description,date,author,platform,type,port
16440,platforms/windows/remote/16440.rb,"Firebird Relational Database - isc_attach_database() Buffer Overflow (Metasploit)",2010-07-03,Metasploit,windows,remote,0
16441,platforms/windows/remote/16441.rb,"POP Peeper 3.4 - DATE Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0
16442,platforms/windows/remote/16442.rb,"Microsoft DirectX DirectShow - SAMI Buffer Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0
16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit)",2010-08-25,Metasploit,windows,remote,0
16443,platforms/windows/remote/16443.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)",2010-08-25,Metasploit,windows,remote,0
16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16445,platforms/windows/remote/16445.rb,"Bopup Communications Server - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client (Windows) - Buffer Overflow (Metasploit)",2010-10-09,Metasploit,windows,remote,0
@ -14285,7 +14285,7 @@ id,file,description,date,author,platform,type,port
16474,platforms/windows/remote/16474.rb,"Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)",2010-07-01,Metasploit,windows,remote,0
16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,0
16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)",2010-06-22,Metasploit,windows,remote,0
16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)",2010-06-22,Metasploit,windows,remote,0
16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16480,platforms/windows/remote/16480.rb,"MailEnable - IMAPD W3C Logging Buffer Overflow (Metasploit)",2010-06-15,Metasploit,windows,remote,0
@ -14312,7 +14312,7 @@ id,file,description,date,author,platform,type,port
16501,platforms/windows/remote/16501.rb,"Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)",2010-09-21,Metasploit,windows,remote,0
16502,platforms/windows/remote/16502.rb,"IBM Lotus Domino Web Access Upload Module - Buffer Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use-After-Free (1)",2010-04-30,Metasploit,windows,local,0
16504,platforms/windows/local/16504.rb,"Adobe - util.printf() Buffer Overflow (1)",2010-05-03,Metasploit,windows,local,0
16504,platforms/windows/local/16504.rb,"Adobe - 'util.printf()' Buffer Overflow (1)",2010-05-03,Metasploit,windows,local,0
16505,platforms/windows/remote/16505.rb,"Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16506,platforms/windows/remote/16506.rb,"Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (Metasploit)",2010-07-16,Metasploit,windows,remote,0
16507,platforms/windows/remote/16507.rb,"Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,remote,0
@ -14432,7 +14432,7 @@ id,file,description,date,author,platform,type,port
16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow (Metasploit)",2010-12-16,Metasploit,windows,local,0
16622,platforms/windows/local/16622.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2)",2010-09-25,Metasploit,windows,local,0
16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use-After-Free (2)",2010-09-25,Metasploit,windows,local,0
16624,platforms/windows/local/16624.rb,"Adobe - util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0
16624,platforms/windows/local/16624.rb,"Adobe - 'util.printf()' Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0
16625,platforms/windows/local/16625.rb,"Microsoft Excel - Malformed FEATHEADER Record (Metasploit)",2010-09-25,Metasploit,windows,local,0
16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - '.pls' Stack Buffer Overflow (Metasploit)",2010-01-28,Metasploit,windows,local,0
16627,platforms/windows/local/16627.rb,"UltraISO - '.cue' File Parsing Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0
@ -14497,7 +14497,7 @@ id,file,description,date,author,platform,type,port
16686,platforms/windows/local/16686.rb,"Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0
16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,Metasploit,windows,local,0
16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - '.pls' Stack Buffer Overflow (Metasploit)",2010-11-24,Metasploit,windows,local,0
16689,platforms/windows/remote/16689.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,23
16689,platforms/windows/remote/16689.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (2) (Metasploit)",2010-04-30,Metasploit,windows,remote,23
16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,80
16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy - Host Header Overflow (Metasploit)",2010-07-12,Metasploit,windows,remote,80
16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,3128
@ -14662,7 +14662,7 @@ id,file,description,date,author,platform,type,port
16851,platforms/linux/remote/16851.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow (Metasploit)",2011-01-09,Metasploit,linux,remote,0
16852,platforms/linux/remote/16852.rb,"ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow (Metasploit)",2011-01-09,Metasploit,linux,remote,0
16853,platforms/linux/remote/16853.rb,"Berlios GPSD - Format String (Metasploit)",2010-04-30,Metasploit,linux,remote,0
16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit)",2010-09-24,Metasploit,hardware,remote,0
16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 (Access Point) - apply.cgi Buffer Overflow (Metasploit)",2010-09-24,Metasploit,hardware,remote,0
16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow (Metasploit)",2010-09-20,Metasploit,linux,remote,0
16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)",2010-07-07,Metasploit,cgi,webapps,0
16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)",2010-10-05,Metasploit,cgi,webapps,0
@ -14685,9 +14685,9 @@ id,file,description,date,author,platform,type,port
16874,platforms/osx/remote/16874.rb,"Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)",2010-10-09,Metasploit,osx,remote,0
16875,platforms/osx/remote/16875.rb,"Samba (OSX) - lsa_io_trans_names Heap Overflow (Metasploit)",2010-04-05,Metasploit,osx,remote,0
16876,platforms/osx_ppc/remote/16876.rb,"Samba (OSX/PPC) - trans2open Overflow (Metasploit)",2010-06-21,Metasploit,osx_ppc,remote,0
16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution (Metasploit)",2010-10-06,Metasploit,irix,remote,0
16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution (Metasploit) (2)",2010-10-06,Metasploit,irix,remote,0
16878,platforms/linux/remote/16878.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit)",2010-12-02,Metasploit,linux,remote,0
16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow (Metasploit)",2010-05-09,Metasploit,freebsd,remote,0
16879,platforms/freebsd/remote/16879.rb,"Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (2)",2010-05-09,Metasploit,freebsd,remote,0
16880,platforms/linux/remote/16880.rb,"Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)",2010-06-17,Metasploit,linux,remote,0
16881,platforms/php/webapps/16881.rb,"Cacti - graph_view.php Remote Command Execution (Metasploit)",2010-07-03,Metasploit,php,webapps,0
16882,platforms/php/webapps/16882.rb,"PHP XML-RPC - Arbitrary Code Execution (Metasploit)",2010-07-25,Metasploit,php,webapps,0
@ -15041,7 +15041,7 @@ id,file,description,date,author,platform,type,port
17289,platforms/php/webapps/17289.txt,"frame-oshop - SQL Injection",2011-05-15,-SmoG-,php,webapps,0
17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player 2.6.0 / 2.7.0 - Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0
17291,platforms/windows/dos/17291.py,"Steam Software - Denial of Service",2011-05-16,david.r.klein,windows,dos,0
17292,platforms/php/webapps/17292.txt,"MediaInSpot CMS - Local File Inclusion",2011-05-16,"wlhaan haker",php,webapps,0
17292,platforms/php/webapps/17292.txt,"MediaInSpot CMS - Local File Inclusion (2)",2011-05-16,"wlhaan haker",php,webapps,0
17293,platforms/php/webapps/17293.txt,"MediaInSpot CMS - SQL Injection",2011-05-16,"Iolo Morganwg",php,webapps,0
17294,platforms/windows/local/17294.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow",2011-05-16,sinfulsecurity,windows,local,0
17295,platforms/php/webapps/17295.txt,"Vanilla Forum 2.0.17.9 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0
@ -15217,7 +15217,7 @@ id,file,description,date,author,platform,type,port
17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,remote,0
17499,platforms/windows/local/17499.rb,"CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,local,0
17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 / 2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0
17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U - Denial of Service/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0
17501,platforms/hardware/dos/17501.py,"D-Link DSL-2650U - Denial of Service/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0
17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - '.mppl' Stack Buffer Overflow (Metasploit)",2011-07-07,Metasploit,windows,local,0
17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure",2011-07-07,@ygoltsev,jsp,webapps,0
17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0
@ -15449,7 +15449,7 @@ id,file,description,date,author,platform,type,port
17777,platforms/windows/local/17777.rb,"Apple QuickTime - PICT PnSize Buffer Overflow (Metasploit)",2011-09-03,Metasploit,windows,local,0
17778,platforms/php/webapps/17778.txt,"WordPress Plugin Zotpress 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0
17779,platforms/php/webapps/17779.txt,"WordPress Plugin oQey Gallery 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0
17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0
17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (1)",2011-09-05,blake,windows,local,0
17781,platforms/windows/dos/17781.pl,"World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0
17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection",2011-09-05,J.O,php,webapps,0
17783,platforms/windows/local/17783.pl,"ZipX 1.71 - '.ZIP' File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0
@ -16048,7 +16048,7 @@ id,file,description,date,author,platform,type,port
18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator 1.5.1 - Local Heap Overflow (PoC)",2012-02-22,"Julien Ahrens",windows,dos,0
18508,platforms/php/webapps/18508.txt,"LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0
18513,platforms/php/webapps/18513.txt,"DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0
18509,platforms/hardware/webapps/18509.html,"Dlink DCS series - Cross-Site Request Forgery (Change Admin Password)",2012-02-22,rigan,hardware,webapps,0
18509,platforms/hardware/webapps/18509.html,"D-Link DCS Series - Cross-Site Request Forgery (Change Admin Password)",2012-02-22,rigan,hardware,webapps,0
18510,platforms/windows/webapps/18510.txt,"WebcamXP and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0
18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B - Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0
18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0
@ -16891,7 +16891,7 @@ id,file,description,date,author,platform,type,port
19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0
19793,platforms/php/webapps/19793.txt,"Magento eCommerce - Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0
19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)",2012-07-01,Metasploit,windows,local,0
19520,platforms/bsd/remote/19520.txt,"BSD TelnetD - Remote Root Exploit",2012-07-01,kingcope,bsd,remote,0
19520,platforms/bsd/remote/19520.txt,"BSD TelnetD - Remote Root Exploit (2)",2012-07-01,kingcope,bsd,remote,0
19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0
19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0
19523,platforms/linux/local/19523.txt,"python-wrapper - Untrusted Search Path/Code Execution",2012-07-02,ShadowHatesYou,linux,local,0
@ -17601,7 +17601,7 @@ id,file,description,date,author,platform,type,port
20260,platforms/php/webapps/20260.txt,"Islamnt Islam Forum Script 1.2 - Blind SQL Injection",2012-08-05,s3n4t00r,php,webapps,0
20543,platforms/windows/local/20543.rb,"Microsoft Windows - Service Trusted Path Privilege Escalation (Metasploit)",2012-08-15,Metasploit,windows,local,0
20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload (Metasploit)",2012-08-15,Metasploit,php,remote,0
20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR Bypass",2012-08-05,pole,windows,local,0
20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (2)",2012-08-05,pole,windows,local,0
20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 - Permissions File Manipulation",1995-03-02,"Larry Glaze",irix,local,0
20265,platforms/windows/local/20265.txt,"Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request",2000-10-03,"BindView's Razor Team",windows,local,0
20266,platforms/windows/remote/20266.txt,"Microsoft Virtual Machine 2000/3100/3200/3300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution",2000-10-05,"Marcin Jackowski",windows,remote,0
@ -18441,9 +18441,9 @@ id,file,description,date,author,platform,type,port
21145,platforms/multiple/remote/21145.nasl,"IBM HTTP Server 1.3.x - Source Code Disclosure",2001-11-08,"Felix Huber",multiple,remote,0
21150,platforms/unix/local/21150.c,"Rational ClearCase 3.2/4.x - DB Loader TERM Environment Variable Buffer Overflow",2001-11-09,virtualcat,unix,local,0
21151,platforms/linux/remote/21151.txt,"Horde IMP 2.2.x - Session Hijacking",2001-11-09,"Joao Pedro Goncalves",linux,remote,0
21152,platforms/linux/remote/21152.c,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (1)",2001-11-15,Indigo,linux,remote,0
21153,platforms/windows/remote/21153.c,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (2)",2001-11-15,Indigo,windows,remote,0
21154,platforms/multiple/remote/21154.pl,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (3)",2001-11-15,Sapient2003,multiple,remote,0
21152,platforms/linux/remote/21152.c,"ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (1)",2001-11-15,Indigo,linux,remote,0
21153,platforms/windows/remote/21153.c,"ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (2)",2001-11-15,Indigo,windows,remote,0
21154,platforms/multiple/remote/21154.pl,"ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (3)",2001-11-15,Sapient2003,multiple,remote,0
21155,platforms/php/remote/21155.txt,"Network Tool 0.2 PHP-Nuke Addon - MetaCharacter Filtering Command Execution",2001-11-16,"Cabezon Aurélien",php,remote,0
21156,platforms/windows/remote/21156.txt,"Opera 5.0/5.1 - Same Origin Policy Circumvention",2001-11-15,"Georgi Guninski",windows,remote,0
21157,platforms/php/webapps/21157.txt,"bharat Mediratta Gallery 1.1/1.2 - Directory Traversal",2001-11-19,"Cabezon Aurelien",php,webapps,0
@ -21399,7 +21399,7 @@ id,file,description,date,author,platform,type,port
24199,platforms/php/webapps/24199.txt,"Invision Power Board 1.3 - SSI.php Cross-Site Scripting",2004-06-14,"IMAN Sharafoddin",php,webapps,0
24200,platforms/windows/local/24200.txt,"Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass",2004-06-14,"Tan Chew Keong",windows,local,0
24201,platforms/php/webapps/24201.txt,"PHP-Charts - Arbitrary PHP Code Execution",2013-01-18,AkaStep,php,webapps,0
24202,platforms/hardware/webapps/24202.txt,"linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0
24202,platforms/hardware/webapps/24202.txt,"Linksys WRT54GL (Firmware 4.30.15 build 2) - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0
24203,platforms/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0
24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0
24205,platforms/linux/remote/24205.txt,"Novell NCP - Unauthenticated Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0
@ -21643,7 +21643,7 @@ id,file,description,date,author,platform,type,port
24450,platforms/freebsd/dos/24450.txt,"FreeBSD 9.1 ftpd - Remote Denial of Service",2013-02-05,"Maksymilian Arciemowicz",freebsd,dos,0
24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 - Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0
24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - (config.php question Parameter) SQL Injection",2013-02-05,kallimero,php,webapps,0
24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 and DIR-300 (rev B) - Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0
24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 / DIR-300 (rev B) - Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0
24454,platforms/php/webapps/24454.txt,"Free Monthly Websites 2.0 - Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0
24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK - unique_service_name() Remote Code Execution (Metasploit)",2013-02-05,Metasploit,unix,remote,0
24456,platforms/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0
@ -21730,7 +21730,7 @@ id,file,description,date,author,platform,type,port
24560,platforms/php/webapps/24560.txt,"doorGets CMS - Cross-Site Request Forgery",2013-03-01,n0pe,php,webapps,0
24561,platforms/php/webapps/24561.txt,"Piwigo 2.4.6 - Multiple Vulnerabilities",2013-03-01,"High-Tech Bridge SA",php,webapps,0
24562,platforms/php/webapps/24562.txt,"PHP-Fusion 7.02.05 - Multiple Vulnerabilities",2013-03-01,waraxe,php,webapps,0
24563,platforms/hardware/webapps/24563.txt,"D-Link DSL-2740B - (ADSL Router) Authentication Bypass",2013-03-04,"Ivano Binetti",hardware,webapps,0
24563,platforms/hardware/webapps/24563.txt,"D-Link DSL-2740B (ADSL Router) - Authentication Bypass",2013-03-04,"Ivano Binetti",hardware,webapps,0
24564,platforms/php/webapps/24564.txt,"Nconf 1.3 - Multiple SQL Injections",2013-03-04,"Saadi Siddiqui",php,webapps,0
24565,platforms/php/webapps/24565.txt,"SiteCubed MailWorks Professional - Authentication Bypass",2004-09-02,"Paul Craig",php,webapps,0
24566,platforms/php/webapps/24566.txt,"CuteNews 0.88/1.3.x - 'index.php' Cross-Site Scripting",2004-09-02,Exoduks,php,webapps,0
@ -22111,7 +22111,7 @@ id,file,description,date,author,platform,type,port
24952,platforms/windows/dos/24952.py,"AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service",2013-04-12,xis_one,windows,dos,69
24953,platforms/php/webapps/24953.txt,"Free Monthly Websites 2.0 - Admin Password Change",2013-04-12,"Yassin Aboukir",php,webapps,0
24954,platforms/php/webapps/24954.txt,"Simple HRM System 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0
24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 - / DIR-815 diagnostic.php Command Execution (Metasploit)",2013-04-12,Metasploit,hardware,remote,0
24956,platforms/hardware/remote/24956.rb,"D-Link DIR-645 / DIR-815 - diagnostic.php Command Execution (Metasploit)",2013-04-12,Metasploit,hardware,remote,0
24958,platforms/windows/remote/24958.py,"MinaliC WebServer 2.0.0 - Buffer Overflow",2013-04-15,superkojiman,windows,remote,0
24959,platforms/php/webapps/24959.txt,"CMSLogik 1.2.1 - Multiple Vulnerabilities",2013-04-15,LiquidWorm,php,webapps,0
24960,platforms/php/webapps/24960.txt,"phpVms Virtual Airline Administration 2.1.934 / 2.1.935 - SQL Injection",2013-04-15,NoGe,php,webapps,0
@ -22749,7 +22749,7 @@ id,file,description,date,author,platform,type,port
25605,platforms/php/webapps/25605.txt,"WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0
25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection",2013-05-21,drone,php,webapps,0
25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution Buffer Overflow",2013-05-21,xis_one,windows,local,0
25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection (Metasploit)",2013-05-21,Metasploit,hardware,remote,80
25608,platforms/hardware/remote/25608.rb,"Linksys WRT160N v2 - apply.cgi Remote Command Injection (Metasploit)",2013-05-21,Metasploit,hardware,remote,80
25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h - OS Command Injection (Metasploit)",2013-05-21,Metasploit,hardware,remote,80
25611,platforms/windows/dos/25611.txt,"Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0
30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 - Parameter Multiple Remote File Inclusion",2007-05-28,"Hasadya Raed",php,webapps,0
@ -23528,7 +23528,7 @@ id,file,description,date,author,platform,type,port
26392,platforms/php/webapps/26392.txt,"phpMyAdmin 2.x - queryframe.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0
26393,platforms/php/webapps/26393.txt,"phpMyAdmin 2.x - server_databases.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0
26394,platforms/php/webapps/26394.txt,"MWChat 6.8 - chat.php SQL Injection",2005-05-21,rgod,php,webapps,0
26395,platforms/php/webapps/26395.txt,"Basic Analysis And Security Engine 1.2 - Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0
26395,platforms/php/webapps/26395.txt,"Basic Analysis and Security Engine (BASE) 1.2 - Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0
26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 - usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0
26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 - GameID Parameter SQL Injection",2005-10-26,almaster,php,webapps,0
26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x - Image Cross-Site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0
@ -24116,7 +24116,6 @@ id,file,description,date,author,platform,type,port
26984,platforms/php/webapps/26984.txt,"IceWarp Universal WebMail - /mail/include.html Crafted HTTP_USER_AGENT Arbitrary File Access",2005-12-27,"Tan Chew Keong",php,webapps,0
26985,platforms/windows/dos/26985.txt,"Microsoft Internet Explorer 5.0.1 - HTML Parsing Denial of Service",2005-12-27,"Christian Deneke",windows,dos,0
26986,platforms/cfm/webapps/26986.txt,"PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting",2005-12-23,r0t3d3Vil,cfm,webapps,0
40384,platforms/java/webapps/40384.txt,"Apache Mina 2.0.13 - Remote Command Execution",2016-09-15,"Gregory Draperi",java,webapps,0
26987,platforms/java/webapps/26987.txt,"FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-27,r0t3d3Vil,java,webapps,0
26988,platforms/php/webapps/26988.txt,"Koobi 5.0 - BBCode URL Tag Script Injection",2005-12-28,"kurdish hackers team",php,webapps,0
26989,platforms/php/webapps/26989.txt,"GMailSite 1.0.x - Cross-Site Scripting",2005-12-29,Lostmon,php,webapps,0
@ -24684,7 +24683,7 @@ id,file,description,date,author,platform,type,port
27571,platforms/php/webapps/27571.txt,"SKForum 1.x - area.View.action areaID Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0
27572,platforms/php/webapps/27572.txt,"SKForum 1.x - planning.View.action time Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0
27573,platforms/php/webapps/27573.txt,"SKForum 1.x - user.View.action userID Parameter Cross-Site Scripting",2006-04-06,r0t,php,webapps,0
27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 - PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0
27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0
27575,platforms/php/webapps/27575.txt,"MD News 1 - admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0
27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 - PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0
27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5 - Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0
@ -25789,7 +25788,7 @@ id,file,description,date,author,platform,type,port
29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0
28718,platforms/freebsd/local/28718.c,"FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation",2013-10-04,CurcolHekerLink,freebsd,local,0
28719,platforms/php/webapps/28719.txt,"Joomla! Component VirtueMart Joomla! eCommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0
28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - parser.php Remote File Inclusion",2006-09-27,ThE-WoLf-KsA,php,webapps,0
28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (2)",2006-09-27,ThE-WoLf-KsA,php,webapps,0
28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0
28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - process_login.php Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0
28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80
@ -25958,7 +25957,7 @@ id,file,description,date,author,platform,type,port
28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion",2006-11-07,navairum,php,webapps,0
28900,platforms/php/webapps/28900.txt,"ac4p Mobile - 'index.php' Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0
28901,platforms/php/webapps/28901.txt,"ac4p Mobile - MobileNews.php Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0
28902,platforms/php/webapps/28902.txt,"ac4p Mobile - polls.php Multiple Parameter Cross-Site Scripting (1)",2006-11-03,AL-garnei,php,webapps,0
28902,platforms/php/webapps/28902.txt,"ac4p Mobile - 'polls.php' Multiple Parameter Cross-Site Scripting (1)",2006-11-03,AL-garnei,php,webapps,0
28903,platforms/php/webapps/28903.txt,"ac4p Mobile - send.php cats Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0
28904,platforms/php/webapps/28904.txt,"ac4p Mobile - up.php Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0
28905,platforms/php/webapps/28905.txt,"ac4p Mobile - cp/index.php pagenav Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0
@ -25970,7 +25969,7 @@ id,file,description,date,author,platform,type,port
28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 - UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0
28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 - Install.php3 Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0
28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 - NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0
28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - 'rss.php' SQL Injection",2006-11-06,Liz0ziM,php,webapps,0
28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 - 'rss.php' SQL Injection (2)",2006-11-06,Liz0ziM,php,webapps,0
28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0
28912,platforms/linux/dos/28912.txt,"Linux Kernel 2.6.x - 'ISO9660' Denial of Service",2006-11-05,LMH,linux,dos,0
28917,platforms/php/webapps/28917.txt,"AIOCP 1.3.x - 'cp_forum_view.php' Multiple Parameter Cross-Site Scripting",2006-11-06,"laurent gaffie",php,webapps,0
@ -26271,7 +26270,7 @@ id,file,description,date,author,platform,type,port
29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0
29224,platforms/asp/webapps/29224.txt,"UApplication Uguestbook 1.0 - index.asp SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0
29225,platforms/php/webapps/29225.txt,"ac4p Mobile - up.php Taaa Parameter Cross-Site Scripting",2006-12-04,SwEET-DeViL,php,webapps,0
29226,platforms/php/webapps/29226.txt,"ac4p Mobile - polls.php Multiple Parameter Cross-Site Scripting (2)",2006-12-04,SwEET-DeViL,php,webapps,0
29226,platforms/php/webapps/29226.txt,"ac4p Mobile - 'polls.php' Multiple Parameter Cross-Site Scripting (2)",2006-12-04,SwEET-DeViL,php,webapps,0
29227,platforms/asp/webapps/29227.txt,"Vt-Forum Lite 1.3 - vf_info.asp StrMes Parameter Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0
29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 - vf_newtopic.asp IFRAME Element Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0
29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0
@ -26473,7 +26472,7 @@ id,file,description,date,author,platform,type,port
29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0
29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0
29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0
29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0
29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)",2007-01-11,shinnai,windows,dos,0
29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0
29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (Denial of Service)",2013-11-05,"Necmettin COSKUN",windows,dos,0
36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0
@ -27028,7 +27027,7 @@ id,file,description,date,author,platform,type,port
29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)",2007-03-21,"Barrie Dempster",multiple,dos,0
29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 - AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0
29903,platforms/php/webapps/29903.txt,"Ahhp Portal - 'page.php' Multiple Remote File Inclusion",2007-04-25,CodeXpLoder'tq,php,webapps,0
29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 - Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0
29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0
29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0
29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0
29907,platforms/php/webapps/29907.txt,"Comus 2.0 - Accept.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0
@ -27208,7 +27207,7 @@ id,file,description,date,author,platform,type,port
30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified Denial of Service",2007-06-26,anonymous,linux,dos,0
30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 - Large String Denial of Service",2007-06-27,35c666,windows,dos,0
30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0
30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 - setup.cgi Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0
30254,platforms/hardware/remote/30254.txt,"Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - setup.cgi Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0
30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0
30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0
30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0
@ -28426,7 +28425,7 @@ id,file,description,date,author,platform,type,port
31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui' Buffer Overflow (SEH)",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0
31525,platforms/php/webapps/31525.txt,"MyBB Extended Useradmininfo Plugin 1.2.1 - Cross-Site Scripting",2014-02-09,"Fikri Fadzil",php,webapps,80
31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80
31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0
31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection (2)",2008-03-25,U238,php,webapps,0
31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0
31534,platforms/windows/remote/31534.html,"LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0
31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0
@ -28465,7 +28464,7 @@ id,file,description,date,author,platform,type,port
31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0
31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0
31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0
31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80
31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B (ADSL Router) - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80
31570,platforms/php/webapps/31570.txt,"WordPress Plugin Frontend Upload - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80
31571,platforms/php/webapps/31571.txt,"WordPress Plugin BuddyPress 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80
32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0
@ -28649,7 +28648,7 @@ id,file,description,date,author,platform,type,port
31761,platforms/linux/dos/31761.txt,"Embedthis Goahead WebServer 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80
31762,platforms/windows/dos/31762.py,"Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",windows,dos,55555
31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000
31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - Cross-Site Request Forgery",2014-02-19,"Dhruv Shah",hardware,webapps,80
31764,platforms/hardware/webapps/31764.txt,"D-Link DIR-615 Hardware vE4 Firmware v5.10 - Cross-Site Request Forgery",2014-02-19,"Dhruv Shah",hardware,webapps,80
31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent Cross-Site Scripting",2014-02-19,Vulnerability-Lab,hardware,webapps,3378
31766,platforms/windows/local/31766.rb,"Audiotran - '.pls' Stack Buffer Overflow (Metasploit)",2014-02-19,Metasploit,windows,local,0
31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution (Metasploit)",2014-02-19,Metasploit,multiple,remote,80
@ -28769,7 +28768,7 @@ id,file,description,date,author,platform,type,port
31881,platforms/php/webapps/31881.txt,"PHP Address Book 3.1.5 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0
31882,platforms/php/webapps/31882.txt,"SamTodo 1.1 - 'tid' Parameter Cross-Site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0
31883,platforms/php/webapps/31883.txt,"SamTodo 1.1 - 'completed' Parameter Cross-Site Scripting",2008-06-05,"David Sopas Ferreira",php,webapps,0
31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 - Wireless-G Router Malformed HTTP Request Denial of Service",2008-06-05,dubingyao,hardware,dos,0
31884,platforms/hardware/dos/31884.txt,"Linksys WRH54G 1.1.3 - (Wireless-G Router) Malformed HTTP Request Denial of Service",2008-06-05,dubingyao,hardware,dos,0
31885,platforms/hardware/remote/31885.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/webyfiers.php css_exceptions Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0
31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0
31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal",2008-06-06,"Tan Chew Keong",linux,remote,0
@ -29231,7 +29230,7 @@ id,file,description,date,author,platform,type,port
32382,platforms/multiple/remote/32382.txt,"Accellion File Transfer Appliance Error Report Message - Open Email Relay",2008-09-15,"Eric Beaulieu",multiple,remote,0
32383,platforms/php/webapps/32383.txt,"phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0
32384,platforms/linux/dos/32384.txt,"Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service",2007-07-20,"Jens Axboe",linux,dos,0
32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery",2014-03-20,"Dhruv Shah",hardware,webapps,0
32385,platforms/hardware/webapps/32385.txt,"D-Link DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery",2014-03-20,"Dhruv Shah",hardware,webapps,0
32386,platforms/multiple/dos/32386.txt,"Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service",2008-09-16,"Luigi Auriemma",multiple,dos,0
32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection",2008-09-25,"David Sopas",php,webapps,0
32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0
@ -29490,7 +29489,7 @@ id,file,description,date,author,platform,type,port
32678,platforms/jsp/webapps/32678.txt,"Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0
32679,platforms/jsp/webapps/32679.txt,"Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0
32680,platforms/jsp/webapps/32680.txt,"Openfire 3.6.2 - 'log.jsp' Directory Traversal",2009-01-08,"Federico Muttis",jsp,webapps,0
32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 and HG-536 Routers - Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0
32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 / HG-536 Routers - Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0
32682,platforms/linux/dos/32682.c,"Linux Kernel 2.6.x - 'qdisc_run()' Local Denial of Service",2008-12-23,"Herbert Xu",linux,dos,0
32683,platforms/asp/webapps/32683.txt,"Mavi Emlak - 'newDetail.asp' SQL Injection",2008-12-29,"Sina Yazdanmehr",asp,webapps,0
32684,platforms/windows/remote/32684.c,"Microsoft Windows Media Player 9/10/11 - '.WAV' File Parsing Code Execution",2008-12-29,anonymous,windows,remote,0
@ -29747,8 +29746,8 @@ id,file,description,date,author,platform,type,port
32951,platforms/novell/dos/32951.py,"Recover Data for Novell Netware 1.0 - '.sav' Remote Denial of Service",2009-04-23,"AbdulAziz Hariri",novell,dos,0
32952,platforms/php/webapps/32952.txt,"CS Whois Lookup - 'ip' Parameter Remote Command Execution",2009-04-23,SirGod,php,webapps,0
32953,platforms/asp/webapps/32953.vbs,"PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection",2009-04-24,anonymous,asp,webapps,0
32954,platforms/hardware/remote/32954.txt,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities",2009-04-23,pagvac,hardware,remote,0
32955,platforms/hardware/remote/32955.js,"Linksys WVC54GCA 1.00R22/1.00R24 Wireless-G - Multiple Cross-Site Scripting Vulnerabilities",2009-04-25,pagvac,hardware,remote,0
32954,platforms/hardware/remote/32954.txt,"Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities",2009-04-23,pagvac,hardware,remote,0
32955,platforms/hardware/remote/32955.js,"Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Multiple Cross-Site Scripting Vulnerabilities",2009-04-25,pagvac,hardware,remote,0
32956,platforms/windows/dos/32956.py,"RealNetworks RealPlayer Gold 10.0 MP3 - File Handling Remote Denial of Service",2009-04-27,"Abdul-Aziz Hariri",windows,dos,0
32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0
32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0
@ -29844,7 +29843,7 @@ id,file,description,date,author,platform,type,port
33049,platforms/linux/dos/33049.txt,"LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-05-21,wololo,linux,dos,0
33050,platforms/windows/remote/33050.html,"Microsoft Internet Explorer 7/8 - HTML Attribute JavaScript URI SecURIty Bypass",2009-05-22,80vul,windows,remote,0
33051,platforms/cgi/remote/33051.txt,"Nagios 3.0.6 - 'statuswml.cgi' Arbitrary Shell Command Injection",2009-05-22,Paul,cgi,remote,0
33052,platforms/php/webapps/33052.txt,"Basic Analysis And Security Engine 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0
33052,platforms/php/webapps/33052.txt,"Basic Analysis and Security Engine (BASE) 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0
33053,platforms/linux/remote/33053.txt,"Samba 3.3.5 - Format String / Security Bypass",2009-05-19,"Jeremy Allison",linux,remote,0
33054,platforms/hardware/remote/33054.txt,"Cisco Adaptive Security Appliance 8.x - Web VPN FTP or CIFS Authentication Form Phishing",2009-05-24,"David Byrne",hardware,remote,0
33055,platforms/hardware/remote/33055.html,"Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-Site Scripting",2009-05-24,"Trustwave's SpiderLabs",hardware,remote,0
@ -30250,7 +30249,7 @@ id,file,description,date,author,platform,type,port
33516,platforms/linux/local/33516.c,"Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation",2014-05-26,"Matthew Daley",linux,local,0
33518,platforms/hardware/webapps/33518.txt,"ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80
33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' Null Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0
33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80
33520,platforms/hardware/webapps/33520.txt,"Multiple D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80
33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload (Metasploit)",2014-05-26,Metasploit,multiple,remote,9855
33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Directory Traversal",2010-02-08,Markot,windows,remote,0
33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0
@ -30431,7 +30430,7 @@ id,file,description,date,author,platform,type,port
33734,platforms/php/webapps/33734.txt,"DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting",2010-03-10,ITSecTeam,php,webapps,0
33735,platforms/multiple/dos/33735.txt,"SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities",2010-03-10,"Luka Milkovic",multiple,dos,0
33736,platforms/aix/webapps/33736.php,"Plesk 10.4.4/11.0.9 - SSO XXE / Cross-Site Scripting Injection",2014-06-13,"BLacK ZeRo",aix,webapps,0
33737,platforms/hardware/dos/33737.py,"ZTE and TP-Link RomPager - Denial of Service",2014-06-13,"Osanda Malith",hardware,dos,0
33737,platforms/hardware/dos/33737.py,"ZTE / TP-Link RomPager - Denial of Service",2014-06-13,"Osanda Malith",hardware,dos,0
33760,platforms/multiple/webapps/33760.txt,"Multiple Products - 'banner.swf' Cross-Site Scripting",2010-03-15,MustLive,multiple,webapps,0
33761,platforms/asp/webapps/33761.txt,"Pars CMS - 'RP' Parameter Multiple SQL Injection",2010-03-15,Isfahan,asp,webapps,0
33739,platforms/hardware/remote/33739.txt,"Yealink VoIP Phone SIP-T38G - Default Credentials",2014-06-13,Mr.Un1k0d3r,hardware,remote,0
@ -30765,7 +30764,7 @@ id,file,description,date,author,platform,type,port
34090,platforms/multiple/dos/34090.py,"Node Browserify 4.2.0 - Remote Code Execution",2014-07-16,"Cal Leeming",multiple,dos,0
34091,platforms/php/webapps/34091.txt,"Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0
34092,platforms/jsp/webapps/34092.txt,"JForum 2.1.8 - 'bookmarks' Module Multiple HTML Injection Vulnerabilities",2010-06-06,"Adam Baldwin",jsp,webapps,0
34093,platforms/windows/dos/34093.txt,"EA Battlefield 2 1.41 and Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities",2010-06-07,"Francis Lavoie-Renaud",windows,dos,0
34093,platforms/windows/dos/34093.txt,"EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities",2010-06-07,"Francis Lavoie-Renaud",windows,dos,0
34094,platforms/windows/dos/34094.pl,"Aqua Real Screensaver - '.ar' Buffer Overflow",2010-01-15,R3d-D3V!L,windows,dos,0
34095,platforms/php/webapps/34095.txt,"PonVFTP - 'login.php' SQL Injection",2010-01-15,S2K9,php,webapps,0
34096,platforms/php/webapps/34096.txt,"CuteSITE CMS 1.x - manage/add_user.php user_id Parameter SQL Injection",2010-06-06,"High-Tech Bridge SA",php,webapps,0
@ -30850,7 +30849,7 @@ id,file,description,date,author,platform,type,port
34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0
34200,platforms/hardware/remote/34200.txt,"Cisco Adaptive Security Response - HTTP Response Splitting",2010-06-25,"Daniel King",hardware,remote,0
34201,platforms/linux/remote/34201.txt,"feh 1.7 - '--wget-Timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0
34203,platforms/hardware/dos/34203.txt,"Dlink DWR-113 Rev. Ax - Cross-Site Request Forgery / Denial of Service",2014-07-30,"Blessen Thomas",hardware,dos,0
34203,platforms/hardware/dos/34203.txt,"D-Link DWR-113 Rev. Ax - Cross-Site Request Forgery / Denial of Service",2014-07-30,"Blessen Thomas",hardware,dos,0
34204,platforms/php/webapps/34204.html,"SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2014-07-30,LiquidWorm,php,webapps,80
34205,platforms/php/webapps/34205.py,"SkaDate Lite 2.0 - Remote Code Execution",2014-07-30,LiquidWorm,php,webapps,80
34206,platforms/hardware/webapps/34206.txt,"D-Link AP 3200 - Multiple Vulnerabilities",2014-07-30,pws,hardware,webapps,80
@ -30884,7 +30883,7 @@ id,file,description,date,author,platform,type,port
34234,platforms/php/webapps/34234.txt,"Flatnux 2010-06.09 - 'find' Parameter Cross-Site Scripting",2010-07-01,ITSecTeam,php,webapps,0
34235,platforms/php/webapps/34235.txt,"Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection",2010-07-01,"John Leitch",php,webapps,0
34236,platforms/php/webapps/34236.txt,"ReCMS - 'users_lang' Parameter Directory Traversal",2010-07-01,Locu,php,webapps,0
34237,platforms/multiple/webapps/34237.txt,"Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting",2010-07-02,"Marcos Garcia and Maximiliano Soler",multiple,webapps,0
34237,platforms/multiple/webapps/34237.txt,"Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)",2010-07-02,"Marcos Garcia and Maximiliano Soler",multiple,webapps,0
34238,platforms/php/webapps/34238.txt,"Sphider Search Engine - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80
34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80
34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080
@ -31107,7 +31106,7 @@ id,file,description,date,author,platform,type,port
34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0
34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0
34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0
40339,platforms/linux/remote/40339.py,"glibc - getaddrinfo Stack Based Buffer Overflow",2016-09-06,SpeeDr00t,linux,remote,0
40339,platforms/linux/remote/40339.py,"glibc - getaddrinfo Stack Based Buffer Overflow (2)",2016-09-06,SpeeDr00t,linux,remote,0
34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0
34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0
34484,platforms/php/webapps/34484.txt,"Joomla! Component com_dirfrm - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0
@ -33571,7 +33570,7 @@ id,file,description,date,author,platform,type,port
37138,platforms/php/webapps/37138.txt,"Ramui Forum Script - 'query' Parameter Cross-Site Scripting",2012-05-07,3spi0n,php,webapps,0
37139,platforms/php/webapps/37139.txt,"JibberBook 2.3 - 'Login_form.php' Authentication Bypass",2012-05-07,L3b-r1'z,php,webapps,0
37140,platforms/php/webapps/37140.html,"PHP Enter 4.1.2 - 'banners.php' PHP Code Injection",2012-05-08,L3b-r1'z,php,webapps,0
37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL Wireless Router - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0
37141,platforms/hardware/remote/37141.txt,"Linksys WRT54GL (Wireless Router) - Cross-Site Request Forgery",2012-05-08,Kalashinkov3,hardware,remote,0
37142,platforms/php/webapps/37142.txt,"OrangeHRM 2.7 RC - plugins/ajaxCalls/haltResumeHsp.php hspSummaryId Parameter SQL Injection",2012-05-09,"High-Tech Bridge SA",php,webapps,0
37143,platforms/php/webapps/37143.txt,"OrangeHRM 2.7 RC - plugins/ajaxCalls/haltResumeHsp.php newHspStatus Parameter Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0
37144,platforms/php/webapps/37144.txt,"OrangeHRM 2.7 RC - templates/hrfunct/emppop.php sortOrder1 Parameter Cross-Site Scripting",2012-05-09,"High-Tech Bridge SA",php,webapps,0
@ -33825,7 +33824,7 @@ id,file,description,date,author,platform,type,port
37423,platforms/php/webapps/37423.txt,"DedeCMS < 5.7-sp1 - Remote File Inclusion",2015-06-29,zise,php,webapps,0
37424,platforms/hardware/webapps/37424.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0
37425,platforms/hardware/webapps/37425.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Change",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0
37426,platforms/cgi/remote/37426.py,"Endian Firewall < 3.0.0 - OS Command Injection (Python PoC)",2015-06-29,"Ben Lincoln",cgi,remote,0
37426,platforms/cgi/remote/37426.py,"Endian Firewall < 3.0.0 - OS Command Injection (Python) (PoC)",2015-06-29,"Ben Lincoln",cgi,remote,0
37427,platforms/lin_x86-64/shellcode/37427.txt,"Linux/x86-64 - encoded execve Shellcode (57 bytes)",2015-06-29,"Bill Borskey",lin_x86-64,shellcode,0
37428,platforms/cgi/remote/37428.txt,"Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)",2015-06-29,"Ben Lincoln",cgi,remote,0
37430,platforms/php/webapps/37430.txt,"CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0
@ -33910,7 +33909,7 @@ id,file,description,date,author,platform,type,port
37513,platforms/hardware/remote/37513.txt,"Barracuda SSL VPN - fileSystem.do Multiple Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0
37514,platforms/php/webapps/37514.txt,"WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80
37515,platforms/php/webapps/37515.txt,"phpLiteAdmin 1.1 - Multiple Vulnerabilities",2015-07-07,hyp3rlinx,php,webapps,80
37516,platforms/hardware/webapps/37516.txt,"Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0
37516,platforms/hardware/webapps/37516.txt,"D-Link DSL-2750u / DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0
37517,platforms/hardware/dos/37517.pl,"INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service",2015-07-07,"Todor Donev",hardware,dos,1900
37518,platforms/multiple/dos/37518.html,"Arora Browser - Remote Denial of Service",2012-07-18,t3rm!n4t0r,multiple,dos,0
37519,platforms/php/webapps/37519.txt,"Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0
@ -34233,8 +34232,8 @@ id,file,description,date,author,platform,type,port
37853,platforms/windows/dos/37853.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (1)",2015-08-19,"Google Security Research",windows,dos,0
37854,platforms/windows/dos/37854.txt,"Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0
37855,platforms/multiple/dos/37855.txt,"Adobe Flash - Setting Value Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0
37856,platforms/windows/dos/37856.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated .SWF File (1)",2015-08-19,"Google Security Research",windows,dos,0
37857,platforms/windows/dos/37857.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated .SWF File (2)",2015-08-19,"Google Security Research",windows,dos,0
37856,platforms/windows/dos/37856.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (1)",2015-08-19,"Google Security Research",windows,dos,0
37857,platforms/windows/dos/37857.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (2)",2015-08-19,"Google Security Research",windows,dos,0
37858,platforms/windows/dos/37858.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF",2015-08-19,"Google Security Research",windows,dos,0
37859,platforms/multiple/dos/37859.txt,"Adobe Flash - XML.childNodes Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0
37860,platforms/windows/dos/37860.txt,"Adobe Flash AS2 - Color.setRGB Use-After-Free",2015-08-19,bilou,windows,dos,0
@ -35020,7 +35019,7 @@ id,file,description,date,author,platform,type,port
38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite (SEH) Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0
38705,platforms/windows/dos/38705.py,"Sam Spade 1.14 - Browse URL Buffer Overflow (PoC)",2015-11-16,"Nipun Jaswal",windows,dos,0
38706,platforms/multiple/webapps/38706.txt,"VideoLAN VLC Media Player Web Interface 2.2.1 - Metadata Title Cross-Site Scripting",2015-11-16,"Andrea Sindoni",multiple,webapps,0
38707,platforms/hardware/webapps/38707.txt,"D-Link Wireless Router DIR-816L - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0
38707,platforms/hardware/webapps/38707.txt,"D-Link DIR-816L (Wireless Router) - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0
38708,platforms/lin_x86-64/shellcode/38708.asm,"Linux/x86-64 - egghunter Shellcode (24 bytes)",2015-11-16,d4sh&r,lin_x86-64,shellcode,0
38709,platforms/php/webapps/38709.txt,"MCImageManager - Multiple Security Vulnerabilities",2013-07-16,MustLive,php,webapps,0
38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - '.pls' / '.m3u' / '.m3u8' Local Crash (PoC)",2015-11-16,"Antonio Z.",windows,dos,0
@ -35620,7 +35619,7 @@ id,file,description,date,author,platform,type,port
39328,platforms/android/remote/39328.rb,"Android ADB Debug Server - Remote Payload Execution (Metasploit)",2016-01-26,Metasploit,android,remote,5555
39329,platforms/windows/dos/39329.py,"InfraRecorder - '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0
39330,platforms/windows/dos/39330.txt,"Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0
39331,platforms/windows/dos/39331.pl,"TFTPD32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0
39331,platforms/windows/dos/39331.pl,"TFTPD32 / Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0
39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848
39332,platforms/php/webapps/39332.txt,"Wiser Backup - Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0
39333,platforms/php/webapps/39333.html,"WordPress Theme Elegance - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0
@ -35692,7 +35691,7 @@ id,file,description,date,author,platform,type,port
39406,platforms/linux/dos/39406.py,"yTree 1.94-1.1 - Local Buffer Overflow",2016-02-03,"Juan Sacco",linux,dos,0
39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Persistent Cross-Site Scripting",2016-02-03,Portcullis,hardware,webapps,0
39408,platforms/hardware/webapps/39408.txt,"GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0
39409,platforms/hardware/webapps/39409.txt,"DLink DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0
39409,platforms/hardware/webapps/39409.txt,"D-Link DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0
39410,platforms/php/webapps/39410.txt,"WordPress Plugin User Meta Manager 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80
39411,platforms/php/webapps/39411.txt,"WordPress Plugin User Meta Manager 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80
39412,platforms/hardware/webapps/39412.txt,"NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",hardware,webapps,0
@ -35734,7 +35733,7 @@ id,file,description,date,author,platform,type,port
39451,platforms/php/webapps/39451.txt,"WordPress Plugin ALO EasyMail NewsLetter 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80
39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0
39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / Cross-Site Request Forgery",2016-02-16,hyp3rlinx,php,webapps,0
39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0
39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack Based Buffer Overflow (1)",2016-02-16,"Google Security Research",linux,dos,0
39456,platforms/multiple/webapps/39456.rb,"JMX2 Email Tester - 'save_email.php' Arbitrary File Upload",2016-02-17,HaHwul,multiple,webapps,0
39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80
39458,platforms/php/webapps/39458.txt,"OCS Inventory NG 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0

Can't render this file because it is too large.

33
platforms/java/webapps/40384.txt
View file

@ -1,33 +0,0 @@
Apache Mina 2.0.13 - Remote Command Execution
Abstract
Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this expression is executed when the method “find” is called. This class seems to be only used in the JMX MINA component “IoServiceMBean”. When the IOServiceMBean is exposed trough JMX it is possible to abuse the function to execute an arbitrary command on the server.
Description
The function “find” in the “IoSessionFinder” class executes an arbitrary OGNL expression (Ognl.getValue(….)) defined in its constructor.
Conclusion
This vulnerability shows that Expression languages vulnerabilities are still present in Java libraries and can have a big impact even if it is in this case the vulnerability can only exploited in specific conditions.
Regarding the fix, the Apache Mina team didn't request a CVE neither acknowledged the vulnerability but I confirm that the vulnerability is fixed is the last version.
Timelines
30/03/2016: First email to disclose the vulnerability to the Apache Security Team
31/03/2016: Acknowledgment from the Apache Mina team for the email reception and saying the vulnerability is under investigation
21/05/2016: Email from the Apache Mina saying that they look for possible remediations
12/08/2016: Email from the Apache Mina suggesting a solution
29/08/2016: Email from my side saying that the remediation looks good
30/08/2016: Apache Mina team published the new version fixing the issue.
PS: I have included two archives containing the two proofs of concept.
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40384.zip